Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Re-direct Virus


  • Please log in to reply
14 replies to this topic

#1 ronchable2

ronchable2

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 31 July 2012 - 05:13 PM

I know I have seen different topics about Google redirect virus and what not and I am just not sure if I have the same thing or it is something different. The description is essentially the same though, go to google.com and search for a basic website. Once I click on the link it forwards me to some other advertising website. I am able to go back to google and the second time it will take me to the proper website. PLEASE HELP!

I have run Norton Antivirus(up to date), Norton Power Eraser, MalwareBytes, attempted ComboFix but it told me it was unable to run on Windows 7. Tried all of this in safe mode as well hoping that I would have some success, no luck though, all came back with no issues and I am still getting this error. Any help is greatly appreciated.

Ryan

Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:47 PM

Posted 31 July 2012 - 06:17 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 ronchable2

ronchable2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 31 July 2012 - 06:18 PM

Sorry, I am running windows 7 64-bit and I have had the issue on both IE and Firefox. thanks

#4 ronchable2

ronchable2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 31 July 2012 - 07:09 PM

9:22:19.0415 4244 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:22:19.0789 4244 ============================================================
19:22:19.0789 4244 Current date / time: 2012/07/31 19:22:19.0789
19:22:19.0789 4244 SystemInfo:
19:22:19.0789 4244
19:22:19.0789 4244 OS Version: 6.1.7601 ServicePack: 1.0
19:22:19.0789 4244 Product type: Workstation
19:22:19.0789 4244 ComputerName:
19:22:19.0789 4244 UserName:
19:22:19.0789 4244 Windows directory: C:\Windows
19:22:19.0789 4244 System windows directory: C:\Windows
19:22:19.0789 4244 Running under WOW64
19:22:19.0789 4244 Processor architecture: Intel x64
19:22:19.0789 4244 Number of processors: 4
19:22:19.0789 4244 Page size: 0x1000
19:22:19.0789 4244 Boot type: Normal boot
19:22:19.0789 4244 ============================================================
19:22:21.0490 4244 Drive \Device\Harddisk1\DR1 - Size: 0xF1400000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
19:22:21.0505 4244 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:22:21.0536 4244 Drive \Device\Harddisk1\DR1 - Size: 0xF1400000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:22:21.0536 4244 ============================================================
19:22:21.0536 4244 \Device\Harddisk1\DR1:
19:22:21.0536 4244 MBR partitions:
19:22:21.0536 4244 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x788000
19:22:21.0536 4244 \Device\Harddisk0\DR0:
19:22:21.0536 4244 MBR partitions:
19:22:21.0536 4244 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:22:21.0536 4244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x38553000
19:22:21.0536 4244 \Device\Harddisk1\DR1:
19:22:21.0536 4244 MBR partitions:
19:22:21.0536 4244 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x788000
19:22:21.0536 4244 ============================================================
19:22:21.0568 4244 C: <-> \Device\Harddisk0\DR0\Partition1
19:22:21.0568 4244 ============================================================
19:22:21.0568 4244 Initialize success
19:22:21.0568 4244 ============================================================
19:22:47.0849 4740 ============================================================
19:22:47.0849 4740 Scan started
19:22:47.0849 4740 Mode: Manual; TDLFS;
19:22:47.0849 4740 ============================================================
19:22:48.0473 4740 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:22:48.0488 4740 1394ohci - ok
19:22:48.0597 4740 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:22:48.0597 4740 ACPI - ok
19:22:48.0660 4740 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:22:48.0660 4740 AcpiPmi - ok
19:22:48.0972 4740 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:22:48.0972 4740 AdobeFlashPlayerUpdateSvc - ok
19:22:49.0034 4740 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:22:49.0050 4740 adp94xx - ok
19:22:49.0097 4740 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:22:49.0097 4740 adpahci - ok
19:22:49.0128 4740 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:22:49.0143 4740 adpu320 - ok
19:22:49.0175 4740 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:22:49.0175 4740 AeLookupSvc - ok
19:22:49.0253 4740 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:22:49.0253 4740 AFD - ok
19:22:49.0284 4740 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:22:49.0299 4740 agp440 - ok
19:22:49.0331 4740 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:22:49.0331 4740 ALG - ok
19:22:49.0362 4740 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:22:49.0362 4740 aliide - ok
19:22:49.0377 4740 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:22:49.0377 4740 amdide - ok
19:22:49.0377 4740 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:22:49.0377 4740 AmdK8 - ok
19:22:49.0393 4740 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:22:49.0393 4740 AmdPPM - ok
19:22:49.0440 4740 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:22:49.0440 4740 amdsata - ok
19:22:49.0487 4740 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:22:49.0502 4740 amdsbs - ok
19:22:49.0518 4740 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:22:49.0518 4740 amdxata - ok
19:22:49.0565 4740 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:22:49.0565 4740 AppID - ok
19:22:49.0596 4740 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:22:49.0596 4740 AppIDSvc - ok
19:22:49.0611 4740 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:22:49.0611 4740 Appinfo - ok
19:22:49.0643 4740 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:22:49.0643 4740 arc - ok
19:22:49.0705 4740 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:22:49.0705 4740 arcsas - ok
19:22:49.0721 4740 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:22:49.0736 4740 AsyncMac - ok
19:22:49.0767 4740 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:22:49.0767 4740 atapi - ok
19:22:49.0861 4740 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:22:49.0861 4740 AudioEndpointBuilder - ok
19:22:49.0861 4740 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:22:49.0861 4740 AudioSrv - ok
19:22:49.0923 4740 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:22:49.0923 4740 AxInstSV - ok
19:22:50.0001 4740 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:22:50.0017 4740 b06bdrv - ok
19:22:50.0079 4740 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:22:50.0079 4740 b57nd60a - ok
19:22:50.0111 4740 b57xdbd (a424cb46a145e5aabf15621550976df2) C:\Windows\system32\DRIVERS\b57xdbd.sys
19:22:50.0111 4740 b57xdbd - ok
19:22:50.0126 4740 b57xdmp (be4e6fd5a898812b85d5817ad9754a9f) C:\Windows\system32\DRIVERS\b57xdmp.sys
19:22:50.0126 4740 b57xdmp - ok
19:22:50.0173 4740 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:22:50.0189 4740 BDESVC - ok
19:22:50.0204 4740 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:22:50.0204 4740 Beep - ok
19:22:50.0298 4740 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:22:50.0313 4740 BFE - ok
19:22:50.0594 4740 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
19:22:50.0594 4740 BHDrvx64 - ok
19:22:50.0813 4740 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:22:50.0813 4740 BITS - ok
19:22:50.0953 4740 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:22:50.0953 4740 blbdrive - ok
19:22:51.0000 4740 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:22:51.0000 4740 bowser - ok
19:22:51.0031 4740 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:22:51.0031 4740 BrFiltLo - ok
19:22:51.0031 4740 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:22:51.0031 4740 BrFiltUp - ok
19:22:51.0093 4740 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:22:51.0093 4740 Browser - ok
19:22:51.0140 4740 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:22:51.0140 4740 Brserid - ok
19:22:51.0156 4740 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:22:51.0156 4740 BrSerWdm - ok
19:22:51.0156 4740 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:22:51.0156 4740 BrUsbMdm - ok
19:22:51.0187 4740 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:22:51.0187 4740 BrUsbSer - ok
19:22:51.0234 4740 bScsiMSa (520408cfdb56de8cdb44b2f11b9c5b5c) C:\Windows\system32\DRIVERS\bScsiMSa.sys
19:22:51.0234 4740 bScsiMSa - ok
19:22:51.0249 4740 bScsiSDa (9f880f03f4a72215c8b77fd51322c297) C:\Windows\system32\DRIVERS\bScsiSDa.sys
19:22:51.0249 4740 bScsiSDa - ok
19:22:51.0281 4740 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:22:51.0281 4740 BTHMODEM - ok
19:22:51.0312 4740 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:22:51.0312 4740 bthserv - ok
19:22:51.0390 4740 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
19:22:51.0390 4740 ccSet_N360 - ok
19:22:51.0452 4740 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:22:51.0452 4740 cdfs - ok
19:22:51.0515 4740 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:22:51.0515 4740 cdrom - ok
19:22:51.0561 4740 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:22:51.0561 4740 CertPropSvc - ok
19:22:51.0577 4740 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:22:51.0577 4740 circlass - ok
19:22:51.0639 4740 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:22:51.0639 4740 CLFS - ok
19:22:51.0686 4740 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:22:51.0686 4740 clr_optimization_v2.0.50727_32 - ok
19:22:51.0749 4740 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:22:51.0749 4740 clr_optimization_v2.0.50727_64 - ok
