Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ilivid pops up in new tab


  • Please log in to reply
10 replies to this topic

#1 ChrissyToph

ChrissyToph

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:44 AM

Posted 25 July 2012 - 07:39 AM

Hi there,

Whilst I was browsing on Firefox, this new tab pops up even though I haven't clicked on anything and it takes me to a page that asks me if I want to download Ilivid Video download. Have I got Malware and, if so, could someone please help me get rid of it? Thanks in advance for any help!

Kind regards,
Chrissy

P.S: I'm using Windows 7 and pretty sure I have the latest version of Firefox

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:44 AM

Posted 25 July 2012 - 07:45 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Eric Bennett

Eric Bennett

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Granby, MA (United States)
  • Local time:12:44 AM

Posted 25 July 2012 - 08:28 AM

ChrissyToph,

Go to: "about:support" in the address bar, then click "Reset Firefox"

Then run a scan with Hitman Pro. Report results.

Regards,
Eric Bennett
(ebthepcguy)

Eric Bennett (ebthepcguy) | Helping People One Post At A Time | YouTube Twitter Facebook Email me | Forum Rules Homepage | My Profile


#4 ChrissyToph

ChrissyToph
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:44 AM

Posted 25 July 2012 - 10:53 AM

Hi, thanks for the fast responses!

@narenx:

Here's the logs:

TDSSkiller log:


