Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have the pop-up ad/redirect virus


  • Please log in to reply
7 replies to this topic

#1 berowne

berowne

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 31 July 2012 - 08:46 PM

I have the pop-up ad (in lower right corner of screen) and redirect virus in IE9, Firefox, and Chrome. A lot of other users here have been reporting this one.

Help, please.

Thanks.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:14 PM

Posted 31 July 2012 - 08:57 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 berowne

berowne
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 31 July 2012 - 11:58 PM

22:35:06.0189 4964 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
22:35:06.0528 4964 ============================================================
22:35:06.0528 4964 Current date / time: 2012/07/31 22:35:06.0528
22:35:06.0528 4964 SystemInfo:
22:35:06.0528 4964
22:35:06.0528 4964 OS Version: 6.1.7601 ServicePack: 1.0
22:35:06.0528 4964 Product type: Workstation
22:35:06.0528 4964 ComputerName: OWNER-PC
22:35:06.0528 4964 UserName: owner
22:35:06.0528 4964 Windows directory: C:\Windows
22:35:06.0528 4964 System windows directory: C:\Windows
22:35:06.0528 4964 Running under WOW64
22:35:06.0528 4964 Processor architecture: Intel x64
22:35:06.0528 4964 Number of processors: 4
22:35:06.0528 4964 Page size: 0x1000
22:35:06.0528 4964 Boot type: Normal boot
22:35:06.0528 4964 ============================================================
22:35:09.0071 4964 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:35:09.0086 4964 Drive \Device\Harddisk2\DR2 - Size: 0x7A1D2200 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:35:09.0086 4964 ============================================================
22:35:09.0086 4964 \Device\Harddisk0\DR0:
22:35:09.0086 4964 MBR partitions:
22:35:09.0086 4964 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x476572B0
22:35:09.0086 4964 \Device\Harddisk2\DR2:
22:35:09.0086 4964 MBR partitions:
22:35:09.0086 4964 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x6, StartLBA 0xF5, BlocksNum 0x3D070B
22:35:09.0086 4964 ============================================================
22:35:09.0262 4964 C: <-> \Device\Harddisk0\DR0\Partition0
22:35:09.0262 4964 ============================================================
22:35:09.0262 4964 Initialize success
22:35:09.0262 4964 ============================================================
22:35:26.0929 5664 ============================================================
22:35:26.0929 5664 Scan started
22:35:26.0929 5664 Mode: Manual; TDLFS;
22:35:26.0929 5664 ============================================================
22:35:27.0241 5664 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:35:27.0257 5664 !SASCORE - ok
22:35:27.0495 5664 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:35:27.0539 5664 1394ohci - ok
22:35:27.0619 5664 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:35:27.0626 5664 ACPI - ok
22:35:27.0629 5664 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:35:27.0644 5664 AcpiPmi - ok
22:35:27.0738 5664 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
22:35:27.0753 5664 adp94xx - ok
22:35:27.0831 5664 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
22:35:27.0831 5664 adpahci - ok
22:35:27.0878 5664 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
22:35:27.0894 5664 adpu320 - ok
22:35:27.0972 5664 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:35:27.0987 5664 AeLookupSvc - ok
22:35:28.0050 5664 AFBAgent (69fd46fac0d9c4a8ecd522ac6a7481f5) C:\Windows\system32\FBAgent.exe
22:35:28.0050 5664 AFBAgent - ok
22:35:28.0206 5664 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:35:28.0237 5664 AFD - ok
22:35:28.0315 5664 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:35:28.0315 5664 agp440 - ok
22:35:28.0377 5664 AiCharger (14370049d8c9912eac7603809a77c378) C:\Windows\system32\DRIVERS\AiCharger.sys
22:35:28.0377 5664 AiCharger - ok
22:35:28.0409 5664 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:35:28.0409 5664 ALG - ok
22:35:28.0424 5664 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:35:28.0440 5664 aliide - ok
22:35:28.0440 5664 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:35:28.0440 5664 amdide - ok
22:35:28.0455 5664 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
22:35:28.0471 5664 AmdK8 - ok
22:35:28.0471 5664 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
22:35:28.0471 5664 AmdPPM - ok
22:35:28.0518 5664 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:35:28.0518 5664 amdsata - ok
22:35:28.0580 5664 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
22:35:28.0596 5664 amdsbs - ok
22:35:28.0643 5664 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:35:28.0643 5664 amdxata - ok
22:35:28.0658 5664 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:35:28.0674 5664 AppID - ok
22:35:28.0689 5664 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:35:28.0689 5664 AppIDSvc - ok
22:35:28.0705 5664 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:35:28.0721 5664 Appinfo - ok
22:35:28.0877 5664 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:35:28.0877 5664 Apple Mobile Device - ok
22:35:28.0923 5664 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
22:35:28.0923 5664 arc - ok
22:35:28.0986 5664 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
22:35:29.0001 5664 arcsas - ok
22:35:29.0095 5664 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
22:35:29.0095 5664 ASLDRService - ok
22:35:29.0235 5664 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
22:35:29.0235 5664 ASMMAP64 - ok
22:35:29.0313 5664 asmthub3 (0aa7a996792fb0287b33a57a8093ae44) C:\Windows\system32\DRIVERS\asmthub3.sys