19:22:51.0827 4740 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:22:51.0827 4740 clr_optimization_v4.0.30319_32 - ok
19:22:51.0905 4740 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:22:51.0905 4740 clr_optimization_v4.0.30319_64 - ok
19:22:51.0967 4740 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:22:51.0967 4740 CmBatt - ok
19:22:51.0983 4740 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:22:51.0983 4740 cmdide - ok
19:22:52.0045 4740 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
19:22:52.0061 4740 CNG - ok
19:22:52.0107 4740 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:22:52.0107 4740 Compbatt - ok
19:22:52.0139 4740 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:22:52.0139 4740 CompositeBus - ok
19:22:52.0154 4740 COMSysApp - ok
19:22:52.0185 4740 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:22:52.0185 4740 crcdisk - ok
19:22:52.0248 4740 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:22:52.0248 4740 CryptSvc - ok
19:22:52.0326 4740 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:22:52.0326 4740 DcomLaunch - ok
19:22:52.0373 4740 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:22:52.0373 4740 defragsvc - ok
19:22:52.0404 4740 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:22:52.0404 4740 DfsC - ok
19:22:52.0451 4740 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:22:52.0451 4740 Dhcp - ok
19:22:52.0497 4740 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:22:52.0497 4740 discache - ok
19:22:52.0529 4740 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:22:52.0529 4740 Disk - ok
19:22:52.0560 4740 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:22:52.0575 4740 Dnscache - ok
19:22:52.0607 4740 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:22:52.0607 4740 dot3svc - ok
19:22:52.0638 4740 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:22:52.0638 4740 DPS - ok
19:22:52.0669 4740 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:22:52.0669 4740 drmkaud - ok
19:22:52.0778 4740 DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:22:52.0778 4740 DsiWMIService - ok
19:22:52.0950 4740 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:22:52.0950 4740 DXGKrnl - ok
19:22:52.0981 4740 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:22:52.0981 4740 EapHost - ok
19:22:53.0262 4740 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:22:53.0355 4740 ebdrv - ok
19:22:53.0465 4740 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:22:53.0480 4740 eeCtrl - ok
19:22:53.0589 4740 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:22:53.0589 4740 EFS - ok
19:22:53.0699 4740 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:22:53.0714 4740 ehRecvr - ok
19:22:53.0777 4740 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:22:53.0777 4740 ehSched - ok
19:22:53.0870 4740 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:22:53.0886 4740 elxstor - ok
19:22:54.0011 4740 ePowerSvc (eb1c213a8550f066b2ccc29c9f41e2ae) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
19:22:54.0011 4740 ePowerSvc - ok
19:22:54.0135 4740 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:22:54.0135 4740 EpsonBidirectionalService - ok
19:22:54.0198 4740 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:22:54.0198 4740 EraserUtilRebootDrv - ok
19:22:54.0323 4740 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:22:54.0323 4740 ErrDev - ok
19:22:54.0401 4740 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:22:54.0401 4740 EventSystem - ok
19:22:54.0619 4740 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:22:54.0635 4740 EvtEng - ok
19:22:54.0853 4740 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:22:54.0853 4740 exfat - ok
19:22:54.0915 4740 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:22:54.0915 4740 fastfat - ok
19:22:55.0056 4740 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:22:55.0071 4740 Fax - ok
19:22:55.0196 4740 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:22:55.0196 4740 fdc - ok
19:22:55.0243 4740 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:22:55.0243 4740 fdPHost - ok
19:22:55.0259 4740 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:22:55.0259 4740 FDResPub - ok
19:22:55.0290 4740 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:22:55.0290 4740 FileInfo - ok
19:22:55.0305 4740 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:22:55.0305 4740 Filetrace - ok
19:22:55.0337 4740 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:22:55.0337 4740 flpydisk - ok
19:22:55.0383 4740 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:22:55.0383 4740 FltMgr - ok
19:22:55.0493 4740 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:22:55.0508 4740 FontCache - ok
19:22:55.0571 4740 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:22:55.0571 4740 FontCache3.0.0.0 - ok
19:22:55.0633 4740 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:22:55.0633 4740 FsDepends - ok
19:22:55.0680 4740 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:22:55.0680 4740 Fs_Rec - ok
19:22:55.0742 4740 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:22:55.0742 4740 fvevol - ok
19:22:55.0773 4740 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:22:55.0773 4740 gagp30kx - ok
19:22:55.0867 4740 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:22:55.0867 4740 gpsvc - ok
19:22:55.0945 4740 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
19:22:55.0945 4740 GREGService - ok
19:22:55.0976 4740 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:22:55.0976 4740 hcw85cir - ok
19:22:56.0039 4740 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:22:56.0039 4740 HdAudAddService - ok
19:22:56.0085 4740 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:22:56.0085 4740 HDAudBus - ok
19:22:56.0101 4740 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:22:56.0117 4740 HidBatt - ok
19:22:56.0132 4740 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:22:56.0132 4740 HidBth - ok
19:22:56.0163 4740 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:22:56.0179 4740 HidIr - ok
19:22:56.0195 4740 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:22:56.0195 4740 hidserv - ok
19:22:56.0241 4740 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:22:56.0241 4740 HidUsb - ok
19:22:56.0288 4740 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:22:56.0288 4740 hkmsvc - ok
19:22:56.0319 4740 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:22:56.0319 4740 HomeGroupListener - ok
19:22:56.0366 4740 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:22:56.0366 4740 HomeGroupProvider - ok
19:22:56.0397 4740 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:22:56.0397 4740 HpSAMD - ok
19:22:56.0475 4740 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:22:56.0491 4740 HTTP - ok
19:22:56.0507 4740 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:22:56.0507 4740 hwpolicy - ok
19:22:56.0553 4740 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:22:56.0553 4740 i8042prt - ok
19:22:56.0631 4740 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
19:22:56.0631 4740 iaStor - ok
19:22:56.0741 4740 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:22:56.0741 4740 IAStorDataMgrSvc - ok
19:22:56.0834 4740 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:22:56.0834 4740 iaStorV - ok
19:22:56.0975 4740 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:22:56.0990 4740 idsvc - ok
19:22:57.0193 4740 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120728.001\IDSvia64.sys
19:22:57.0209 4740 IDSVia64 - ok
19:22:58.0238 4740 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:22:58.0488 4740 igfx - ok
19:22:58.0613 4740 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:22:58.0613 4740 iirsp - ok
19:22:58.0706 4740 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:22:58.0706 4740 IKEEXT - ok
19:22:58.0987 4740 IntcAzAudAddService (b60accd29f8fafc4a6344cd2bd5ca3a5) C:\Windows\system32\drivers\RTKVHD64.sys
19:22:59.0003 4740 IntcAzAudAddService - ok
19:22:59.0143 4740 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:22:59.0143 4740 IntcDAud - ok
19:22:59.0174 4740 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:22:59.0174 4740 intelide - ok
19:22:59.0205 4740 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:22:59.0205 4740 intelppm - ok
19:22:59.0252 4740 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:22:59.0252 4740 IPBusEnum - ok
19:22:59.0268 4740 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:22:59.0268 4740 IpFilterDriver - ok
19:22:59.0346 4740 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:22:59.0346 4740 iphlpsvc - ok
19:22:59.0377 4740 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:22:59.0377 4740 IPMIDRV - ok
19:22:59.0393 4740 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:22:59.0393 4740 IPNAT - ok
19:22:59.0408 4740 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:22:59.0408 4740 IRENUM - ok
19:22:59.0424 4740 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:22:59.0424 4740 isapnp - ok
19:22:59.0486 4740 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:22:59.0486 4740 iScsiPrt - ok
19:22:59.0549 4740 k57nd60a (0469bff65bbdee9e46d0c45ee32a08bd) C:\Windows\system32\DRIVERS\k57nd60a.sys
19:22:59.0549 4740 k57nd60a - ok
19:22:59.0580 4740 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:22:59.0580 4740 kbdclass - ok
19:22:59.0611 4740 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:22:59.0611 4740 kbdhid - ok
19:22:59.0642 4740 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:22:59.0642 4740 KeyIso - ok
19:22:59.0689 4740 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
19:22:59.0689 4740 KSecDD - ok
19:22:59.0705 4740 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
19:22:59.0720 4740 KSecPkg - ok