13:48:42.0218 1060 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:48:42.0378 1060 ============================================================
13:48:42.0378 1060 Current date / time: 2012/07/25 13:48:42.0378
13:48:42.0378 1060 SystemInfo:
13:48:42.0378 1060
13:48:42.0378 1060 OS Version: 6.1.7601 ServicePack: 1.0
13:48:42.0378 1060 Product type: Workstation
13:48:42.0378 1060 ComputerName: WIN-PC
13:48:42.0378 1060 UserName: Win
13:48:42.0378 1060 Windows directory: C:\windows
13:48:42.0378 1060 System windows directory: C:\windows
13:48:42.0378 1060 Running under WOW64
13:48:42.0378 1060 Processor architecture: Intel x64
13:48:42.0378 1060 Number of processors: 4
13:48:42.0378 1060 Page size: 0x1000
13:48:42.0378 1060 Boot type: Normal boot
13:48:42.0378 1060 ============================================================
13:48:43.0009 1060 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:48:43.0013 1060 ============================================================
13:48:43.0013 1060 \Device\Harddisk0\DR0:
13:48:43.0013 1060 MBR partitions:
13:48:43.0013 1060 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
13:48:43.0013 1060 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x1DADC830
13:48:43.0036 1060 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1F85C000, BlocksNum 0x1AB29800
13:48:43.0036 1060 ============================================================
13:48:43.0073 1060 C: <-> \Device\Harddisk0\DR0\Partition1
13:48:43.0142 1060 E: <-> \Device\Harddisk0\DR0\Partition2
13:48:43.0142 1060 ============================================================
13:48:43.0142 1060 Initialize success
13:48:43.0142 1060 ============================================================
13:48:59.0802 5528 ============================================================
13:48:59.0802 5528 Scan started
13:48:59.0802 5528 Mode: Manual; TDLFS;
13:48:59.0802 5528 ============================================================
13:49:00.0304 5528 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
13:49:00.0318 5528 1394ohci - ok
13:49:00.0394 5528 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
13:49:00.0400 5528 ACPI - ok
13:49:00.0416 5528 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
13:49:00.0419 5528 AcpiPmi - ok
13:49:00.0526 5528 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
13:49:00.0526 5528 Adobe LM Service - ok
13:49:00.0649 5528 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:49:00.0650 5528 AdobeARMservice - ok
13:49:00.0892 5528 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:49:00.0896 5528 AdobeFlashPlayerUpdateSvc - ok
13:49:00.0995 5528 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
13:49:01.0038 5528 adp94xx - ok
13:49:01.0106 5528 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
13:49:01.0122 5528 adpahci - ok
13:49:01.0170 5528 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
13:49:01.0177 5528 adpu320 - ok
13:49:01.0215 5528 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
13:49:01.0228 5528 AeLookupSvc - ok
13:49:01.0339 5528 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
13:49:01.0341 5528 AESTFilters - ok
13:49:01.0455 5528 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
13:49:01.0465 5528 AFD - ok
13:49:01.0527 5528 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
13:49:01.0533 5528 agp440 - ok
13:49:01.0570 5528 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
13:49:01.0583 5528 ALG - ok
13:49:01.0627 5528 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
13:49:01.0633 5528 aliide - ok
13:49:01.0637 5528 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
13:49:01.0645 5528 amdide - ok
13:49:01.0658 5528 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
13:49:01.0664 5528 AmdK8 - ok
13:49:01.0671 5528 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
13:49:01.0677 5528 AmdPPM - ok
13:49:01.0721 5528 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
13:49:01.0741 5528 amdsata - ok
13:49:01.0769 5528 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
13:49:01.0781 5528 amdsbs - ok
13:49:01.0818 5528 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
13:49:01.0821 5528 amdxata - ok
13:49:01.0916 5528 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:49:01.0917 5528 AntiVirSchedulerService - ok
13:49:01.0954 5528 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:49:01.0955 5528 AntiVirService - ok
13:49:02.0059 5528 ApfiltrService (24ed0eb2b2558970176ecee680f8f806) C:\windows\system32\DRIVERS\Apfiltr.sys
13:49:02.0065 5528 ApfiltrService - ok
13:49:02.0126 5528 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
13:49:02.0139 5528 AppID - ok
13:49:02.0176 5528 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
13:49:02.0181 5528 AppIDSvc - ok
13:49:02.0206 5528 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
13:49:02.0221 5528 Appinfo - ok
13:49:02.0365 5528 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:49:02.0367 5528 Apple Mobile Device - ok
13:49:02.0390 5528 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
13:49:02.0404 5528 arc - ok
13:49:02.0415 5528 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
13:49:02.0421 5528 arcsas - ok
13:49:02.0535 5528 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:49:02.0540 5528 aspnet_state - ok
13:49:02.0559 5528 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
13:49:02.0562 5528 AsyncMac - ok
13:49:02.0584 5528 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
13:49:02.0588 5528 atapi - ok
13:49:02.0671 5528 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
13:49:02.0676 5528 AudioEndpointBuilder - ok
13:49:02.0682 5528 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
13:49:02.0685 5528 AudioSrv - ok
13:49:02.0757 5528 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\windows\system32\DRIVERS\avgntflt.sys
13:49:02.0769 5528 avgntflt - ok
13:49:02.0816 5528 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\windows\system32\DRIVERS\avipbb.sys
13:49:02.0822 5528 avipbb - ok
13:49:02.0839 5528 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\windows\system32\DRIVERS\avkmgr.sys
13:49:02.0842 5528 avkmgr - ok
13:49:02.0889 5528 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
13:49:02.0895 5528 AxInstSV - ok
13:49:02.0979 5528 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
13:49:02.0998 5528 b06bdrv - ok
13:49:03.0076 5528 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
13:49:03.0102 5528 b57nd60a - ok
13:49:03.0306 5528 bbtest_svc (8c80e881b57d1ad8ce8aede454e9695b) C:\Program Files (x86)\Broadband Test Application\BroadbandTestApp.exe
13:49:03.0310 5528 bbtest_svc - ok
13:49:03.0355 5528 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
13:49:03.0376 5528 BDESVC - ok
13:49:03.0408 5528 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
13:49:03.0410 5528 Beep - ok
13:49:03.0516 5528 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
13:49:03.0523 5528 BFE - ok
13:49:03.0628 5528 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
13:49:03.0641 5528 BITS - ok
13:49:03.0699 5528 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
13:49:03.0710 5528 blbdrive - ok
13:49:03.0882 5528 Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
13:49:03.0890 5528 Bluetooth Device Monitor - ok
13:49:03.0981 5528 Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
13:49:04.0000 5528 Bluetooth Media Service - ok
13:49:04.0118 5528 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:49:04.0122 5528 Bonjour Service - ok
13:49:04.0232 5528 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
13:49:04.0248 5528 bowser - ok
13:49:04.0275 5528 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
13:49:04.0278 5528 BrFiltLo - ok
13:49:04.0280 5528 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
13:49:04.0283 5528 BrFiltUp - ok
13:49:04.0324 5528 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
13:49:04.0332 5528 Browser - ok
13:49:04.0366 5528 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
13:49:04.0387 5528 Brserid - ok
13:49:04.0393 5528 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
13:49:04.0397 5528 BrSerWdm - ok
13:49:04.0400 5528 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
13:49:04.0403 5528 BrUsbMdm - ok
13:49:04.0419 5528 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
13:49:04.0422 5528 BrUsbSer - ok
13:49:04.0482 5528 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
13:49:04.0492 5528 BthEnum - ok
13:49:04.0505 5528 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
13:49:04.0512 5528 BTHMODEM - ok
13:49:04.0531 5528 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
13:49:04.0532 5528 BthPan - ok
13:49:04.0607 5528 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
13:49:04.0623 5528 BTHPORT - ok
13:49:04.0648 5528 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
13:49:04.0652 5528 bthserv - ok
13:49:04.0674 5528 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
13:49:04.0679 5528 BTHUSB - ok
13:49:04.0732 5528 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\windows\system32\DRIVERS\btmaux.sys
13:49:04.0744 5528 btmaux - ok
13:49:04.0782 5528 btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\windows\system32\DRIVERS\btmhsf.sys
13:49:04.0802 5528 btmhsf - ok
13:49:04.0839 5528 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
13:49:04.0850 5528 cdfs - ok
13:49:04.0882 5528 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
13:49:04.0901 5528 cdrom - ok
13:49:04.0936 5528 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
13:49:04.0941 5528 CertPropSvc - ok
13:49:04.0964 5528 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
13:49:04.0975 5528 circlass - ok
13:49:05.0023 5528 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
13:49:05.0026 5528 CLFS - ok
13:49:05.0122 5528 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:49:05.0138 5528 clr_optimization_v2.0.50727_32 - ok
13:49:05.0207 5528 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:49:05.0221 5528 clr_optimization_v2.0.50727_64 - ok
13:49:05.0330 5528 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:49:05.0333 5528 clr_optimization_v4.0.30319_32 - ok
13:49:05.0404 5528 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:49:05.0407 5528 clr_optimization_v4.0.30319_64 - ok
13:49:05.0471 5528 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
13:49:05.0478 5528 CmBatt - ok
13:49:05.0515 5528 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
13:49:05.0519 5528 cmdide - ok
13:49:05.0610 5528 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
13:49:05.0636 5528 CNG - ok
13:49:05.0674 5528 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
13:49:05.0678 5528 Compbatt - ok
13:49:05.0700 5528 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
13:49:05.0705 5528 CompositeBus - ok
13:49:05.0717 5528 COMSysApp - ok
13:49:05.0740 5528 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
13:49:05.0748 5528 crcdisk - ok
13:49:05.0787 5528 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
13:49:05.0788 5528 CryptSvc - ok
13:49:05.0866 5528 CtClsFlt (df214bff646880d0eb31bdc86136b29b) C:\windows\system32\DRIVERS\CtClsFlt.sys
13:49:05.0893 5528 CtClsFlt - ok
13:49:05.0963 5528 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
13:49:05.0969 5528 DcomLaunch - ok
13:49:06.0015 5528 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
13:49:06.0033 5528 defragsvc - ok
13:49:06.0072 5528 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
13:49:06.0092 5528 DfsC - ok
13:49:06.0144 5528 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
13:49:06.0150 5528 Dhcp - ok
13:49:06.0165 5528 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
13:49:06.0168 5528 discache - ok
13:49:06.0194 5528 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
13:49:06.0198 5528 Disk - ok
13:49:06.0231 5528 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
13:49:06.0252 5528 Dnscache - ok
13:49:06.0292 5528 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
13:49:06.0313 5528 dot3svc - ok
13:49:06.0352 5528 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
13:49:06.0357 5528 DPS - ok
13:49:06.0389 5528 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
13:49:06.0395 5528 drmkaud - ok
13:49:06.0482 5528 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
13:49:06.0504 5528 DXGKrnl - ok
13:49:06.0537 5528 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
13:49:06.0541 5528 EapHost - ok
13:49:06.0763 5528 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