22:35:29.0313 5664 asmthub3 - ok
22:35:29.0437 5664 asmtxhci (125dc3abf5bfccfe82ad17d078e0b9ec) C:\Windows\system32\DRIVERS\asmtxhci.sys
22:35:29.0442 5664 asmtxhci - ok
22:35:29.0547 5664 assd (06f30358a657cba22115c4368b4001f9) C:\Windows\system32\drivers\assd.sys
22:35:29.0549 5664 assd - ok
22:35:29.0574 5664 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:35:29.0576 5664 AsyncMac - ok
22:35:29.0624 5664 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:35:29.0624 5664 atapi - ok
22:35:29.0867 5664 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
22:35:29.0898 5664 athr - ok
22:35:30.0039 5664 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
22:35:30.0039 5664 ATKGFNEXSrv - ok
22:35:30.0070 5664 ATKWMIACPIIO (ac31727f9946e9009480708e4d1b9986) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
22:35:30.0070 5664 ATKWMIACPIIO - ok
22:35:30.0257 5664 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:35:30.0273 5664 AudioEndpointBuilder - ok
22:35:30.0273 5664 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:35:30.0288 5664 AudioSrv - ok
22:35:30.0320 5664 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:35:30.0320 5664 AxInstSV - ok
22:35:30.0431 5664 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
22:35:30.0447 5664 b06bdrv - ok
22:35:30.0510 5664 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:35:30.0519 5664 b57nd60a - ok
22:35:30.0630 5664 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:35:30.0661 5664 BBSvc - ok
22:35:30.0708 5664 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:35:30.0739 5664 BDESVC - ok
22:35:30.0755 5664 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:35:30.0755 5664 Beep - ok
22:35:30.0848 5664 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
22:35:30.0864 5664 BFE - ok
22:35:31.0363 5664 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.7.1.5\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
22:35:31.0385 5664 BHDrvx64 - ok
22:35:31.0598 5664 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
22:35:31.0615 5664 BITS - ok
22:35:31.0661 5664 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:35:31.0661 5664 blbdrive - ok
22:35:31.0833 5664 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:35:31.0833 5664 Bonjour Service - ok
22:35:31.0895 5664 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:35:31.0895 5664 bowser - ok
22:35:31.0942 5664 bpenum (56e4345f392f17d66683225e214840cb) C:\Windows\system32\DRIVERS\bpenum.sys
22:35:31.0942 5664 bpenum - ok
22:35:32.0020 5664 bpmp (d50b07c4d7afec4ca6ac8fcb72583c5b) C:\Windows\system32\DRIVERS\bpmp.sys
22:35:32.0020 5664 bpmp - ok
22:35:32.0098 5664 bpusb (a85ba55e4fe9cb2f342f281aaf7de810) C:\Windows\system32\Drivers\bpusb.sys
22:35:32.0129 5664 bpusb - ok
22:35:32.0192 5664 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
22:35:32.0192 5664 BrFiltLo - ok
22:35:32.0192 5664 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
22:35:32.0192 5664 BrFiltUp - ok
22:35:32.0254 5664 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:35:32.0254 5664 Browser - ok
22:35:32.0285 5664 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:35:32.0285 5664 Brserid - ok
22:35:32.0301 5664 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:35:32.0301 5664 BrSerWdm - ok
22:35:32.0301 5664 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:35:32.0301 5664 BrUsbMdm - ok
22:35:32.0332 5664 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:35:32.0332 5664 BrUsbSer - ok
22:35:32.0442 5664 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
22:35:32.0444 5664 BthEnum - ok
22:35:32.0475 5664 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
22:35:32.0478 5664 BTHMODEM - ok
22:35:32.0530 5664 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
22:35:32.0533 5664 BthPan - ok
22:35:32.0715 5664 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
22:35:32.0762 5664 BTHPORT - ok
22:35:32.0840 5664 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:35:32.0871 5664 bthserv - ok
22:35:32.0964 5664 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
22:35:32.0964 5664 BTHUSB - ok
22:35:33.0261 5664 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NAVx64\1307010.005\ccSetx64.sys
22:35:33.0261 5664 ccSet_NAV - ok
22:35:33.0513 5664 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:35:33.0517 5664 cdfs - ok
22:35:33.0563 5664 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:35:33.0576 5664 cdrom - ok
22:35:33.0882 5664 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:35:33.0882 5664 CertPropSvc - ok
22:35:34.0147 5664 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
22:35:34.0147 5664 circlass - ok
22:35:34.0428 5664 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:35:34.0483 5664 CLFS - ok
22:35:34.0827 5664 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:35:34.0858 5664 clr_optimization_v2.0.50727_32 - ok
22:35:35.0061 5664 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:35:35.0108 5664 clr_optimization_v2.0.50727_64 - ok
22:35:35.0373 5664 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:35:35.0585 5664 clr_optimization_v4.0.30319_32 - ok
22:35:35.0692 5664 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:35:35.0700 5664 clr_optimization_v4.0.30319_64 - ok
22:35:35.0740 5664 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:35:35.0740 5664 CmBatt - ok
22:35:35.0864 5664 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:35:35.0896 5664 cmdide - ok
22:35:36.0083 5664 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
22:35:36.0098 5664 CNG - ok
22:35:36.0223 5664 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
22:35:36.0223 5664 Compbatt - ok