19:22:59.0767 4740 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:22:59.0767 4740 ksthunk - ok
19:22:59.0829 4740 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:22:59.0829 4740 KtmRm - ok
19:22:59.0892 4740 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:22:59.0892 4740 LanmanServer - ok
19:22:59.0923 4740 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:22:59.0923 4740 LanmanWorkstation - ok
19:23:00.0032 4740 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
19:23:00.0048 4740 Live Updater Service - ok
19:23:00.0063 4740 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:23:00.0079 4740 lltdio - ok
19:23:00.0126 4740 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:23:00.0126 4740 lltdsvc - ok
19:23:00.0157 4740 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:23:00.0157 4740 lmhosts - ok
19:23:00.0266 4740 LMS (d7e0bed3ea21d7bddd410ade51708d90) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:23:00.0282 4740 LMS - ok
19:23:00.0329 4740 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:23:00.0329 4740 LSI_FC - ok
19:23:00.0344 4740 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:23:00.0344 4740 LSI_SAS - ok
19:23:00.0360 4740 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:23:00.0360 4740 LSI_SAS2 - ok
19:23:00.0407 4740 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:23:00.0407 4740 LSI_SCSI - ok
19:23:00.0438 4740 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:23:00.0438 4740 luafv - ok
19:23:00.0469 4740 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:23:00.0469 4740 Mcx2Svc - ok
19:23:00.0485 4740 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:23:00.0485 4740 megasas - ok
19:23:00.0531 4740 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:23:00.0547 4740 MegaSR - ok
19:23:00.0594 4740 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:23:00.0594 4740 MEIx64 - ok
19:23:00.0687 4740 Microsoft SharePoint Workspace Audit Service - ok
19:23:00.0734 4740 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:23:00.0734 4740 MMCSS - ok
19:23:00.0750 4740 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:23:00.0750 4740 Modem - ok
19:23:00.0797 4740 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:23:00.0797 4740 monitor - ok
19:23:00.0843 4740 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
19:23:00.0843 4740 mouclass - ok
19:23:00.0890 4740 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:23:00.0890 4740 mouhid - ok
19:23:00.0906 4740 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:23:00.0906 4740 mountmgr - ok
19:23:00.0984 4740 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:23:00.0984 4740 MozillaMaintenance - ok
19:23:01.0031 4740 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:23:01.0031 4740 mpio - ok
19:23:01.0046 4740 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:23:01.0062 4740 mpsdrv - ok
19:23:01.0140 4740 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:23:01.0140 4740 MpsSvc - ok
19:23:01.0171 4740 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:23:01.0187 4740 MRxDAV - ok
19:23:01.0218 4740 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:23:01.0218 4740 mrxsmb - ok
19:23:01.0249 4740 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:23:01.0265 4740 mrxsmb10 - ok
19:23:01.0280 4740 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:23:01.0280 4740 mrxsmb20 - ok
19:23:01.0311 4740 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:23:01.0311 4740 msahci - ok
19:23:01.0327 4740 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:23:01.0327 4740 msdsm - ok
19:23:01.0358 4740 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:23:01.0374 4740 MSDTC - ok
19:23:01.0374 4740 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:23:01.0374 4740 Msfs - ok
19:23:01.0405 4740 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:23:01.0421 4740 mshidkmdf - ok
19:23:01.0421 4740 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:23:01.0421 4740 msisadrv - ok
19:23:01.0467 4740 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:23:01.0467 4740 MSiSCSI - ok
19:23:01.0467 4740 msiserver - ok
19:23:01.0499 4740 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:23:01.0499 4740 MSKSSRV - ok
19:23:01.0514 4740 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:23:01.0514 4740 MSPCLOCK - ok
19:23:01.0514 4740 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:23:01.0514 4740 MSPQM - ok
19:23:01.0561 4740 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:23:01.0561 4740 MsRPC - ok
19:23:01.0577 4740 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:23:01.0577 4740 mssmbios - ok
19:23:01.0608 4740 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:23:01.0608 4740 MSTEE - ok
19:23:01.0623 4740 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:23:01.0623 4740 MTConfig - ok
19:23:01.0639 4740 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:23:01.0639 4740 Mup - ok
19:23:01.0748 4740 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:23:01.0748 4740 MyWiFiDHCPDNS - ok
19:23:01.0889 4740 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Security Suite\Engine\6.2.1.5\ccSvcHst.exe
19:23:01.0904 4740 N360 - ok
19:23:01.0967 4740 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:23:01.0982 4740 napagent - ok
19:23:02.0045 4740 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:23:02.0045 4740 NativeWifiP - ok
19:23:02.0170 4740 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
19:23:02.0170 4740 NAUpdate - ok
19:23:02.0341 4740 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120731.002\ENG64.SYS
19:23:02.0341 4740 NAVENG - ok
19:23:02.0513 4740 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120731.002\EX64.SYS
19:23:02.0528 4740 NAVEX15 - ok
19:23:02.0716 4740 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:23:02.0731 4740 NDIS - ok
19:23:02.0747 4740 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:23:02.0762 4740 NdisCap - ok
19:23:02.0778 4740 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:23:02.0778 4740 NdisTapi - ok
19:23:02.0809 4740 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:23:02.0809 4740 Ndisuio - ok
19:23:02.0840 4740 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:23:02.0840 4740 NdisWan - ok
19:23:02.0856 4740 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:23:02.0856 4740 NDProxy - ok
19:23:02.0903 4740 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:23:02.0903 4740 NetBIOS - ok
19:23:02.0950 4740 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:23:02.0950 4740 NetBT - ok
19:23:02.0965 4740 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:23:02.0965 4740 Netlogon - ok
19:23:03.0043 4740 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:23:03.0043 4740 Netman - ok
19:23:03.0074 4740 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:23:03.0090 4740 netprofm - ok
19:23:03.0152 4740 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:23:03.0152 4740 NetTcpPortSharing - ok
19:23:03.0839 4740 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
19:23:04.0010 4740 NETwNs64 - ok
19:23:04.0135 4740 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:23:04.0135 4740 nfrd960 - ok
19:23:04.0198 4740 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:23:04.0198 4740 NlaSvc - ok
19:23:04.0229 4740 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:23:04.0229 4740 Npfs - ok
19:23:04.0260 4740 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:23:04.0260 4740 nsi - ok
19:23:04.0276 4740 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:23:04.0276 4740 nsiproxy - ok
19:23:04.0447 4740 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:23:04.0478 4740 Ntfs - ok
19:23:04.0603 4740 NTI IScheduleSvc (773eed20bbf50809437373c0285bfa5e) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
19:23:04.0603 4740 NTI IScheduleSvc - ok
19:23:04.0744 4740 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
19:23:04.0744 4740 NTIDrvr - ok
19:23:04.0759 4740 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:23:04.0759 4740 Null - ok
19:23:04.0822 4740 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:23:04.0822 4740 nvraid - ok
19:23:04.0853 4740 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:23:04.0853 4740 nvstor - ok
19:23:04.0900 4740 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:23:04.0900 4740 nv_agp - ok
19:23:04.0915 4740 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:23:04.0915 4740 ohci1394 - ok
19:23:04.0993 4740 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:23:04.0993 4740 ose - ok
19:23:05.0399 4740 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:23:05.0492 4740 osppsvc - ok
19:23:05.0633 4740 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:23:05.0633 4740 p2pimsvc - ok
19:23:05.0680 4740 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:23:05.0680 4740 p2psvc - ok
19:23:05.0758 4740 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:23:05.0758 4740 Parport - ok
19:23:05.0789 4740 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:23:05.0789 4740 partmgr - ok
19:23:05.0836 4740 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:23:05.0836 4740 PcaSvc - ok
19:23:05.0882 4740 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:23:05.0882 4740 pci - ok
19:23:05.0898 4740 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:23:05.0898 4740 pciide - ok
19:23:05.0929 4740 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:23:05.0945 4740 pcmcia - ok
19:23:05.0976 4740 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:23:05.0976 4740 pcw - ok
19:23:06.0038 4740 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:23:06.0038 4740 PEAUTH - ok
19:23:06.0132 4740 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:23:06.0132 4740 PerfHost - ok
19:23:06.0288 4740 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:23:06.0304 4740 pla - ok