13:49:06.0869 5528 ebdrv - ok
13:49:07.0009 5528 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
13:49:07.0012 5528 EFS - ok
13:49:07.0131 5528 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
13:49:07.0190 5528 ehRecvr - ok
13:49:07.0225 5528 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
13:49:07.0243 5528 ehSched - ok
13:49:07.0347 5528 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
13:49:07.0382 5528 elxstor - ok
13:49:07.0392 5528 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
13:49:07.0395 5528 ErrDev - ok
13:49:07.0485 5528 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
13:49:07.0509 5528 EventSystem - ok
13:49:07.0702 5528 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:49:07.0744 5528 EvtEng - ok
13:49:07.0897 5528 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
13:49:07.0915 5528 exfat - ok
13:49:07.0951 5528 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
13:49:07.0978 5528 fastfat - ok
13:49:08.0070 5528 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
13:49:08.0085 5528 Fax - ok
13:49:08.0110 5528 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
13:49:08.0118 5528 fdc - ok
13:49:08.0153 5528 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
13:49:08.0157 5528 fdPHost - ok
13:49:08.0169 5528 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
13:49:08.0173 5528 FDResPub - ok
13:49:08.0181 5528 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
13:49:08.0185 5528 FileInfo - ok
13:49:08.0192 5528 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
13:49:08.0195 5528 Filetrace - ok
13:49:08.0199 5528 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
13:49:08.0203 5528 flpydisk - ok
13:49:08.0244 5528 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
13:49:08.0261 5528 FltMgr - ok
13:49:08.0373 5528 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
13:49:08.0390 5528 FontCache - ok
13:49:08.0476 5528 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:49:08.0477 5528 FontCache3.0.0.0 - ok
13:49:08.0548 5528 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
13:49:08.0561 5528 FsDepends - ok
13:49:08.0604 5528 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
13:49:08.0607 5528 Fs_Rec - ok
13:49:08.0645 5528 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
13:49:08.0662 5528 fvevol - ok
13:49:08.0671 5528 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
13:49:08.0676 5528 gagp30kx - ok
13:49:08.0713 5528 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
13:49:08.0721 5528 GEARAspiWDM - ok
13:49:08.0833 5528 GfK-Reporting-Service (3a96bcb83135bd03fe400f53273b79b1) C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
13:49:08.0835 5528 GfK-Reporting-Service - ok
13:49:08.0879 5528 GfK-Update-Service (96ecad9ff4d8636b54f7a2b2713c2432) C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
13:49:08.0881 5528 GfK-Update-Service - ok
13:49:08.0977 5528 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
13:49:08.0990 5528 gpsvc - ok
13:49:09.0046 5528 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
13:49:09.0050 5528 hcw85cir - ok
13:49:09.0122 5528 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
13:49:09.0156 5528 HdAudAddService - ok
13:49:09.0189 5528 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
13:49:09.0189 5528 HDAudBus - ok
13:49:09.0193 5528 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
13:49:09.0196 5528 HidBatt - ok
13:49:09.0206 5528 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
13:49:09.0211 5528 HidBth - ok
13:49:09.0217 5528 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
13:49:09.0221 5528 HidIr - ok
13:49:09.0236 5528 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
13:49:09.0240 5528 hidserv - ok
13:49:09.0284 5528 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
13:49:09.0288 5528 HidUsb - ok
13:49:09.0328 5528 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
13:49:09.0332 5528 hkmsvc - ok
13:49:09.0365 5528 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
13:49:09.0400 5528 HomeGroupListener - ok
13:49:09.0436 5528 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
13:49:09.0443 5528 HomeGroupProvider - ok
13:49:09.0469 5528 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
13:49:09.0478 5528 HpSAMD - ok
13:49:09.0541 5528 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
13:49:09.0574 5528 HTTP - ok
13:49:09.0588 5528 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
13:49:09.0593 5528 hwpolicy - ok
13:49:09.0612 5528 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
13:49:09.0619 5528 i8042prt - ok
13:49:09.0682 5528 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\windows\system32\DRIVERS\iaStor.sys
13:49:09.0685 5528 iaStor - ok
13:49:09.0780 5528 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:49:09.0780 5528 IAStorDataMgrSvc - ok
13:49:09.0850 5528 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
13:49:09.0865 5528 iaStorV - ok
13:49:09.0901 5528 iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\windows\system32\DRIVERS\iBtFltCoex.sys
13:49:09.0905 5528 iBtFltCoex - ok
13:49:10.0044 5528 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:49:10.0075 5528 idsvc - ok
13:49:10.0811 5528 igfx (174bcac474de13b2650e444cf124828e) C:\windows\system32\DRIVERS\igdkmd64.sys
13:49:11.0125 5528 igfx - ok
13:49:11.0298 5528 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
13:49:11.0303 5528 iirsp - ok
13:49:11.0389 5528 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
13:49:11.0404 5528 IKEEXT - ok
13:49:11.0461 5528 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\windows\system32\drivers\intelaud.sys
13:49:11.0470 5528 intaud_WaveExtensible - ok
13:49:11.0536 5528 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
13:49:11.0550 5528 IntcDAud - ok
13:49:11.0553 5528 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
13:49:11.0557 5528 intelide - ok
13:49:11.0597 5528 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
13:49:11.0597 5528 intelppm - ok
13:49:11.0622 5528 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
13:49:11.0643 5528 IPBusEnum - ok
13:49:11.0656 5528 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
13:49:11.0661 5528 IpFilterDriver - ok
13:49:11.0734 5528 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
13:49:11.0765 5528 iphlpsvc - ok
13:49:11.0790 5528 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
13:49:11.0795 5528 IPMIDRV - ok
13:49:11.0810 5528 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
13:49:11.0815 5528 IPNAT - ok
13:49:12.0036 5528 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
13:49:12.0041 5528 iPod Service - ok
13:49:12.0101 5528 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
13:49:12.0104 5528 IRENUM - ok
13:49:12.0109 5528 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
13:49:12.0113 5528 isapnp - ok
13:49:12.0188 5528 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
13:49:12.0229 5528 iScsiPrt - ok
13:49:12.0285 5528 iwdbus (716f66336f10885d935b08174dc54242) C:\windows\system32\DRIVERS\iwdbus.sys
13:49:12.0290 5528 iwdbus - ok
13:49:12.0319 5528 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
13:49:12.0324 5528 kbdclass - ok
13:49:12.0330 5528 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
13:49:12.0334 5528 kbdhid - ok
13:49:12.0401 5528 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
13:49:12.0402 5528 KeyIso - ok
13:49:12.0455 5528 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
13:49:12.0462 5528 KSecDD - ok
13:49:12.0535 5528 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
13:49:12.0542 5528 KSecPkg - ok
13:49:12.0566 5528 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
13:49:12.0569 5528 ksthunk - ok
13:49:12.0639 5528 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
13:49:12.0704 5528 KtmRm - ok
13:49:12.0769 5528 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
13:49:12.0777 5528 LanmanServer - ok
13:49:12.0839 5528 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
13:49:12.0852 5528 LanmanWorkstation - ok
13:49:12.0887 5528 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
13:49:12.0892 5528 lltdio - ok
13:49:12.0946 5528 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
13:49:12.0971 5528 lltdsvc - ok
13:49:12.0984 5528 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
13:49:12.0985 5528 lmhosts - ok
13:49:13.0108 5528 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:49:13.0110 5528 LMS - ok
13:49:13.0146 5528 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
13:49:13.0154 5528 LSI_FC - ok
13:49:13.0176 5528 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
13:49:13.0181 5528 LSI_SAS - ok
13:49:13.0191 5528 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
13:49:13.0195 5528 LSI_SAS2 - ok
13:49:13.0205 5528 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
13:49:13.0211 5528 LSI_SCSI - ok
13:49:13.0244 5528 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
13:49:13.0250 5528 luafv - ok
13:49:13.0290 5528 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
13:49:13.0297 5528 Mcx2Svc - ok
13:49:13.0434 5528 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
13:49:13.0435 5528 MDM - ok
13:49:13.0440 5528 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
13:49:13.0446 5528 megasas - ok
13:49:13.0489 5528 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
13:49:13.0505 5528 MegaSR - ok
13:49:13.0582 5528 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys
13:49:13.0585 5528 MEIx64 - ok
13:49:13.0660 5528 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
13:49:13.0680 5528 MMCSS - ok
13:49:13.0685 5528 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
13:49:13.0691 5528 Modem - ok
13:49:13.0716 5528 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
13:49:13.0716 5528 monitor - ok
13:49:13.0731 5528 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
13:49:13.0735 5528 mouclass - ok
13:49:13.0755 5528 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
13:49:13.0760 5528 mouhid - ok
13:49:13.0790 5528 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
13:49:13.0796 5528 mountmgr - ok
13:49:13.0873 5528 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:49:13.0898 5528 MozillaMaintenance - ok
13:49:13.0932 5528 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
13:49:13.0939 5528 mpio - ok
13:49:13.0947 5528 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
13:49:13.0951 5528 mpsdrv - ok
13:49:14.0075 5528 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
13:49:14.0092 5528 MpsSvc - ok
13:49:14.0108 5528 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
13:49:14.0115 5528 MRxDAV - ok
13:49:14.0157 5528 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
13:49:14.0183 5528 mrxsmb - ok
13:49:14.0226 5528 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
13:49:14.0243 5528 mrxsmb10 - ok
13:49:14.0264 5528 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
13:49:14.0273 5528 mrxsmb20 - ok
13:49:14.0292 5528 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
13:49:14.0296 5528 msahci - ok
13:49:14.0311 5528 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
13:49:14.0318 5528 msdsm - ok
13:49:14.0350 5528 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
13:49:14.0364 5528 MSDTC - ok
13:49:14.0385 5528 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
13:49:14.0388 5528 Msfs - ok
13:49:14.0391 5528 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
13:49:14.0394 5528 mshidkmdf - ok
13:49:14.0406 5528 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
13:49:14.0409 5528 msisadrv - ok
13:49:14.0465 5528 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
13:49:14.0478 5528 MSiSCSI - ok
13:49:14.0484 5528 msiserver - ok
13:49:14.0509 5528 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
13:49:14.0525 5528 MSKSSRV - ok
13:49:14.0544 5528 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
13:49:14.0548 5528 MSPCLOCK - ok
13:49:14.0577 5528 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
13:49:14.0581 5528 MSPQM - ok
13:49:14.0632 5528 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
13:49:14.0640 5528 MsRPC - ok
13:49:14.0661 5528 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
13:49:14.0661 5528 mssmbios - ok
13:49:14.0667 5528 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
13:49:14.0670 5528 MSTEE - ok
13:49:14.0675 5528 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
13:49:14.0678 5528 MTConfig - ok