22:35:36.0286 5664 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
22:35:36.0286 5664 CompositeBus - ok
22:35:36.0301 5664 COMSysApp - ok
22:35:36.0475 5664 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
22:35:36.0479 5664 crcdisk - ok
22:35:36.0709 5664 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
22:35:36.0710 5664 CryptSvc - ok
22:35:36.0916 5664 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:35:36.0916 5664 cvhsvc - ok
22:35:36.0966 5664 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
22:35:36.0966 5664 dc3d - ok
22:35:37.0060 5664 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:35:37.0060 5664 DcomLaunch - ok
22:35:37.0122 5664 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:35:37.0153 5664 defragsvc - ok
22:35:37.0185 5664 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:35:37.0185 5664 DfsC - ok
22:35:37.0263 5664 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:35:37.0263 5664 Dhcp - ok
22:35:37.0325 5664 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:35:37.0325 5664 discache - ok
22:35:37.0372 5664 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
22:35:37.0372 5664 Disk - ok
22:35:37.0569 5664 DMAgent (e7b489fa5b15d2fec3e52066e015b788) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
22:35:37.0572 5664 DMAgent - ok
22:35:37.0690 5664 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:35:37.0693 5664 Dnscache - ok
22:35:37.0761 5664 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:35:37.0761 5664 dot3svc - ok
22:35:37.0776 5664 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:35:37.0776 5664 DPS - ok
22:35:37.0823 5664 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:35:37.0823 5664 drmkaud - ok
22:35:38.0088 5664 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:35:38.0088 5664 DXGKrnl - ok
22:35:38.0213 5664 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:35:38.0229 5664 EapHost - ok
22:35:38.0694 5664 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
22:35:38.0778 5664 ebdrv - ok
22:35:38.0950 5664 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
22:35:38.0950 5664 eeCtrl - ok
22:35:39.0168 5664 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:35:39.0168 5664 EFS - ok
22:35:39.0308 5664 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:35:39.0340 5664 ehRecvr - ok
22:35:39.0386 5664 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:35:39.0402 5664 ehSched - ok
22:35:39.0637 5664 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
22:35:39.0659 5664 elxstor - ok
22:35:39.0664 5664 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:35:39.0679 5664 ErrDev - ok
22:35:39.0743 5664 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:35:39.0758 5664 EventSystem - ok
22:35:40.0101 5664 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:35:40.0133 5664 EvtEng - ok
22:35:40.0429 5664 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:35:40.0429 5664 exfat - ok
22:35:40.0481 5664 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:35:40.0494 5664 fastfat - ok
22:35:40.0603 5664 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:35:40.0632 5664 Fax - ok
22:35:40.0657 5664 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
22:35:40.0660 5664 fdc - ok
22:35:40.0693 5664 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:35:40.0697 5664 fdPHost - ok
22:35:40.0715 5664 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:35:40.0719 5664 FDResPub - ok
22:35:40.0775 5664 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:35:40.0775 5664 FileInfo - ok
22:35:40.0791 5664 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:35:40.0806 5664 Filetrace - ok
22:35:41.0087 5664 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:35:41.0149 5664 FLEXnet Licensing Service - ok
22:35:41.0196 5664 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
22:35:41.0196 5664 flpydisk - ok
22:35:41.0259 5664 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:35:41.0274 5664 FltMgr - ok
22:35:41.0415 5664 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:35:41.0415 5664 FontCache - ok
22:35:41.0511 5664 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:35:41.0513 5664 FontCache3.0.0.0 - ok
22:35:41.0582 5664 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:35:41.0584 5664 FsDepends - ok
22:35:41.0626 5664 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
22:35:41.0628 5664 fssfltr - ok
22:35:41.0965 5664 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:35:42.0012 5664 fsssvc - ok
22:35:42.0277 5664 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:35:42.0277 5664 Fs_Rec - ok
22:35:42.0339 5664 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:35:42.0355 5664 fvevol - ok
22:35:42.0386 5664 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
22:35:42.0386 5664 gagp30kx - ok
22:35:42.0417 5664 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:35:42.0417 5664 GEARAspiWDM - ok
22:35:42.0614 5664 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:35:42.0642 5664 gpsvc - ok
22:35:42.0741 5664 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:35:42.0741 5664 hcw85cir - ok
22:35:42.0819 5664 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:35:42.0834 5664 HdAudAddService - ok
22:35:42.0881 5664 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:35:42.0881 5664 HDAudBus - ok
22:35:42.0928 5664 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
22:35:42.0928 5664 HidBatt - ok
22:35:42.0943 5664 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
22:35:42.0943 5664 HidBth - ok
22:35:42.0990 5664 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
22:35:42.0990 5664 HidIr - ok