19:23:06.0366 4740 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:23:06.0366 4740 PlugPlay - ok
19:23:06.0397 4740 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:23:06.0397 4740 PNRPAutoReg - ok
19:23:06.0444 4740 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:23:06.0444 4740 PNRPsvc - ok
19:23:06.0522 4740 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:23:06.0522 4740 PolicyAgent - ok
19:23:06.0569 4740 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:23:06.0569 4740 Power - ok
19:23:06.0647 4740 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:23:06.0647 4740 PptpMiniport - ok
19:23:06.0678 4740 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:23:06.0678 4740 Processor - ok
19:23:06.0725 4740 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:23:06.0725 4740 ProfSvc - ok
19:23:06.0756 4740 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:23:06.0756 4740 ProtectedStorage - ok
19:23:06.0803 4740 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:23:06.0803 4740 Psched - ok
19:23:06.0959 4740 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:23:06.0974 4740 ql2300 - ok
19:23:07.0099 4740 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:23:07.0099 4740 ql40xx - ok
19:23:07.0130 4740 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:23:07.0146 4740 QWAVE - ok
19:23:07.0162 4740 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:23:07.0162 4740 QWAVEdrv - ok
19:23:07.0193 4740 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:23:07.0193 4740 RasAcd - ok
19:23:07.0224 4740 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:23:07.0224 4740 RasAgileVpn - ok
19:23:07.0255 4740 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:23:07.0271 4740 RasAuto - ok
19:23:07.0318 4740 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:23:07.0318 4740 Rasl2tp - ok
19:23:07.0364 4740 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:23:07.0364 4740 RasMan - ok
19:23:07.0411 4740 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:23:07.0411 4740 RasPppoe - ok
19:23:07.0442 4740 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:23:07.0442 4740 RasSstp - ok
19:23:07.0474 4740 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:23:07.0489 4740 rdbss - ok
19:23:07.0505 4740 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:23:07.0505 4740 rdpbus - ok
19:23:07.0520 4740 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:23:07.0520 4740 RDPCDD - ok
19:23:07.0536 4740 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:23:07.0536 4740 RDPENCDD - ok
19:23:07.0552 4740 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:23:07.0552 4740 RDPREFMP - ok
19:23:07.0598 4740 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:23:07.0598 4740 RDPWD - ok
19:23:07.0661 4740 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:23:07.0661 4740 rdyboost - ok
19:23:07.0817 4740 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:23:07.0817 4740 RegSrvc - ok
19:23:07.0848 4740 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:23:07.0848 4740 RemoteAccess - ok
19:23:07.0895 4740 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:23:07.0895 4740 RemoteRegistry - ok
19:23:07.0926 4740 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:23:07.0926 4740 RpcEptMapper - ok
19:23:07.0957 4740 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:23:07.0957 4740 RpcLocator - ok
19:23:08.0020 4740 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:23:08.0020 4740 RpcSs - ok
19:23:08.0098 4740 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:23:08.0098 4740 rspndr - ok
19:23:08.0129 4740 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:23:08.0129 4740 SamSs - ok
19:23:08.0160 4740 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:23:08.0160 4740 sbp2port - ok
19:23:08.0191 4740 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:23:08.0191 4740 SCardSvr - ok
19:23:08.0207 4740 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:23:08.0207 4740 scfilter - ok
19:23:08.0300 4740 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:23:08.0316 4740 Schedule - ok
19:23:08.0347 4740 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:23:08.0347 4740 SCPolicySvc - ok
19:23:08.0394 4740 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
19:23:08.0394 4740 sdbus - ok
19:23:08.0425 4740 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:23:08.0425 4740 SDRSVC - ok
19:23:08.0456 4740 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:23:08.0456 4740 secdrv - ok
19:23:08.0488 4740 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:23:08.0488 4740 seclogon - ok
19:23:08.0503 4740 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:23:08.0503 4740 SENS - ok
19:23:08.0519 4740 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:23:08.0519 4740 SensrSvc - ok
19:23:08.0534 4740 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:23:08.0534 4740 Serenum - ok
19:23:08.0566 4740 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:23:08.0566 4740 Serial - ok
19:23:08.0581 4740 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:23:08.0581 4740 sermouse - ok
19:23:08.0612 4740 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:23:08.0628 4740 SessionEnv - ok
19:23:08.0644 4740 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:23:08.0644 4740 sffdisk - ok
19:23:08.0644 4740 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:23:08.0644 4740 sffp_mmc - ok
19:23:08.0659 4740 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:23:08.0659 4740 sffp_sd - ok
19:23:08.0659 4740 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:23:08.0659 4740 sfloppy - ok
19:23:08.0706 4740 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:23:08.0722 4740 SharedAccess - ok
19:23:08.0768 4740 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:23:08.0768 4740 ShellHWDetection - ok
19:23:08.0800 4740 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:23:08.0800 4740 SiSRaid2 - ok
19:23:08.0815 4740 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:23:08.0815 4740 SiSRaid4 - ok
19:23:08.0878 4740 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:23:08.0878 4740 SkypeUpdate - ok
19:23:08.0909 4740 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:23:08.0909 4740 Smb - ok
19:23:08.0971 4740 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:23:08.0971 4740 SNMPTRAP - ok
19:23:08.0987 4740 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:23:08.0987 4740 spldr - ok
19:23:09.0034 4740 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:23:09.0034 4740 Spooler - ok
19:23:09.0221 4740 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:23:09.0268 4740 sppsvc - ok
19:23:09.0361 4740 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:23:09.0377 4740 sppuinotify - ok
19:23:09.0533 4740 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\N360x64\0602010.005\SRTSP64.SYS
19:23:09.0533 4740 SRTSP - ok
19:23:09.0548 4740 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
19:23:09.0548 4740 SRTSPX - ok
19:23:09.0611 4740 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:23:09.0611 4740 srv - ok
19:23:09.0658 4740 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:23:09.0658 4740 srv2 - ok
19:23:09.0689 4740 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:23:09.0689 4740 srvnet - ok
19:23:09.0751 4740 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:23:09.0751 4740 SSDPSRV - ok
19:23:09.0767 4740 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:23:09.0767 4740 SstpSvc - ok
19:23:09.0782 4740 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:23:09.0782 4740 stexstor - ok
19:23:09.0876 4740 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:23:09.0876 4740 stisvc - ok
19:23:09.0892 4740 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:23:09.0892 4740 swenum - ok
19:23:09.0970 4740 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:23:09.0970 4740 swprv - ok
19:23:10.0063 4740 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
19:23:10.0079 4740 SymDS - ok
19:23:10.0157 4740 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
19:23:10.0172 4740 SymEFA - ok
19:23:10.0219 4740 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
19:23:10.0219 4740 SymEvent - ok
19:23:10.0266 4740 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
19:23:10.0266 4740 SymIRON - ok
19:23:10.0313 4740 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\N360x64\0602010.005\SYMNETS.SYS
19:23:10.0313 4740 SymNetS - ok
19:23:10.0469 4740 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
19:23:10.0469 4740 SynTP - ok
19:23:10.0734 4740 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:23:10.0750 4740 SysMain - ok
19:23:10.0874 4740 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:23:10.0874 4740 TabletInputService - ok
19:23:10.0921 4740 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:23:10.0921 4740 TapiSrv - ok
19:23:10.0937 4740 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:23:10.0937 4740 TBS - ok
19:23:11.0155 4740 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:23:11.0171 4740 Tcpip - ok
19:23:11.0452 4740 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:23:11.0452 4740 TCPIP6 - ok
19:23:11.0576 4740 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:23:11.0576 4740 tcpipreg - ok
19:23:11.0608 4740 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:23:11.0608 4740 TDPIPE - ok
19:23:11.0623 4740 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:23:11.0639 4740 TDTCP - ok
19:23:11.0686 4740 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:23:11.0686 4740 tdx - ok
19:23:11.0686 4740 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:23:11.0686 4740 TermDD - ok
19:23:11.0779 4740 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:23:11.0779 4740 TermService - ok