13:49:14.0697 5528 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
13:49:14.0702 5528 Mup - ok
13:49:14.0804 5528 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
13:49:14.0825 5528 MyWiFiDHCPDNS - ok
13:49:14.0888 5528 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
13:49:14.0893 5528 napagent - ok
13:49:14.0977 5528 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
13:49:14.0995 5528 NativeWifiP - ok
13:49:15.0112 5528 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys
13:49:15.0129 5528 NDIS - ok
13:49:15.0147 5528 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
13:49:15.0151 5528 NdisCap - ok
13:49:15.0181 5528 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
13:49:15.0185 5528 NdisTapi - ok
13:49:15.0223 5528 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
13:49:15.0234 5528 Ndisuio - ok
13:49:15.0253 5528 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
13:49:15.0259 5528 NdisWan - ok
13:49:15.0271 5528 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
13:49:15.0275 5528 NDProxy - ok
13:49:15.0288 5528 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
13:49:15.0292 5528 NetBIOS - ok
13:49:15.0330 5528 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
13:49:15.0343 5528 NetBT - ok
13:49:15.0387 5528 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
13:49:15.0390 5528 Netlogon - ok
13:49:15.0445 5528 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
13:49:15.0449 5528 Netman - ok
13:49:15.0541 5528 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:15.0549 5528 NetMsmqActivator - ok
13:49:15.0553 5528 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:15.0555 5528 NetPipeActivator - ok
13:49:15.0604 5528 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
13:49:15.0617 5528 netprofm - ok
13:49:15.0622 5528 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:15.0623 5528 NetTcpActivator - ok
13:49:15.0631 5528 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:15.0632 5528 NetTcpPortSharing - ok
13:49:16.0202 5528 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\windows\system32\DRIVERS\NETwNs64.sys
13:49:16.0447 5528 NETwNs64 - ok
13:49:16.0586 5528 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
13:49:16.0599 5528 nfrd960 - ok
13:49:16.0652 5528 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
13:49:16.0663 5528 NlaSvc - ok
13:49:16.0679 5528 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
13:49:16.0683 5528 Npfs - ok
13:49:16.0699 5528 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
13:49:16.0702 5528 nsi - ok
13:49:16.0716 5528 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
13:49:16.0722 5528 nsiproxy - ok
13:49:16.0904 5528 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
13:49:16.0948 5528 Ntfs - ok
13:49:17.0062 5528 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
13:49:17.0066 5528 Null - ok
13:49:17.0160 5528 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\windows\system32\DRIVERS\nusb3hub.sys
13:49:17.0180 5528 nusb3hub - ok
13:49:17.0258 5528 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\windows\system32\DRIVERS\nusb3xhc.sys
13:49:17.0300 5528 nusb3xhc - ok
13:49:17.0367 5528 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
13:49:17.0395 5528 nvraid - ok
13:49:17.0466 5528 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
13:49:17.0495 5528 nvstor - ok
13:49:17.0552 5528 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
13:49:17.0557 5528 nv_agp - ok
13:49:17.0720 5528 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:49:17.0778 5528 odserv - ok
13:49:17.0784 5528 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
13:49:17.0790 5528 ohci1394 - ok
13:49:17.0868 5528 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:49:17.0889 5528 ose - ok
13:49:17.0948 5528 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
13:49:17.0979 5528 p2pimsvc - ok
13:49:18.0028 5528 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
13:49:18.0042 5528 p2psvc - ok
13:49:18.0053 5528 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
13:49:18.0058 5528 Parport - ok
13:49:18.0107 5528 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
13:49:18.0121 5528 partmgr - ok
13:49:18.0150 5528 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
13:49:18.0157 5528 PcaSvc - ok
13:49:18.0187 5528 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
13:49:18.0203 5528 pci - ok
13:49:18.0227 5528 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
13:49:18.0230 5528 pciide - ok
13:49:18.0249 5528 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
13:49:18.0257 5528 pcmcia - ok
13:49:18.0272 5528 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
13:49:18.0276 5528 pcw - ok
13:49:18.0333 5528 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
13:49:18.0355 5528 PEAUTH - ok
13:49:18.0460 5528 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
13:49:18.0471 5528 PerfHost - ok
13:49:18.0768 5528 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
13:49:18.0857 5528 pla - ok
13:49:18.0951 5528 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
13:49:18.0963 5528 PlugPlay - ok
13:49:18.0982 5528 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
13:49:18.0997 5528 PNRPAutoReg - ok
13:49:19.0042 5528 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
13:49:19.0044 5528 PNRPsvc - ok
13:49:19.0128 5528 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
13:49:19.0156 5528 PolicyAgent - ok
13:49:19.0199 5528 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
13:49:19.0201 5528 Power - ok
13:49:19.0280 5528 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
13:49:19.0288 5528 PptpMiniport - ok
13:49:19.0310 5528 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
13:49:19.0316 5528 Processor - ok
13:49:19.0393 5528 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
13:49:19.0396 5528 ProfSvc - ok
13:49:19.0431 5528 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
13:49:19.0433 5528 ProtectedStorage - ok
13:49:19.0469 5528 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
13:49:19.0488 5528 Psched - ok
13:49:19.0537 5528 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\windows\system32\Drivers\PxHlpa64.sys
13:49:19.0541 5528 PxHlpa64 - ok
13:49:19.0685 5528 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
13:49:19.0749 5528 ql2300 - ok
13:49:19.0890 5528 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
13:49:19.0923 5528 ql40xx - ok
13:49:19.0967 5528 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
13:49:19.0991 5528 QWAVE - ok
13:49:20.0000 5528 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
13:49:20.0011 5528 QWAVEdrv - ok
13:49:20.0018 5528 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
13:49:20.0032 5528 RasAcd - ok
13:49:20.0076 5528 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
13:49:20.0083 5528 RasAgileVpn - ok
13:49:20.0106 5528 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
13:49:20.0123 5528 RasAuto - ok
13:49:20.0156 5528 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
13:49:20.0161 5528 Rasl2tp - ok
13:49:20.0208 5528 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
13:49:20.0239 5528 RasMan - ok
13:49:20.0264 5528 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
13:49:20.0271 5528 RasPppoe - ok
13:49:20.0283 5528 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
13:49:20.0289 5528 RasSstp - ok
13:49:20.0314 5528 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
13:49:20.0324 5528 rdbss - ok
13:49:20.0339 5528 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
13:49:20.0343 5528 rdpbus - ok
13:49:20.0360 5528 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
13:49:20.0363 5528 RDPCDD - ok
13:49:20.0390 5528 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
13:49:20.0392 5528 RDPENCDD - ok
13:49:20.0405 5528 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
13:49:20.0408 5528 RDPREFMP - ok
13:49:20.0462 5528 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
13:49:20.0487 5528 RDPWD - ok
13:49:20.0509 5528 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
13:49:20.0516 5528 rdyboost - ok
13:49:20.0659 5528 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:49:20.0664 5528 RegSrvc - ok
13:49:20.0703 5528 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
13:49:20.0724 5528 RemoteAccess - ok
13:49:20.0768 5528 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
13:49:20.0777 5528 RemoteRegistry - ok
13:49:20.0866 5528 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
13:49:20.0896 5528 RFCOMM - ok
13:49:21.0145 5528 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
13:49:21.0189 5528 RoxMediaDB12OEM - ok
13:49:21.0225 5528 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
13:49:21.0230 5528 RoxWatch12 - ok
13:49:21.0378 5528 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
13:49:21.0380 5528 RpcEptMapper - ok
13:49:21.0407 5528 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
13:49:21.0410 5528 RpcLocator - ok
13:49:21.0479 5528 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
13:49:21.0491 5528 RpcSs - ok
13:49:21.0542 5528 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
13:49:21.0547 5528 rspndr - ok
13:49:21.0609 5528 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\windows\system32\Drivers\RtsUStor.sys
13:49:21.0614 5528 RSUSBSTOR - ok
13:49:21.0649 5528 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\windows\system32\DRIVERS\Rt64win7.sys
13:49:21.0657 5528 RTL8167 - ok
13:49:21.0674 5528 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
13:49:21.0675 5528 SamSs - ok
13:49:21.0707 5528 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
13:49:21.0713 5528 sbp2port - ok
13:49:21.0759 5528 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
13:49:21.0767 5528 SCardSvr - ok
13:49:21.0771 5528 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
13:49:21.0776 5528 scfilter - ok
13:49:21.0892 5528 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
13:49:21.0910 5528 Schedule - ok
13:49:21.0933 5528 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
13:49:21.0934 5528 SCPolicySvc - ok
13:49:21.0964 5528 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
13:49:21.0995 5528 SDRSVC - ok
13:49:22.0056 5528 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
13:49:22.0060 5528 secdrv - ok
13:49:22.0080 5528 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
13:49:22.0092 5528 seclogon - ok
13:49:22.0112 5528 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
13:49:22.0114 5528 SENS - ok
13:49:22.0133 5528 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
13:49:22.0138 5528 SensrSvc - ok
13:49:22.0172 5528 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
13:49:22.0176 5528 Serenum - ok
13:49:22.0198 5528 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
13:49:22.0203 5528 Serial - ok
13:49:22.0207 5528 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
13:49:22.0211 5528 sermouse - ok
13:49:22.0250 5528 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
13:49:22.0255 5528 SessionEnv - ok
13:49:22.0260 5528 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
13:49:22.0263 5528 sffdisk - ok
13:49:22.0266 5528 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
13:49:22.0270 5528 sffp_mmc - ok
13:49:22.0274 5528 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
13:49:22.0278 5528 sffp_sd - ok
13:49:22.0282 5528 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
13:49:22.0285 5528 sfloppy - ok
13:49:22.0536 5528 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
13:49:22.0566 5528 SftService - ok
13:49:22.0743 5528 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
13:49:22.0783 5528 SharedAccess - ok
13:49:22.0833 5528 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
13:49:22.0846 5528 ShellHWDetection - ok
13:49:22.0912 5528 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
13:49:22.0916 5528 SiSRaid2 - ok
13:49:22.0925 5528 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
13:49:22.0929 5528 SiSRaid4 - ok
13:49:23.0065 5528 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
13:49:23.0066 5528 SkypeUpdate - ok
13:49:23.0084 5528 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
13:49:23.0097 5528 Smb - ok
13:49:23.0133 5528 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
13:49:23.0136 5528 SNMPTRAP - ok
13:49:23.0156 5528 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
13:49:23.0159 5528 spldr - ok
13:49:23.0233 5528 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