22:35:43.0021 5664 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:35:43.0021 5664 hidserv - ok
22:35:43.0053 5664 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:35:43.0053 5664 HidUsb - ok
22:35:43.0084 5664 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:35:43.0099 5664 hkmsvc - ok
22:35:43.0131 5664 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:35:43.0193 5664 HomeGroupListener - ok
22:35:43.0255 5664 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:35:43.0255 5664 HomeGroupProvider - ok
22:35:43.0365 5664 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:35:43.0365 5664 HpSAMD - ok
22:35:43.0474 5664 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:35:43.0500 5664 HTTP - ok
22:35:43.0524 5664 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:35:43.0524 5664 hwpolicy - ok
22:35:43.0627 5664 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
22:35:43.0630 5664 i8042prt - ok
22:35:43.0896 5664 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys
22:35:43.0896 5664 iaStor - ok
22:35:43.0974 5664 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:35:43.0974 5664 iaStorV - ok
22:35:44.0270 5664 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:35:44.0303 5664 idsvc - ok
22:35:44.0667 5664 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.7.1.5\Definitions\IPSDefs\20120731.001\IDSvia64.sys
22:35:44.0671 5664 IDSVia64 - ok
22:35:46.0393 5664 igfx (e15a809273ea164a7479d2fa64d18988) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:35:46.0640 5664 igfx - ok
22:35:46.0907 5664 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
22:35:46.0907 5664 iirsp - ok
22:35:47.0063 5664 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:35:47.0078 5664 IKEEXT - ok
22:35:47.0141 5664 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys
22:35:47.0156 5664 intaud_WaveExtensible - ok
22:35:47.0558 5664 IntcAzAudAddService (a3c9367a02b2a1fc22536add3601b64f) C:\Windows\system32\drivers\RTKVHD64.sys
22:35:47.0572 5664 IntcAzAudAddService - ok
22:35:47.0849 5664 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
22:35:47.0859 5664 IntcDAud - ok
22:35:47.0885 5664 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:35:47.0885 5664 intelide - ok
22:35:47.0916 5664 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:35:47.0916 5664 intelppm - ok
22:35:47.0978 5664 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:35:47.0978 5664 IPBusEnum - ok
22:35:48.0010 5664 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:35:48.0010 5664 IpFilterDriver - ok
22:35:48.0088 5664 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
22:35:48.0103 5664 iphlpsvc - ok
22:35:48.0103 5664 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:35:48.0119 5664 IPMIDRV - ok
22:35:48.0119 5664 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:35:48.0134 5664 IPNAT - ok
22:35:48.0431 5664 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
22:35:48.0431 5664 iPod Service - ok
22:35:48.0478 5664 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:35:48.0478 5664 IRENUM - ok
22:35:48.0493 5664 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:35:48.0493 5664 isapnp - ok
22:35:48.0561 5664 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:35:48.0567 5664 iScsiPrt - ok
22:35:48.0621 5664 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys
22:35:48.0623 5664 iwdbus - ok
22:35:48.0656 5664 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:35:48.0657 5664 kbdclass - ok
22:35:48.0684 5664 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
22:35:48.0686 5664 kbdhid - ok
22:35:48.0728 5664 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
22:35:48.0729 5664 kbfiltr - ok
22:35:48.0768 5664 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:35:48.0770 5664 KeyIso - ok
22:35:48.0821 5664 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
22:35:48.0821 5664 KSecDD - ok
22:35:48.0945 5664 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
22:35:48.0945 5664 KSecPkg - ok
22:35:48.0992 5664 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:35:48.0992 5664 ksthunk - ok
22:35:49.0117 5664 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:35:49.0133 5664 KtmRm - ok
22:35:49.0211 5664 L1C (655a5d8e80869781cce23760ada7e695) C:\Windows\system32\DRIVERS\L1C62x64.sys
22:35:49.0211 5664 L1C - ok
22:35:49.0289 5664 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
22:35:49.0304 5664 LanmanServer - ok
22:35:49.0320 5664 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:35:49.0335 5664 LanmanWorkstation - ok
22:35:49.0398 5664 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:35:49.0398 5664 lltdio - ok
22:35:49.0460 5664 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:35:49.0476 5664 lltdsvc - ok
22:35:49.0523 5664 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:35:49.0523 5664 lmhosts - ok
22:35:49.0708 5664 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:35:49.0713 5664 LMS - ok
22:35:49.0779 5664 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
22:35:49.0801 5664 LSI_FC - ok
22:35:49.0824 5664 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
22:35:49.0855 5664 LSI_SAS - ok
22:35:49.0871 5664 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
22:35:49.0871 5664 LSI_SAS2 - ok
22:35:49.0918 5664 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
22:35:49.0918 5664 LSI_SCSI - ok
22:35:49.0980 5664 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:35:49.0996 5664 luafv - ok
22:35:50.0058 5664 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
22:35:50.0058 5664 MBAMProtector - ok
22:35:50.0433 5664 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:35:50.0433 5664 MBAMService - ok
22:35:50.0622 5664 McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