19:23:11.0810 4740 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:23:11.0810 4740 Themes - ok
19:23:11.0842 4740 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:23:11.0842 4740 THREADORDER - ok
19:23:11.0873 4740 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:23:11.0873 4740 TrkWks - ok
19:23:11.0920 4740 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:23:11.0920 4740 TrustedInstaller - ok
19:23:11.0951 4740 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:23:11.0951 4740 tssecsrv - ok
19:23:11.0982 4740 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:23:11.0982 4740 TsUsbFlt - ok
19:23:11.0982 4740 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:23:11.0982 4740 TsUsbGD - ok
19:23:12.0029 4740 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:23:12.0029 4740 tunnel - ok
19:23:12.0076 4740 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
19:23:12.0076 4740 TurboB - ok
19:23:12.0138 4740 TurboBoost (759f59e3ea3802ff23f93dcdb6fe9171) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:23:12.0138 4740 TurboBoost - ok
19:23:12.0154 4740 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:23:12.0169 4740 uagp35 - ok
19:23:12.0185 4740 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
19:23:12.0185 4740 UBHelper - ok
19:23:12.0232 4740 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:23:12.0232 4740 udfs - ok
19:23:12.0278 4740 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:23:12.0278 4740 UI0Detect - ok
19:23:12.0310 4740 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:23:12.0325 4740 uliagpkx - ok
19:23:12.0341 4740 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:23:12.0341 4740 umbus - ok
19:23:12.0372 4740 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:23:12.0372 4740 UmPass - ok
19:23:12.0668 4740 UNS (a678e5ddd974903dd71f503bdcaca218) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:23:12.0684 4740 UNS - ok
19:23:12.0840 4740 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:23:12.0856 4740 upnphost - ok
19:23:12.0902 4740 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:23:12.0918 4740 usbccgp - ok
19:23:12.0949 4740 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:23:12.0949 4740 usbcir - ok
19:23:12.0980 4740 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:23:12.0980 4740 usbehci - ok
19:23:13.0027 4740 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:23:13.0027 4740 usbhub - ok
19:23:13.0043 4740 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:23:13.0043 4740 usbohci - ok
19:23:13.0074 4740 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:23:13.0074 4740 usbprint - ok
19:23:13.0121 4740 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:23:13.0121 4740 usbscan - ok
19:23:13.0152 4740 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:23:13.0152 4740 USBSTOR - ok
19:23:13.0168 4740 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:23:13.0168 4740 usbuhci - ok
19:23:13.0230 4740 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:23:13.0230 4740 usbvideo - ok
19:23:13.0261 4740 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:23:13.0261 4740 UxSms - ok
19:23:13.0292 4740 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:23:13.0292 4740 VaultSvc - ok
19:23:13.0324 4740 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:23:13.0324 4740 vdrvroot - ok
19:23:13.0386 4740 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:23:13.0402 4740 vds - ok
19:23:13.0417 4740 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:23:13.0417 4740 vga - ok
19:23:13.0433 4740 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:23:13.0433 4740 VgaSave - ok
19:23:13.0464 4740 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:23:13.0464 4740 vhdmp - ok
19:23:13.0495 4740 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:23:13.0495 4740 viaide - ok
19:23:13.0526 4740 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:23:13.0526 4740 volmgr - ok
19:23:13.0558 4740 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:23:13.0573 4740 volmgrx - ok
19:23:13.0604 4740 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:23:13.0604 4740 volsnap - ok
19:23:13.0651 4740 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:23:13.0651 4740 vsmraid - ok
19:23:13.0807 4740 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:23:13.0823 4740 VSS - ok
19:23:13.0948 4740 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:23:13.0948 4740 vwifibus - ok
19:23:13.0963 4740 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:23:13.0963 4740 vwififlt - ok
19:23:13.0994 4740 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:23:13.0994 4740 vwifimp - ok
19:23:14.0057 4740 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:23:14.0057 4740 W32Time - ok
19:23:14.0088 4740 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:23:14.0088 4740 WacomPen - ok
19:23:14.0135 4740 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:23:14.0135 4740 WANARP - ok
19:23:14.0135 4740 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:23:14.0135 4740 Wanarpv6 - ok
19:23:14.0306 4740 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:23:14.0306 4740 WatAdminSvc - ok
19:23:14.0494 4740 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:23:14.0509 4740 wbengine - ok
19:23:14.0634 4740 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:23:14.0634 4740 WbioSrvc - ok
19:23:14.0681 4740 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:23:14.0681 4740 wcncsvc - ok
19:23:14.0712 4740 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:23:14.0712 4740 WcsPlugInService - ok
19:23:14.0774 4740 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:23:14.0774 4740 Wd - ok
19:23:14.0837 4740 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:23:14.0852 4740 Wdf01000 - ok
19:23:14.0868 4740 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:23:14.0868 4740 WdiServiceHost - ok
19:23:14.0868 4740 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:23:14.0868 4740 WdiSystemHost - ok
19:23:14.0915 4740 wdkmd (5e1640435dd54d00451156ca5340b109) C:\Windows\system32\DRIVERS\WDKMD.sys
19:23:14.0915 4740 wdkmd - ok
19:23:14.0962 4740 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:23:14.0962 4740 WebClient - ok
19:23:14.0993 4740 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:23:14.0993 4740 Wecsvc - ok
19:23:15.0008 4740 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:23:15.0008 4740 wercplsupport - ok
19:23:15.0055 4740 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:23:15.0055 4740 WerSvc - ok
19:23:15.0086 4740 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:23:15.0086 4740 WfpLwf - ok
19:23:15.0102 4740 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:23:15.0102 4740 WIMMount - ok
19:23:15.0164 4740 WinDefend - ok
19:23:15.0164 4740 WinHttpAutoProxySvc - ok
19:23:15.0242 4740 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:23:15.0242 4740 Winmgmt - ok
19:23:15.0445 4740 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:23:15.0461 4740 WinRM - ok
19:23:15.0648 4740 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:23:15.0664 4740 Wlansvc - ok
19:23:15.0757 4740 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:23:15.0757 4740 wlcrasvc - ok
19:23:15.0991 4740 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:23:15.0991 4740 wlidsvc - ok
19:23:16.0100 4740 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:23:16.0100 4740 WmiAcpi - ok
19:23:16.0163 4740 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:23:16.0163 4740 wmiApSrv - ok
19:23:16.0225 4740 WMPNetworkSvc - ok
19:23:16.0241 4740 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:23:16.0256 4740 WPCSvc - ok
19:23:16.0272 4740 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:23:16.0272 4740 WPDBusEnum - ok
19:23:16.0303 4740 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:23:16.0303 4740 ws2ifsl - ok
19:23:16.0350 4740 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:23:16.0350 4740 wscsvc - ok
19:23:16.0350 4740 WSearch - ok
19:23:16.0568 4740 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:23:16.0584 4740 wuauserv - ok
19:23:16.0709 4740 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:23:16.0709 4740 WudfPf - ok
19:23:16.0756 4740 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:23:16.0756 4740 WUDFRd - ok
19:23:16.0802 4740 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:23:16.0802 4740 wudfsvc - ok
19:23:16.0834 4740 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:23:16.0834 4740 WwanSvc - ok
19:23:16.0880 4740 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
19:23:17.0021 4740 \Device\Harddisk1\DR1 - ok
19:23:17.0036 4740 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:23:17.0551 4740 \Device\Harddisk0\DR0 - ok
19:23:17.0551 4740 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
19:23:17.0692 4740 \Device\Harddisk1\DR1 - ok
19:23:17.0692 4740 Boot (0x1200) (a060651e14d7ad27e085217ce177f190) \Device\Harddisk1\DR1\Partition0
19:23:17.0692 4740 \Device\Harddisk1\DR1\Partition0 - ok
19:23:17.0723 4740 Boot (0x1200) (6ec1ec29af4014fd2431163a613933ae) \Device\Harddisk0\DR0\Partition0
19:23:17.0723 4740 \Device\Harddisk0\DR0\Partition0 - ok
19:23:17.0738 4740 Boot (0x1200) (f619d11561abe10f20a38e67992f22e4) \Device\Harddisk0\DR0\Partition1
19:23:17.0738 4740 \Device\Harddisk0\DR0\Partition1 - ok
19:23:17.0738 4740 Boot (0x1200) (a060651e14d7ad27e085217ce177f190) \Device\Harddisk1\DR1\Partition0
19:23:17.0738 4740 \Device\Harddisk1\DR1\Partition0 - ok
19:23:17.0738 4740 ============================================================
19:23:17.0738 4740 Scan finished
19:23:17.0738 4740 ============================================================
19:23:17.0738 2928 Detected object count: 0
19:23:17.0738 2928 Actual detected object count: 0
19:24:28.0979 6364 Deinitialize success






swMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-31 19:24:59
-----------------------------
19:24:59.703 OS Version: Windows x64 6.1.7601 Service Pack 1
19:24:59.703 Number of processors: 4 586 0x2A07
19:24:59.703 ComputerName: UserName:
19:25:01.232 Initialize success
19:25:28.113 AVAST engine defs: 12073102
19:25:33.027 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:25:33.043 Disk 0 Vendor: Hitachi_ JE3O Size: 476940MB BusType: 3
19:25:33.059 Disk 1 \Device\Harddisk1\DR1 -> \Device\Scsi\bScsiSDa1Port1Path0Target0Lun0
19:25:33.059 Disk 1 Vendor: Broadcom 0001 Size: 3860MB BusType: 1
19:25:33.074 Disk 0 MBR read successfully
19:25:33.074 Disk 0 MBR scan
19:25:33.074 Disk 0 Windows 7 default MBR code
19:25:33.090 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
19:25:33.105 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
19:25:33.121 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461478 MB offset 31664128
19:25:33.137 Disk 0 scanning C:\Windows\system32\drivers
19:25:41.997 Service scanning
19:26:09.469 Modules scanning
19:26:09.469 Disk 0 trace - called modules:
19:26:09.500 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
19:26:09.500 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80068eb060]
19:26:09.500 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a18050]
19:26:10.702 AVAST engine scan C:\Windows
19:26:13.978 AVAST engine scan C:\Windows\system32
19:28:50.789 AVAST engine scan C:\Windows\system32\drivers
19:29:11.319 AVAST engine scan C:\Users\Ryan
19:30:09.273 Disk 0 MBR has been saved successfully to "C:\Users\Ryan\Documents\MBR.dat"
19:30:09.273 The log file has been saved successfully to "C:\Users\Ryan\Documents\aswMBR.txt"