13:49:23.0262 5528 Spooler - ok
13:49:23.0525 5528 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
13:49:23.0591 5528 sppsvc - ok
13:49:23.0714 5528 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
13:49:23.0720 5528 sppuinotify - ok
13:49:23.0840 5528 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
13:49:23.0861 5528 srv - ok
13:49:23.0906 5528 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
13:49:23.0915 5528 srv2 - ok
13:49:23.0952 5528 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
13:49:23.0982 5528 srvnet - ok
13:49:24.0021 5528 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
13:49:24.0029 5528 SSDPSRV - ok
13:49:24.0080 5528 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\windows\system32\Drivers\SSPORT.sys
13:49:24.0083 5528 SSPORT - ok
13:49:24.0103 5528 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
13:49:24.0109 5528 SstpSvc - ok
13:49:24.0222 5528 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe
13:49:24.0227 5528 STacSV - ok
13:49:24.0271 5528 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
13:49:24.0275 5528 stexstor - ok
13:49:24.0359 5528 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\windows\system32\DRIVERS\stwrt64.sys
13:49:24.0395 5528 STHDA - ok
13:49:24.0481 5528 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
13:49:24.0513 5528 stisvc - ok
13:49:24.0620 5528 stllssvr (7731f46ec0d687a931cba063e8f90ef0) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:49:24.0627 5528 stllssvr - ok
13:49:24.0655 5528 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
13:49:24.0658 5528 swenum - ok
13:49:24.0739 5528 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
13:49:24.0754 5528 swprv - ok
13:49:24.0911 5528 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
13:49:24.0927 5528 SysMain - ok
13:49:25.0043 5528 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
13:49:25.0051 5528 TabletInputService - ok
13:49:25.0098 5528 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
13:49:25.0143 5528 TapiSrv - ok
13:49:25.0205 5528 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
13:49:25.0215 5528 TBS - ok
13:49:25.0473 5528 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
13:49:25.0538 5528 Tcpip - ok
13:49:25.0784 5528 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
13:49:25.0793 5528 TCPIP6 - ok
13:49:25.0904 5528 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
13:49:25.0908 5528 tcpipreg - ok
13:49:25.0922 5528 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
13:49:25.0924 5528 TDPIPE - ok
13:49:25.0960 5528 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
13:49:25.0967 5528 TDTCP - ok
13:49:26.0008 5528 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
13:49:26.0017 5528 tdx - ok
13:49:26.0026 5528 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
13:49:26.0030 5528 TermDD - ok
13:49:26.0111 5528 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
13:49:26.0124 5528 TermService - ok
13:49:26.0144 5528 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
13:49:26.0146 5528 Themes - ok
13:49:26.0181 5528 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
13:49:26.0182 5528 THREADORDER - ok
13:49:26.0209 5528 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
13:49:26.0228 5528 TrkWks - ok
13:49:26.0305 5528 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
13:49:26.0306 5528 TrustedInstaller - ok
13:49:26.0329 5528 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
13:49:26.0332 5528 tssecsrv - ok
13:49:26.0355 5528 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
13:49:26.0360 5528 TsUsbFlt - ok
13:49:26.0370 5528 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
13:49:26.0375 5528 TsUsbGD - ok
13:49:26.0410 5528 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
13:49:26.0411 5528 tunnel - ok
13:49:26.0430 5528 TurboB (fd24f98d2898be093fe926604be7db99) C:\windows\system32\DRIVERS\TurboB.sys
13:49:26.0433 5528 TurboB - ok
13:49:26.0495 5528 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
13:49:26.0515 5528 TurboBoost - ok
13:49:26.0522 5528 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
13:49:26.0528 5528 uagp35 - ok
13:49:26.0584 5528 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
13:49:26.0609 5528 udfs - ok
13:49:26.0646 5528 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
13:49:26.0655 5528 UI0Detect - ok
13:49:26.0662 5528 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
13:49:26.0667 5528 uliagpkx - ok
13:49:26.0691 5528 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
13:49:26.0695 5528 umbus - ok
13:49:26.0698 5528 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
13:49:26.0701 5528 UmPass - ok
13:49:26.0985 5528 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:49:27.0030 5528 UNS - ok
13:49:27.0261 5528 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
13:49:27.0281 5528 upnphost - ok
13:49:27.0368 5528 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\windows\system32\Drivers\usbaapl64.sys
13:49:27.0369 5528 USBAAPL64 - ok
13:49:27.0402 5528 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\windows\system32\DRIVERS\usbccgp.sys
13:49:27.0406 5528 usbccgp - ok
13:49:27.0446 5528 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
13:49:27.0453 5528 usbcir - ok
13:49:27.0488 5528 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
13:49:27.0497 5528 usbehci - ok
13:49:27.0564 5528 usbhub (8b892002d7b79312821169a14317ab86) C:\windows\system32\DRIVERS\usbhub.sys
13:49:27.0610 5528 usbhub - ok
13:49:27.0646 5528 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
13:49:27.0649 5528 usbohci - ok
13:49:27.0683 5528 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
13:49:27.0687 5528 usbprint - ok
13:49:27.0729 5528 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
13:49:27.0731 5528 USBSTOR - ok
13:49:27.0748 5528 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
13:49:27.0754 5528 usbuhci - ok
13:49:27.0796 5528 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
13:49:27.0802 5528 usbvideo - ok
13:49:27.0833 5528 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
13:49:27.0849 5528 UxSms - ok
13:49:27.0885 5528 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
13:49:27.0886 5528 VaultSvc - ok
13:49:27.0919 5528 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
13:49:27.0922 5528 vdrvroot - ok
13:49:28.0016 5528 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
13:49:28.0042 5528 vds - ok
13:49:28.0058 5528 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
13:49:28.0061 5528 vga - ok
13:49:28.0079 5528 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
13:49:28.0083 5528 VgaSave - ok
13:49:28.0105 5528 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
13:49:28.0112 5528 vhdmp - ok
13:49:28.0116 5528 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
13:49:28.0121 5528 viaide - ok
13:49:28.0137 5528 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
13:49:28.0149 5528 volmgr - ok
13:49:28.0172 5528 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
13:49:28.0184 5528 volmgrx - ok
13:49:28.0229 5528 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
13:49:28.0250 5528 volsnap - ok
13:49:28.0276 5528 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
13:49:28.0289 5528 vsmraid - ok
13:49:28.0448 5528 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
13:49:28.0473 5528 VSS - ok
13:49:28.0614 5528 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
13:49:28.0624 5528 vwifibus - ok
13:49:28.0651 5528 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
13:49:28.0655 5528 vwififlt - ok
13:49:28.0683 5528 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
13:49:28.0686 5528 vwifimp - ok
13:49:28.0780 5528 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
13:49:28.0790 5528 W32Time - ok
13:49:28.0810 5528 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
13:49:28.0814 5528 WacomPen - ok
13:49:28.0849 5528 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
13:49:28.0861 5528 WANARP - ok
13:49:28.0881 5528 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
13:49:28.0884 5528 Wanarpv6 - ok
13:49:29.0022 5528 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
13:49:29.0062 5528 WatAdminSvc - ok
13:49:29.0285 5528 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
13:49:29.0368 5528 wbengine - ok
13:49:29.0504 5528 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
13:49:29.0518 5528 WbioSrvc - ok
13:49:29.0546 5528 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
13:49:29.0556 5528 wcncsvc - ok
13:49:29.0569 5528 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
13:49:29.0574 5528 WcsPlugInService - ok
13:49:29.0614 5528 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
13:49:29.0625 5528 Wd - ok
13:49:29.0722 5528 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
13:49:29.0744 5528 Wdf01000 - ok
13:49:29.0763 5528 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
13:49:29.0770 5528 WdiServiceHost - ok
13:49:29.0773 5528 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
13:49:29.0775 5528 WdiSystemHost - ok
13:49:29.0813 5528 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
13:49:29.0829 5528 WebClient - ok
13:49:29.0870 5528 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
13:49:29.0891 5528 Wecsvc - ok
13:49:29.0914 5528 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
13:49:29.0915 5528 wercplsupport - ok
13:49:29.0938 5528 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
13:49:29.0943 5528 WerSvc - ok
13:49:30.0009 5528 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
13:49:30.0012 5528 WfpLwf - ok
13:49:30.0053 5528 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
13:49:30.0066 5528 WimFltr - ok
13:49:30.0089 5528 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
13:49:30.0093 5528 WIMMount - ok
13:49:30.0138 5528 WinDefend - ok
13:49:30.0145 5528 WinHttpAutoProxySvc - ok
13:49:30.0227 5528 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
13:49:30.0248 5528 Winmgmt - ok
13:49:30.0429 5528 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
13:49:30.0570 5528 WinRM - ok
13:49:30.0779 5528 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
13:49:30.0784 5528 WinUsb - ok
13:49:30.0904 5528 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
13:49:30.0914 5528 Wlansvc - ok
13:49:30.0947 5528 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
13:49:30.0947 5528 WmiAcpi - ok
13:49:31.0039 5528 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
13:49:31.0041 5528 wmiApSrv - ok
13:49:31.0096 5528 WMPNetworkSvc - ok
13:49:31.0117 5528 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
13:49:31.0121 5528 WPCSvc - ok
13:49:31.0151 5528 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
13:49:31.0158 5528 WPDBusEnum - ok
13:49:31.0179 5528 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
13:49:31.0183 5528 ws2ifsl - ok
13:49:31.0213 5528 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
13:49:31.0230 5528 wscsvc - ok
13:49:31.0237 5528 WSearch - ok
13:49:31.0514 5528 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
13:49:31.0562 5528 wuauserv - ok
13:49:31.0713 5528 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
13:49:31.0718 5528 WudfPf - ok
13:49:31.0750 5528 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
13:49:31.0751 5528 WUDFRd - ok
13:49:31.0790 5528 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
13:49:31.0792 5528 wudfsvc - ok
13:49:31.0836 5528 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
13:49:31.0853 5528 WwanSvc - ok
13:49:31.0884 5528 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:49:32.0444 5528 \Device\Harddisk0\DR0 - ok
13:49:32.0448 5528 Boot (0x1200) (17e6064b18aa88ed8319b3238fe06a25) \Device\Harddisk0\DR0\Partition0
13:49:32.0450 5528 \Device\Harddisk0\DR0\Partition0 - ok
13:49:32.0480 5528 Boot (0x1200) (5e1b221b97230f8ccb60bd5a736d0652) \Device\Harddisk0\DR0\Partition1
13:49:32.0483 5528 \Device\Harddisk0\DR0\Partition1 - ok
13:49:32.0504 5528 Boot (0x1200) (c0be9a9caef8db4daed342688d3d20d6) \Device\Harddisk0\DR0\Partition2
13:49:32.0506 5528 \Device\Harddisk0\DR0\Partition2 - ok
13:49:32.0506 5528 ============================================================
13:49:32.0506 5528 Scan finished
13:49:32.0506 5528 ============================================================
13:49:32.0516 6088 Detected object count: 0
13:49:32.0516 6088 Actual detected object count: 0
13:50:04.0159 2636 Deinitialize success


aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-25 13:51:40
-----------------------------
13:51:40.417 OS Version: Windows x64 6.1.7601 Service Pack 1
13:51:40.418 Number of processors: 4 586 0x2A07
13:51:40.418 ComputerName: WIN-PC UserName: Win
13:51:41.337 Initialize success
13:59:20.398 AVAST engine defs: 12072500
13:59:26.364 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:59:26.366 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
13:59:26.382 Disk 0 MBR read successfully
13:59:26.384 Disk 0 MBR scan
13:59:26.388 Disk 0 Windows 7 default MBR code
13:59:26.392 Disk 0 Partition 1 00 DE Dell Utility DELL 8.0 100 MB offset 2048
13:59:26.402 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
13:59:26.423 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 243129 MB offset 30926848
13:59:26.429 Disk 0 Partition - 00 0F Extended LBA 218708 MB offset 528857088
13:59:26.458 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 218707 MB offset 528859136
13:59:26.493 Disk 0 scanning C:\windows\system32\drivers
13:59:35.379 Service scanning
14:00:08.705 Modules scanning
14:00:09.039 Disk 0 trace - called modules:
14:00:09.054
14:00:12.096 AVAST engine scan C:\windows
14:00:14.963 AVAST engine scan C:\windows\system32
14:00:19.232 Disk 0 MBR has been saved successfully to "C:\Users\Win\Documents\MBR.dat"
14:03:45.006 AVAST engine scan C:\windows\system32\drivers
14:03:53.584 AVAST engine scan C:\Users\Win
14:04:48.084 Disk 0 MBR has been saved successfully to "C:\Users\Win\Documents\MBR.dat"
14:04:48.088 The log file has been saved successfully to "C:\Users\Win\Documents\Log.txt"