22:35:50.0644 5664 McComponentHostService - ok
22:35:50.0686 5664 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:35:50.0689 5664 Mcx2Svc - ok
22:35:50.0724 5664 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
22:35:50.0728 5664 megasas - ok
22:35:50.0790 5664 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
22:35:50.0802 5664 MegaSR - ok
22:35:50.0849 5664 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
22:35:50.0849 5664 MEIx64 - ok
22:35:50.0864 5664 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:35:50.0864 5664 MMCSS - ok
22:35:50.0895 5664 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:35:50.0895 5664 Modem - ok
22:35:50.0911 5664 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:35:50.0911 5664 monitor - ok
22:35:50.0942 5664 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:35:50.0942 5664 mouclass - ok
22:35:50.0973 5664 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:35:50.0973 5664 mouhid - ok
22:35:51.0020 5664 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:35:51.0020 5664 mountmgr - ok
22:35:51.0114 5664 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:35:51.0145 5664 MozillaMaintenance - ok
22:35:51.0223 5664 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:35:51.0239 5664 mpio - ok
22:35:51.0270 5664 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:35:51.0270 5664 mpsdrv - ok
22:35:51.0379 5664 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
22:35:51.0410 5664 MpsSvc - ok
22:35:51.0441 5664 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:35:51.0441 5664 MRxDAV - ok
22:35:51.0488 5664 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:35:51.0504 5664 mrxsmb - ok
22:35:51.0576 5664 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:35:51.0580 5664 mrxsmb10 - ok
22:35:51.0609 5664 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:35:51.0612 5664 mrxsmb20 - ok
22:35:51.0651 5664 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:35:51.0652 5664 msahci - ok
22:35:51.0775 5664 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:35:51.0810 5664 msdsm - ok
22:35:51.0862 5664 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:35:51.0862 5664 MSDTC - ok
22:35:51.0894 5664 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:35:51.0894 5664 Msfs - ok
22:35:51.0909 5664 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:35:51.0925 5664 mshidkmdf - ok
22:35:51.0972 5664 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:35:51.0972 5664 msisadrv - ok
22:35:52.0034 5664 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:35:52.0050 5664 MSiSCSI - ok
22:35:52.0050 5664 msiserver - ok
22:35:52.0096 5664 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:35:52.0096 5664 MSKSSRV - ok
22:35:52.0096 5664 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:35:52.0096 5664 MSPCLOCK - ok
22:35:52.0112 5664 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:35:52.0112 5664 MSPQM - ok
22:35:52.0190 5664 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:35:52.0206 5664 MsRPC - ok
22:35:52.0221 5664 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
22:35:52.0237 5664 mssmbios - ok
22:35:52.0252 5664 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:35:52.0252 5664 MSTEE - ok
22:35:52.0268 5664 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
22:35:52.0268 5664 MTConfig - ok
22:35:52.0299 5664 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:35:52.0299 5664 Mup - ok
22:35:52.0587 5664 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
22:35:52.0612 5664 MyWiFiDHCPDNS - ok
22:35:52.0805 5664 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:35:52.0817 5664 napagent - ok
22:35:52.0962 5664 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:35:53.0009 5664 NativeWifiP - ok
22:35:53.0477 5664 NAV (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe
22:35:53.0492 5664 NAV - ok
22:35:53.0892 5664 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.7.1.5\Definitions\VirusDefs\20120731.002\ENG64.SYS
22:35:53.0892 5664 NAVENG - ok
22:35:54.0267 5664 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.7.1.5\Definitions\VirusDefs\20120731.002\EX64.SYS
22:35:54.0282 5664 NAVEX15 - ok
22:35:55.0004 5664 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
22:35:55.0004 5664 NDIS - ok
22:35:55.0160 5664 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:35:55.0175 5664 NdisCap - ok
22:35:55.0222 5664 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:35:55.0222 5664 NdisTapi - ok
22:35:55.0253 5664 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:35:55.0253 5664 Ndisuio - ok
22:35:55.0269 5664 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:35:55.0300 5664 NdisWan - ok
22:35:55.0425 5664 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:35:55.0456 5664 NDProxy - ok
22:35:55.0519 5664 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:35:55.0519 5664 NetBIOS - ok
22:35:55.0565 5664 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:35:55.0565 5664 NetBT - ok
22:35:55.0646 5664 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:35:55.0648 5664 Netlogon - ok
22:35:55.0740 5664 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:35:55.0746 5664 Netman - ok
22:35:55.0810 5664 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:35:55.0824 5664 netprofm - ok
22:35:56.0044 5664 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:35:56.0075 5664 NetTcpPortSharing - ok
22:35:57.0121 5664 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
22:35:57.0277 5664 NETwNs64 - ok
22:35:57.0481 5664 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
22:35:57.0481 5664 nfrd960 - ok