ESET Online Scanner found 0 infected files



Hope this helps.

Ryan

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:47 PM

Posted 31 July 2012 - 07:12 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 ronchable2

ronchable2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 31 July 2012 - 07:50 PM

MalwareBytes came back with a clean log on the first run



MiniToolBox by Farbar Version: 23-07-2012
Ran by Ryan (administrator) on 31-07-2012 at 20:43:14
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6205 = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Ryan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : A0-88-B4-22-ED-69
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : A0-88-B4-22-ED-69
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . : A0-88-B4-22-ED-68
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7c27:f7a0:e9b:c711%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, July 31, 2012 4:04:40 PM
Lease Expires . . . . . . . . . . : Tuesday, August 07, 2012 7:15:49 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 312510644
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-9A-58-89-B8-70-F4-9A-05-E8
DNS Servers . . . . . . . . . . . : 192.168.2.1
192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : B8-70-F4-9A-05-E8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7E691ECA-6E1D-40EC-894B-96F71BB3727F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:34be:31dc:b81c:c291(Preferred)
Link-local IPv6 Address . . . . . : fe80::34be:31dc:b81c:c291%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{5F531002-EF1C-429A-96CC-96E6384F2EF0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BBEA6B2E-1BED-45AC-B46A-6C917F5A67EA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{21B67E37-5467-4C19-97F4-F54356EBD420}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 2607:f8b0:4004:802::1003
74.125.228.66
74.125.228.65
74.125.228.73
74.125.228.64
74.125.228.71
74.125.228.72
74.125.228.70
74.125.228.68
74.125.228.78
74.125.228.69
74.125.228.67


Pinging google.com [74.125.228.67] with 32 bytes of data:
Reply from 74.125.228.67: bytes=32 time=27ms TTL=55
Reply from 74.125.228.67: bytes=32 time=31ms TTL=55

Ping statistics for 74.125.228.67:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 27ms, Maximum = 31ms, Average = 29ms
Server: SMCWBR14S-N4.ralinktech.com
Address: 192.168.2.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=198ms TTL=50
Reply from 72.30.38.140: bytes=32 time=217ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 198ms, Maximum = 217ms, Average = 207ms
Server: SMCWBR14S-N4.ralinktech.com
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...a0 88 b4 22 ed 69 ......Microsoft Virtual WiFi Miniport Adapter #2
13...a0 88 b4 22 ed 69 ......Microsoft Virtual WiFi Miniport Adapter
12...a0 88 b4 22 ed 68 ......Intel® Centrino® Advanced-N 6205
11...b8 70 f4 9a 05 e8 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.102 281
192.168.2.102 255.255.255.255 On-link 192.168.2.102 281
192.168.2.255 255.255.255.255 On-link 192.168.2.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:9d38:953c:34be:31dc:b81c:c291/128
On-link
12 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::34be:31dc:b81c:c291/128
On-link
12 281 fe80::7c27:f7a0:e9b:c711/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/31/2012 07:30:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/31/2012 07:30:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/31/2012 04:04:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 09:05:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 08:59:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 08:55:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2012 02:09:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (07/26/2012 08:56:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: Skype.exe, version: 5.8.0.158, time stamp: 0x4f4de709
Faulting module name: Skype.exe, version: 5.8.0.158, time stamp: 0x4f4de709
Exception code: 0xc0000005
Fault offset: 0x00f3a683
Faulting process id: 0xf50
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3

Error: (07/26/2012 08:54:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 07:33:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/31/2012 08:13:11 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer RACHEL-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5F531002-EF1C-429A-96CC-96E6384F2EF0}.
The master browser is stopping or an election is being forced.

Error: (07/31/2012 05:53:42 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer RACHEL-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5F531002-EF1C-429A-96CC-96E6384F2EF0}.
The master browser is stopping or an election is being forced.

Error: (07/31/2012 05:02:30 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer RACHEL-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5F531002-EF1C-429A-96CC-96E6384F2EF0}.
The master browser is stopping or an election is being forced.

Error: (07/31/2012 04:14:28 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer RACHEL-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5F531002-EF1C-429A-96CC-96E6384F2EF0}.
The master browser is stopping or an election is being forced.

Error: (07/31/2012 04:03:19 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/31/2012 04:03:19 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/31/2012 04:03:19 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/31/2012 04:02:41 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/31/2012 04:02:41 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/31/2012 04:02:41 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (07/31/2012 07:30:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ryan\Downloads\esetsmartinstaller_enu.exe

Error: (07/31/2012 07:30:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ryan\Downloads\esetsmartinstaller_enu.exe

Error: (07/31/2012 04:04:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 09:05:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 08:59:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 08:55:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2012 02:09:15 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/26/2012 08:56:03 PM) (Source: Application Error)(User: )
Description: Skype.exe5.8.0.1584f4de709Skype.exe5.8.0.1584f4de709c000000500f3a683f5001cd6b9273256befC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exed621ad88-d785-11e1-ae81-b870f49a05e8

Error: (07/26/2012 08:54:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 07:33:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Reader 9.5.1 MUI (Version: 9.5.1)
Any Video Converter 3.3.9
Backup Manager V3 (Version: 3.0.0.85)
Best Buy pc app (Version: 3.2.0.0)
Broadcom Card Reader Driver Installer (Version: 14.6.1.2)
Broadcom Gigabit NetLink Controller (Version: 14.6.1.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
CyberLink PowerDVD 10 (Version: 10.0.2531.52)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Epson FAX Utility (Version: 1.10.00)
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 320 Series Printer Uninstall
EpsonNet Print (Version: 2.4j)
EpsonNet Setup 3.3 (Version: 3.3b)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Gateway MyBackup (Version: 3.0.0.85)
Gateway Power Management (Version: 6.00.3006)
Gateway Recovery Management (Version: 5.00.3004)
Gateway Registration (Version: 1.03.3004)
Gateway ScreenSaver (Version: 1.1.1022.2010)
Gateway Social Networks (Version: 2.0.2211)
Gateway Updater (Version: 1.02.3005)
HomeMedia (Version: 2.0.8520)
Identity Card (Version: 1.00.3006)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.1000)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.0.82.0)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.29.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 5.1.4)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Research AutoCollage 2008 version 1.1 (Version: 1.01.2008)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.5.10000)
Nero Express 10 (Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10300)
Nero StartSmart 10 (Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (Version: 10.5.10000)
Nero Update (Version: 1.0.0018)
Norton Security Suite (Version: 6.2.1.5)
Picture Collage Maker 3.1.2
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.6329)
RealUpgrade 1.1 (Version: 1.1.0)
Skype™ 5.8 (Version: 5.8.158)
Synaptics Pointing Device Driver (Version: 15.1.6.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Video Web Camera (Version: 1.0.1523)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Welcome Center (Version: 1.02.3102)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 54%
Total physical RAM: 3947.86 MB
Available physical RAM: 1780.93 MB
Total Pagefile: 7893.91 MB
Available Pagefile: 5767.77 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.8 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:450.66 GB) (Free:400.35 GB) NTFS
3 Drive e: () (Removable) (Total:3.76 GB) (Free:2.91 GB) FAT32

========================= Users: ========================================

User accounts for \\RYAN-PC

Administrator Guest Ryan

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

11-07-2012 20:15:50 Windows Update
15-07-2012 23:00:03 Windows Backup
23-07-2012 00:19:08 Windows Backup
26-07-2012 22:21:53 Restore Operation
26-07-2012 23:41:46 Removed AVG 2012
26-07-2012 23:43:02 Removed AVG 2012
30-07-2012 01:24:36 Windows Backup
30-07-2012 22:53:51 Windows Live Essentials
30-07-2012 22:54:57 Installed DirectX
30-07-2012 22:55:10 Installed DirectX
30-07-2012 22:56:06 WLSetup

**** End of log ****








Farbar Service Scanner Version: 26-07-2012
Ran by Ryan (administrator) on 31-07-2012 at 20:46:02
Running from "C:\Users\Ryan\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****










# AdwCleaner v1.703 - Logfile created 07/31/2012 at 20:46:53
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Ryan - RYAN-PC
# Running from : C:\Users\Ryan\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\y4k5xwtw.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [789 octets] - [31/07/2012 20:46:53]