ESET online scanner:

C:\Users\Win\AppData\Local\Temp\somoto-master.exe Win32/Somoto application cleaned by deleting - quarantined
C:\Users\Win\AppData\Local\TempDIR\BetterInstaller.exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined


EDIT: I think ESET online scanner has sorted it - there doesn't seem to be anymore new tabs popping up with the Ilivid page. Thanks narenxp!

Edited by ChrissyToph, 25 July 2012 - 02:11 PM.


#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:44 AM

Posted 25 July 2012 - 02:05 PM

@Eric Bennett:

Here's my report from Hitman:


Please ignore his advice and EDIT your logs and remove them

You're not allowed to post HITMAN pro logs here

#6 ChrissyToph

ChrissyToph
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:44 AM

Posted 25 July 2012 - 02:11 PM

@Eric Bennett:

Here's my report from Hitman:


Please ignore his advice and EDIT your logs and remove them

You're not allowed to post HITMAN pro logs here


Sorry, I didn't know that. I've removed it now.

Thanks for helping me btw, I think the ESET scanner did the trick.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:44 AM

Posted 25 July 2012 - 02:12 PM

We still have some scans

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#8 ChrissyToph

ChrissyToph
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:44 AM

Posted 26 July 2012 - 03:11 AM

Hi narenpx, when you say 'regular scan' (after doing a full scan) with MBAM, are you referring to a quickscan? I assumed it was this one and I got a clean log. Here's my logs:

Mini toolbox


MiniToolBox by Farbar Version: 23-07-2012
Ran by Win (administrator) on 26-07-2012 at 09:02:21
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 1030 = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Win-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : AC-72-89-10-A0-23
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : AC-72-89-10-A0-23
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1030
Physical Address. . . . . . . . . : AC-72-89-10-A0-22
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7cff:4592:49d4:2109%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 26 July 2012 08:50:27
Lease Expires . . . . . . . . . . : 27 July 2012 08:50:27
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 380400265
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A7-54-BD-18-03-73-69-20-F3
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 18-03-73-69-20-F3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : AC-72-89-10-A0-26
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C8B32BBB-C7E6-4DF2-96E6-7B13FA2A134D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:2c03:34aa:fde6:b45b(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c03:34aa:fde6:b45b%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2a00:1450:4009:809::1006
173.194.41.130
173.194.41.132
173.194.41.142
173.194.41.131
173.194.41.135
173.194.41.137
173.194.41.128
173.194.41.129
173.194.41.133
173.194.41.136
173.194.41.134


Pinging google.com [173.194.41.135] with 32 bytes of data:
Reply from 173.194.41.135: bytes=32 time=24ms TTL=53
Reply from 173.194.41.135: bytes=32 time=46ms TTL=53

Ping statistics for 173.194.41.135:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 24ms, Maximum = 46ms, Average = 35ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=131ms TTL=48
Reply from 209.191.122.70: bytes=32 time=130ms TTL=48

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 130ms, Maximum = 131ms, Average = 130ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 3ms, Average = 3ms
===========================================================================
Interface List
17...ac 72 89 10 a0 23 ......Microsoft Virtual WiFi Miniport Adapter #2
16...ac 72 89 10 a0 23 ......Microsoft Virtual WiFi Miniport Adapter
15...ac 72 89 10 a0 22 ......Intel® Centrino® Wireless-N 1030
13...18 03 73 69 20 f3 ......Realtek PCIe FE Family Controller
12...ac 72 89 10 a0 26 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.2 281
192.168.0.2 255.255.255.255 On-link 192.168.0.2 281
192.168.0.255 255.255.255.255 On-link 192.168.0.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:5ef5:79fb:2c03:34aa:fde6:b45b/128
On-link
15 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::2c03:34aa:fde6:b45b/128
On-link
15 281 fe80::7cff:4592:49d4:2109/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/26/2012 08:50:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 07:25:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2012 09:04:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_265.exe, version: 11.3.300.265, time stamp: 0x4febd5ac
Faulting module name: NPSWF32_11_3_300_265.dll, version: 11.3.300.265, time stamp: 0x4febd798
Exception code: 0xc0000005
Fault offset: 0x001d1e2f
Faulting process id: 0x1680
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_265.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_265.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_265.exe2
Report Id: FlashPlayerPlugin_11_3_300_265.exe3

Error: (07/25/2012 07:20:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2012 05:40:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2012 04:42:09 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 13.0.1.4548 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1198

Start Time: 01cd6a7bda545da0

Termination Time: 16

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 443a4739-d66f-11e1-bdce-ac728910a026

Error: (07/25/2012 02:26:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/25/2012 02:26:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/25/2012 02:26:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/25/2012 02:26:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (07/26/2012 08:51:49 AM) (Source: Service Control Manager) (User: )
Description: The Bluetooth Media Service service failed to start due to the following error:
%%1053

Error: (07/26/2012 08:51:49 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Bluetooth Media Service service to connect.

Error: (07/26/2012 08:51:49 AM) (Source: DCOM) (User: )
Description: 1053Bluetooth Media Service{9AC233E9-AC75-4DB5-85C4-DAB13A484FEA}

Error: (07/25/2012 02:24:21 PM) (Source: BugCheck) (User: )
Description: 0x00000109 (0xa3a039d89fbb7a9f, 0xb3b7465ef239b76d, 0xfffff880031705c0, 0x0000000000000002)C:\windows\MEMORY.DMP072512-20092-01

Error: (07/25/2012 02:24:15 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 14:22:59 on ?25/?07/?2012 was unexpected.

Error: (07/24/2012 06:48:08 PM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053

Error: (07/24/2012 06:48:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (07/24/2012 01:51:07 PM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053

Error: (07/24/2012 01:51:07 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (07/23/2012 07:43:04 PM) (Source: Service Control Manager) (User: )
Description: The Intel® PROSet/Wireless Event Log service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (12/08/2011 04:54:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6843 seconds with 4320 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe Bridge 1.0 (Version: 001.000.000)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Auto Updater 1.1.1.0
Avira Free Antivirus (Version: 12.0.0.1125)
Bonjour (Version: 3.0.0.10)
Broadband Test Application (Version: 2.5.2.3)
Clip Extractor 4.1
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Product Registration (Version: 1.0.3)
Dell Stage (Version: 1.5.420.0)
Dell Support Center (Version: 3.1.5907.39)
Dell Touchpad (Version: 7.1209.101.204)
Dell VideoStage (Version: 1.2.0.1712)
Dell Webcam Central (Version: 2.00.46)
DirectX 9 Runtime (Version: 1.00.0000)
ESET Online Scanner v3
GfK Internet-Monitor (Version: 11.2.598)
HitmanPro 3.6 (Version: 3.6.0.160)
IDT Audio (Version: 1.0.6324.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Processor Graphics (Version: 8.15.10.2361)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.0.0.0454)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.1000)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® WiDi (Version: 2.1.35.0)
Intel® Wireless Display
iPodifier (Version: 1.5.0.3)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 31 (Version: 6.0.310)
Keynote Connector
Maintenance Samsung CLP-320 Series
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Messenger Plus! 5 (Version: 5.10.0.750)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows Media Video 9 VCM
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MozBackup 1.5.1
Mozilla Firefox 13.0.1 (x86 en-GB) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
newvista journeys
Origin (Version: 8.3.7.3619)
PhotoShowExpress (Version: 2.0.063)
Quickset64 (Version: 10.09.20)
QuickTime (Version: 7.72.80.56)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek Ethernet Controller Driver (Version: 7.31.1025.2010)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Sims 3 - Nude Censor Remover
Sims 3 - Nude Clothes Females
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.10 (Version: 5.10.115)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
swMSM (Version: 12.0.0.1)
The KMPlayer (remove only)
The Sims™ 3 (Version: 1.29.55)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Late Night (Version: 6.5.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Vegas Pro 9.0 (64-bit) (Version: 9.0.1146)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
WinRAR 4.10 beta 5 (64-bit) (Version: 4.10.5)