22:35:57.0543 5664 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:35:57.0543 5664 NlaSvc - ok
22:35:57.0559 5664 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:35:57.0559 5664 Npfs - ok
22:35:57.0590 5664 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:35:57.0590 5664 nsi - ok
22:35:57.0610 5664 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:35:57.0612 5664 nsiproxy - ok
22:35:57.0849 5664 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:35:57.0891 5664 Ntfs - ok
22:35:58.0094 5664 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:35:58.0110 5664 Null - ok
22:35:58.0172 5664 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:35:58.0219 5664 nvraid - ok
22:35:58.0235 5664 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:35:58.0250 5664 nvstor - ok
22:35:58.0297 5664 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:35:58.0297 5664 nv_agp - ok
22:35:58.0313 5664 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:35:58.0328 5664 ohci1394 - ok
22:35:58.0437 5664 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:35:58.0453 5664 ose - ok
22:35:59.0108 5664 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:35:59.0202 5664 osppsvc - ok
22:35:59.0389 5664 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:35:59.0404 5664 p2pimsvc - ok
22:35:59.0451 5664 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:35:59.0482 5664 p2psvc - ok
22:35:59.0656 5664 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
22:35:59.0663 5664 Parport - ok
22:35:59.0744 5664 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:35:59.0749 5664 partmgr - ok
22:35:59.0787 5664 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:35:59.0792 5664 PcaSvc - ok
22:35:59.0847 5664 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:35:59.0854 5664 pci - ok
22:35:59.0873 5664 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:35:59.0876 5664 pciide - ok
22:35:59.0944 5664 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
22:35:59.0960 5664 pcmcia - ok
22:35:59.0975 5664 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:35:59.0975 5664 pcw - ok
22:36:00.0194 5664 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:36:00.0256 5664 PEAUTH - ok
22:36:00.0412 5664 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:36:00.0443 5664 PerfHost - ok
22:36:00.0662 5664 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:36:00.0724 5664 pla - ok
22:36:00.0896 5664 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:36:00.0911 5664 PlugPlay - ok
22:36:00.0974 5664 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:36:00.0989 5664 PNRPAutoReg - ok
22:36:01.0052 5664 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:36:01.0052 5664 PNRPsvc - ok
22:36:01.0130 5664 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
22:36:01.0130 5664 Point64 - ok
22:36:01.0223 5664 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:36:01.0239 5664 PolicyAgent - ok
22:36:01.0301 5664 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:36:01.0301 5664 Power - ok
22:36:01.0348 5664 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:36:01.0364 5664 PptpMiniport - ok
22:36:01.0395 5664 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
22:36:01.0395 5664 Processor - ok
22:36:01.0457 5664 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
22:36:01.0457 5664 ProfSvc - ok
22:36:01.0520 5664 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:36:01.0520 5664 ProtectedStorage - ok
22:36:01.0629 5664 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:36:01.0629 5664 Psched - ok
22:36:02.0149 5664 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
22:36:02.0196 5664 ql2300 - ok
22:36:02.0492 5664 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
22:36:02.0492 5664 ql40xx - ok
22:36:02.0617 5664 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:36:02.0617 5664 QWAVE - ok
22:36:02.0648 5664 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:36:02.0664 5664 QWAVEdrv - ok
22:36:02.0664 5664 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:36:02.0664 5664 RasAcd - ok
22:36:02.0695 5664 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:36:02.0695 5664 RasAgileVpn - ok
22:36:02.0726 5664 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:36:02.0726 5664 RasAuto - ok
22:36:02.0758 5664 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:36:02.0773 5664 Rasl2tp - ok
22:36:02.0929 5664 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:36:02.0945 5664 RasMan - ok
22:36:03.0054 5664 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:36:03.0070 5664 RasPppoe - ok
22:36:03.0148 5664 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:36:03.0148 5664 RasSstp - ok
22:36:03.0272 5664 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:36:03.0288 5664 rdbss - ok
22:36:03.0304 5664 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
22:36:03.0304 5664 rdpbus - ok
22:36:03.0335 5664 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:36:03.0335 5664 RDPCDD - ok
22:36:03.0382 5664 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:36:03.0382 5664 RDPENCDD - ok
22:36:03.0413 5664 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:36:03.0413 5664 RDPREFMP - ok
22:36:03.0460 5664 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
22:36:03.0475 5664 RDPWD - ok
22:36:03.0522 5664 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:36:03.0522 5664 rdyboost - ok
22:36:03.0706 5664 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:36:03.0711 5664 RegSrvc - ok
22:36:03.0744 5664 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:36:03.0747 5664 RemoteAccess - ok
22:36:03.0785 5664 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:36:03.0793 5664 RemoteRegistry - ok