########## EOF - C:\AdwCleaner[S1].txt - [916 octets] ##########

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:47 PM

Posted 31 July 2012 - 08:28 PM

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#8 ronchable2

ronchable2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 01 August 2012 - 04:15 AM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelTBRunOnce" "" "" "c:\program files\intel\turboboost\runtbgadgetonce.vbs"
+ "IntelWireless" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "Power Management" "ePowerTray" "Acer Incorporated" "c:\program files\gateway\gateway power management\epowertray.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "BackupManagerTray" "Gateway MyBackup" "NTI Corporation" "c:\program files (x86)\nti\gateway mybackup\backupmanagertray.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "FUFAXSTM" "FAX Status Monitor" "SEIKO EPSON CORPORATION" "c:\program files (x86)\epson software\fax utility\fufaxstm.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "LManager" "Launch Manager" "Dritek System Inc." "c:\program files (x86)\launch manager\lmanager.exe"
+ "RemoteControl10" "PowerDVD RC Service" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "OfficeSyncProcess" "Microsoft Office Document Cache" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\msosync.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "WorkForce 320(Network)" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\x64\3\e_iatigja.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.2.1.5\bushell.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.2.1.5\navshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.2.1.5\bushell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.2.1.5\bushell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.2.1.5\navshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.2.1.5\bushell.dll"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.2.1.5\bushell.dll"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.2.1.5\bushell.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.2.1.5\coieplg.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.2.1.5\ips\ipsbho.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.2.1.5\coieplg.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Norton Security Suite\Norton Error Analyzer" "Symantec Error Reporting" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.2.1.5\symerr.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-223382708-1212098162-300077809-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-223382708-1212098162-300077809-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "DsiWMIService" "Dritek WMI Service" "Dritek System Inc." "c:\program files (x86)\launch manager\dsiwmis.exe"
+ "ePowerSvc" "Acer ePower Service" "Acer Incorporated" "c:\program files\gateway\gateway power management\epowersvc.exe"
+ "EpsonBidirectionalService" "eEBAPI Core Process module" "SEIKO EPSON CORPORATION" "c:\program files (x86)\common files\epson\ebapi\eebsvc.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "GREGService" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\gateway\registration\gregsvc.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "Live Updater Service" "Updater Service" "Acer Incorporated" "c:\program files\gateway\gateway updater\updaterservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "" "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "N360" "Norton Security Suite" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.2.1.5\ccsvchst.exe"
+ "NAUpdate" "Provides access to Nero application updates and manages Nero applications." "Nero AG" "c:\program files (x86)\nero\update\nasvc.exe"
+ "NTI IScheduleSvc" "NTI IShadow Manage backup/Sync jobs and etc..." "NTI Corporation" "c:\program files (x86)\nti\gateway mybackup\ischedulesvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "TurboBoost" "Intel® Turbo Boost Technology Monitor 2.0" "Intel® Corporation" "c:\program files\intel\turboboost\turboboost.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "b57xdbd" "Broadcom xD Picture Card Bus Driver" "Broadcom Corporation" "c:\windows\system32\drivers\b57xdbd.sys"
+ "b57xdmp" "Broadcom xD Picture Card Miniport Driver" "Broadcom Corporation" "c:\windows\system32\drivers\b57xdmp.sys"
+ "BHDrvx64" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\bashdefs\20120711.002\bhdrvx64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "bScsiMSa" "Broadcom Memory Stick Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bscsimsa.sys"
+ "bScsiSDa" "Broadcom SD 3.0 Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bscsisda.sys"
+ "ccSet_N360" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0602010.005\ccsetx64.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "IDSVia64" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\ipsdefs\20120728.001\idsvia64.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\virusdefs\20120731.002\eng64.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\virusdefs\20120731.002\ex64.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NewTech Infosystems, Inc." "c:\windows\system32\drivers\ntidrvr.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0602010.005\srtsp64.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0602010.005\srtspx64.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0602010.005\symds64.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0602010.005\symefa64.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent64x86.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0602010.005\ironx64.sys"
+ "SymNetS" "Network Security Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0602010.005\symnets.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TurboB" "Turbo Boost UI Monitor driver" "Intel® Corporation" "c:\windows\system32\drivers\turbob.sys"
+ "UBHelper" "NTI CDROM Filter Driver" "NewTech Infosystems Corporation" "c:\windows\system32\drivers\ubhelper.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "wdkmd" "Intel Wireless Display Solution" "Intel Corporation" "c:\windows\system32\drivers\wdkmd.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder (PDVD10)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD10)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudfx.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD10)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudiocd.ax"
+ "Cyberlink Demuxer 2.0 (PDVD10)" "CLDemuxer2" "Cyberlink" "c:\program files (x86)\cyberlink\powerdvd10\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD10)" "DigestFilter Dynamic Link Library" "" "c:\program files (x86)\cyberlink\powerdvd10\digestfilter.dll"
+ "CyberLink DVD Navigator (PDVD10)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clnavx.ax"
+ "CyberLink FLV Splitter(PDVD10)" "CyberLink FLV Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clflvsplitter.ax"
+ "CyberLink HAM Decoder (PDVD10)" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink HD/BD Mixer (PDVD10)" "CLHBMixer" " " "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD10)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clline21.ax"
+ "CyberLink Matroska Splitter(PDVD10)" "CyberLink Matroska Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clmkvsplter.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD10)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clm4splt.ax"
+ "CyberLink RealAudio Decoder(PDVD10)" "CyberLink RealMedia Audio Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter(PDVD10)" "CyberLink RealMedia Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder(PDVD10)" "CyberLink RealMedia Video Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clrmvd.ax"
+ "Cyberlink SubTitle Importor (PDVD10)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "Cyberlink SubTitle Importor 2.0 (PDVD10)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD10)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PDVD10)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\cltzan.ax"
+ "CyberLink Video Decoder (PDVD10)" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink Video/SP Decoder (PDVD10)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clvsd.ax"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Intel® Media SDK AAC Encoder" "Intel® Media SDK AAC Encoder" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_aac_enc_ds.dll"
+ "Intel® Media SDK MPEG-2 Muxer" "Intel® Media SDK MPEG-2 Muxer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_mp2_mux_ds.dll"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel® Network Filter" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\intelnet.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MainConcept MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mcmpeg2mux.ax"
+ "MainConcept Network Renderer" "Network Renderer" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_net_renderer_ds.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "EPSON WorkForce 320 Series 64MonitorBA" "EPSON Bi-directional Monitor AMD64" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_ilmgja.dll"
+ "EpsonNet Print Port" "EpsonNet Print Port Monitor DLL" "SEIKO EPSON CORPORATION" "c:\windows\system32\enppmon.dll"
"C:\Users\Ryan\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Norton 360" "Protect your computer against digital dangers." "Symantec Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Norton.Gadget\en-US\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml"

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:47 PM

Posted 01 August 2012 - 06:15 AM

Do you still have redirects? which browser?

#10 ronchable2

ronchable2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 01 August 2012 - 11:33 AM

Yes I have then on both firefox and IE

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:47 PM

Posted 01 August 2012 - 12:42 PM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#12 ronchable2

ronchable2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 01 August 2012 - 02:53 PM

I apologize, it would appear that it only re-directs in Firefox currently. Does that change the outcome or do I still need to use the advanced tools? Thanks

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:47 PM

Posted 01 August 2012 - 03:06 PM

Yes

Uninstall firefox

Makesure to checkmark Remove my personal data option

Reinstall firefox,let me know if you still have redirects

#14 ronchable2

ronchable2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 01 August 2012 - 03:40 PM

It would appear I am not getting redirected anymore. I can't believe it was just THAT simple...Thank you so much for your help. I opened a new topic as you suggested in the previous request but I will post a reply to simply close the issue and not waste their time.

THANK YOU AGAIN!!

Ryan

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:47 PM

Posted 01 August 2012 - 03:43 PM

Grt :thumbup2:

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users