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 6051.18 MB
Available physical RAM: 4284.25 MB
Total Pagefile: 12100.54 MB
Available Pagefile: 9957.41 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.29 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:237.43 GB) (Free:112.62 GB) NTFS
3 Drive e: (Data) (Fixed) (Total:213.58 GB) (Free:101.91 GB) NTFS

========================= Users: ========================================

User accounts for \\WIN-PC

Administrator Guest Win


**** End of log ****



FSS

Farbar Service Scanner Version: 22-07-2012
Ran by Win (administrator) on 26-07-2012 at 09:03:17
Running from "C:\Users\Win\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Adware cleaner

# AdwCleaner v1.703 - Logfile created 07/26/2012 at 09:03:41
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Win - WIN-PC
# Running from : C:\Users\Win\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Win\AppData\Local\TempDir
Folder Deleted : C:\Users\Win\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Win\AppData\Local\Temp\Incredibar.com
Folder Deleted : C:\Users\Win\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Win\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Win\AppData\Roaming\Mozilla\Firefox\Profiles\dolrmb1y.default\FCTB

***** [Registry] *****

Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/clipextractor/{54140ED3-34FA-49BF-B5B1-5599B5ADB580} --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (en-GB)

Profile name : default
File : C:\Users\Win\AppData\Roaming\Mozilla\Firefox\Profiles\dolrmb1y.default\prefs.js

C:\Users\Win\AppData\Roaming\Mozilla\Firefox\Profiles\dolrmb1y.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "MyStart Search");
Deleted : user_pref("extensions.incredibar.actvtyRptTime", "1332323514623");
Deleted : user_pref("extensions.incredibar.admin", false);
Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar.cntry", "GB");
Deleted : user_pref("extensions.incredibar.dfltLng", "");
Deleted : user_pref("extensions.incredibar.dfltSrch", false);
Deleted : user_pref("extensions.incredibar.did", "10589");
Deleted : user_pref("extensions.incredibar.hdrMd5", "DF9BBCCD1461EFE7C4FCA12522B93FCA");
Deleted : user_pref("extensions.incredibar.hmpg", false);
Deleted : user_pref("extensions.incredibar.id", "52856c12000000000000ac728910a023");
Deleted : user_pref("extensions.incredibar.installerproductid", "26");
Deleted : user_pref("extensions.incredibar.instlDay", "15403");
Deleted : user_pref("extensions.incredibar.instlRef", "");
Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.3.2713:08:44");
Deleted : user_pref("extensions.incredibar.newTab", false);
Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
Deleted : user_pref("extensions.incredibar.ppd", "");
Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar.productid", "26");
Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar.sg", "none");
Deleted : user_pref("extensions.incredibar.smplGrp", "none");
Deleted : user_pref("extensions.incredibar.tlbrId", "base");
Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyuKMCtLL&loc=IB_T[...]
Deleted : user_pref("extensions.incredibar.upn2", "6OyuKMCtLL");
Deleted : user_pref("extensions.incredibar.upn2n", "92261006321050005");
Deleted : user_pref("extensions.incredibar.vrsn", "1.5.3.27");
Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.3.2713:08:44");
Deleted : user_pref("extensions.incredibar.vrsni", "1.5.3.27");
Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Deleted : user_pref("extensions.incredibar_i.did", "10589");
Deleted : user_pref("extensions.incredibar_i.excTlbr", "false");
Deleted : user_pref("extensions.incredibar_i.hardId", "52856c12000000000000ac728910a023");
Deleted : user_pref("extensions.incredibar_i.id", "52856c12000000000000ac728910a023");
Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Deleted : user_pref("extensions.incredibar_i.instlDay", "15403");
Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Deleted : user_pref("extensions.incredibar_i.newTab", false);
Deleted : user_pref("extensions.incredibar_i.ppd", "");
Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar_i.productid", "26");
Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyuKMCtLL&loc=IB[...]
Deleted : user_pref("extensions.incredibar_i.upn2", "6OyuKMCtLL");
Deleted : user_pref("extensions.incredibar_i.upn2n", "92261006321050005");
Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.3.27");
Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.3.2713:08:44");
Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.3.27");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.2803282.KeywordHistory", "%7Candy%2520murray%25[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.AutoSearchEventData", "auto%20search");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.ClearCacheDate", 25);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.DNSCatch", true);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.DisplayEULA", true);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.DnsCatchEventData", "dns%20catch");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.EBOMode", false);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.FirstLaunchShown", true);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.InstallDomain", "freecause.com");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.InstallType", "one_click");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.LoadLayoutDate.61465", 25);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.NewTabSearchEventData", "tab%20search");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.ShowRecommendedOptions", true);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.StateReportDate", "1343069142978");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.TopRightSearchEventData", "top%20right%20search[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.beforeInstallSaved", true);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.beforeinstall.homepage", "hxxps%3A//www.google.[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.beforeinstall.search", "eBay.co.uk");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.comp.affiliate.2803296.disabled", false);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.comp.search.2803282.engine_img", "aHR0cDovL3Mzd[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.comp.search.2803282.engine_url", "aHR0cDovL3VrL[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.comp.search.2803282.text", "Search%20to%20Colle[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.customNewTab", false);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.helpUsImprove", true);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.hideOthers", true);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.partnerauth", false);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.processAddrBar", true);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.restoreSearch", false);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.runcmd.", "1341670152");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.runcmd.123", "61684");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.runcmd.nectar_may_1336077527", "nectar_may_prom[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.runcmd.nectar_may_1336510648", "nectar_may_prom[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.runcmd.nectar_may_1336991579", "nectar_may_prom[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.runcmd.nectar_may_1337446565", "nectar_may_prom[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.runcmd.nectar_may_1337880474", "nectar_may_prom[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.runcmd.nectar_may_1338314947", "nectar_may_prom[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.searchHistory", true);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.session", "7252512BE989EEF9269AAE600C5AEA7883E6[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.showFirstLaunchOptions", false);
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.tb_lang", "en");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.tool_id", "61465");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.user_id", "110856280");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.user_key", "e8a66d464f8490db627ac8992b6c65fc38f[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.user_layouts", "61465");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.user_lnames", "Nectar%20Search%20Toolbar");
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.xml_service_url", "6bb94bbf55fe2f255901a560824a[...]
Deleted : user_pref("freecause841468a1d7f44bd384e6bb0f13a06c64.yahooSearch", true);

Profile name : default-1343231162124 [Profil par défaut]
File : C:\Users\Win\AppData\Roaming\Mozilla\Firefox\Profiles\zdmxpogn.default-1343231162124\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Win\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [14585 octets] - [26/07/2012 09:03:41]

########## EOF - C:\AdwCleaner[S1].txt - [14714 octets] ##########

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:44 AM

Posted 26 July 2012 - 04:36 AM

Uninstall firefox

Makesure to checkmark Remove my personal data option

Reinstall it

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#10 ChrissyToph

ChrissyToph
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:44 AM

Posted 26 July 2012 - 01:43 PM

Thank you so much for your help narenxp! :thumbsup:

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:44 AM

Posted 26 July 2012 - 01:44 PM

You're most welcome :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users