22:36:03.0870 5664 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
22:36:03.0878 5664 RFCOMM - ok
22:36:03.0914 5664 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:36:03.0916 5664 RpcEptMapper - ok
22:36:03.0974 5664 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:36:03.0974 5664 RpcLocator - ok
22:36:04.0052 5664 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:36:04.0052 5664 RpcSs - ok
22:36:04.0099 5664 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:36:04.0115 5664 rspndr - ok
22:36:04.0146 5664 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:36:04.0146 5664 SamSs - ok
22:36:04.0208 5664 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:36:04.0208 5664 SASDIFSV - ok
22:36:04.0239 5664 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:36:04.0239 5664 SASKUTIL - ok
22:36:04.0286 5664 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:36:04.0286 5664 sbp2port - ok
22:36:04.0380 5664 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:36:04.0395 5664 SCardSvr - ok
22:36:04.0411 5664 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:36:04.0411 5664 scfilter - ok
22:36:04.0567 5664 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:36:04.0583 5664 Schedule - ok
22:36:04.0629 5664 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:36:04.0629 5664 SCPolicySvc - ok
22:36:04.0676 5664 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:36:04.0706 5664 SDRSVC - ok
22:36:04.0853 5664 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:36:04.0855 5664 SeaPort - ok
22:36:04.0938 5664 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:36:04.0941 5664 secdrv - ok
22:36:05.0016 5664 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:36:05.0047 5664 seclogon - ok
22:36:05.0125 5664 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:36:05.0125 5664 SENS - ok
22:36:05.0141 5664 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:36:05.0141 5664 SensrSvc - ok
22:36:05.0172 5664 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
22:36:05.0172 5664 Serenum - ok
22:36:05.0188 5664 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
22:36:05.0203 5664 Serial - ok
22:36:05.0203 5664 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
22:36:05.0203 5664 sermouse - ok
22:36:05.0250 5664 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:36:05.0297 5664 SessionEnv - ok
22:36:05.0297 5664 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:36:05.0297 5664 sffdisk - ok
22:36:05.0328 5664 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:36:05.0328 5664 sffp_mmc - ok
22:36:05.0344 5664 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:36:05.0344 5664 sffp_sd - ok
22:36:05.0344 5664 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
22:36:05.0344 5664 sfloppy - ok
22:36:05.0531 5664 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
22:36:05.0547 5664 Sftfs - ok
22:36:05.0791 5664 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:36:05.0796 5664 sftlist - ok
22:36:05.0863 5664 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:36:05.0865 5664 Sftplay - ok
22:36:05.0928 5664 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:36:05.0931 5664 Sftredir - ok
22:36:05.0984 5664 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
22:36:05.0984 5664 Sftvol - ok
22:36:06.0046 5664 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:36:06.0046 5664 sftvsa - ok
22:36:06.0264 5664 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:36:06.0311 5664 SharedAccess - ok
22:36:06.0420 5664 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:36:06.0436 5664 ShellHWDetection - ok
22:36:06.0483 5664 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
22:36:06.0483 5664 SiSGbeLH - ok
22:36:06.0514 5664 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
22:36:06.0514 5664 SiSRaid2 - ok
22:36:06.0530 5664 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
22:36:06.0530 5664 SiSRaid4 - ok
22:36:06.0592 5664 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe
22:36:06.0608 5664 SkypeUpdate - ok
22:36:06.0623 5664 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:36:06.0623 5664 Smb - ok
22:36:06.0654 5664 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:36:06.0654 5664 SNMPTRAP - ok
22:36:06.0686 5664 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:36:06.0686 5664 spldr - ok
22:36:06.0772 5664 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:36:06.0778 5664 Spooler - ok
22:36:07.0151 5664 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:36:07.0182 5664 sppsvc - ok
22:36:07.0385 5664 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:36:07.0401 5664 sppuinotify - ok
22:36:07.0762 5664 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\system32\drivers\NAVx64\1307010.005\SRTSP64.SYS
22:36:07.0772 5664 SRTSP - ok
22:36:07.0911 5664 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NAVx64\1307010.005\SRTSPX64.SYS
22:36:07.0918 5664 SRTSPX - ok
22:36:07.0997 5664 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:36:08.0013 5664 srv - ok
22:36:08.0060 5664 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:36:08.0075 5664 srv2 - ok
22:36:08.0138 5664 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:36:08.0138 5664 srvnet - ok
22:36:08.0216 5664 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:36:08.0216 5664 SSDPSRV - ok
22:36:08.0247 5664 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:36:08.0247 5664 SstpSvc - ok
22:36:08.0262 5664 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
22:36:08.0262 5664 stexstor - ok
22:36:08.0294 5664 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
22:36:08.0294 5664 StillCam - ok
22:36:08.0403 5664 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:36:08.0403 5664 stisvc - ok
22:36:08.0418 5664 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
22:36:08.0418 5664 swenum - ok
22:36:08.0512 5664 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:36:08.0528 5664 swprv - ok
22:36:08.0983 5664 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NAVx64\1307010.005\SYMDS64.SYS
22:36:09.0003 5664 SymDS - ok
22:36:09.0611 5664 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NAVx64\1307010.005\SYMEFA64.SYS
22:36:09.0705 5664 SymEFA - ok
22:36:09.0932 5664 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
22:36:09.0934 5664 SymEvent - ok
22:36:10.0027 5664 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NAVx64\1307010.005\Ironx64.SYS
22:36:10.0027 5664 SymIRON - ok
22:36:10.0199 5664 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\system32\drivers\NAVx64\1307010.005\SYMNETS.SYS
22:36:10.0199 5664 SymNetS - ok
22:36:10.0433 5664 SynTP (7e8902f9929a5d9ffd0f545332ce0f10) C:\Windows\system32\DRIVERS\SynTP.sys
22:36:10.0449 5664 SynTP - ok
22:36:10.0979 5664 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:36:11.0010 5664 SysMain - ok
22:36:11.0197 5664 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:36:11.0197 5664 TabletInputService - ok
22:36:11.0244 5664 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:36:11.0260 5664 TapiSrv - ok
22:36:11.0275 5664 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:36:11.0291 5664 TBS - ok
22:36:11.0525 5664 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:36:11.0572 5664 Tcpip - ok
22:36:12.0024 5664 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:36:12.0040 5664 TCPIP6 - ok
22:36:12.0289 5664 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:36:12.0289 5664 tcpipreg - ok
22:36:12.0398 5664 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:36:12.0398 5664 TDPIPE - ok
22:36:12.0430 5664 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:36:12.0430 5664 TDTCP - ok
22:36:12.0476 5664 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:36:12.0476 5664 tdx - ok
22:36:12.0523 5664 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
22:36:12.0523 5664 TermDD - ok
22:36:12.0601 5664 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:36:12.0648 5664 TermService - ok
22:36:12.0695 5664 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:36:12.0695 5664 Themes - ok
22:36:12.0886 5664 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:36:12.0890 5664 THREADORDER - ok
22:36:12.0962 5664 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:36:12.0964 5664 TrkWks - ok
22:36:13.0070 5664 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:36:13.0102 5664 TrustedInstaller - ok
22:36:13.0164 5664 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:36:13.0195 5664 tssecsrv - ok
22:36:13.0226 5664 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:36:13.0226 5664 TsUsbFlt - ok
22:36:13.0258 5664 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
22:36:13.0258 5664 TsUsbGD - ok
22:36:13.0289 5664 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:36:13.0289 5664 tunnel - ok
22:36:13.0320 5664 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
22:36:13.0320 5664 TurboB - ok
22:36:13.0570 5664 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
22:36:13.0570 5664 TurboBoost - ok
22:36:13.0710 5664 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
22:36:13.0741 5664 uagp35 - ok
22:36:13.0791 5664 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:36:13.0795 5664 udfs - ok
22:36:13.0881 5664 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:36:13.0913 5664 UI0Detect - ok
22:36:13.0940 5664 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:36:13.0941 5664 uliagpkx - ok
22:36:13.0993 5664 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
22:36:13.0994 5664 umbus - ok
22:36:14.0005 5664 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
22:36:14.0006 5664 UmPass - ok
22:36:14.0490 5664 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:36:14.0506 5664 UNS - ok
22:36:14.0693 5664 Updater Service for StartNow Toolbar - ok
22:36:15.0014 5664 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:36:15.0048 5664 upnphost - ok
22:36:15.0145 5664 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
22:36:15.0285 5664 USBAAPL64 - ok
22:36:15.0472 5664 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
22:36:15.0504 5664 usbaudio - ok
22:36:15.0550 5664 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:36:15.0550 5664 usbccgp - ok
22:36:15.0628 5664 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:36:15.0644 5664 usbcir - ok
22:36:15.0660 5664 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
22:36:15.0660 5664 usbehci - ok
22:36:15.0769 5664 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:36:15.0769 5664 usbhub - ok
22:36:15.0817 5664 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:36:15.0819 5664 usbohci - ok
22:36:15.0869 5664 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:36:15.0872 5664 usbprint - ok
22:36:15.0905 5664 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:36:15.0908 5664 usbscan - ok
22:36:15.0948 5664 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:36:15.0951 5664 USBSTOR - ok
22:36:15.0982 5664 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:36:15.0986 5664 usbuhci - ok
22:36:16.0122 5664 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
22:36:16.0122 5664 usbvideo - ok
22:36:16.0154 5664 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:36:16.0154 5664 UxSms - ok
22:36:16.0232 5664 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:36:16.0310 5664 VaultSvc - ok
22:36:16.0356 5664 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:36:16.0372 5664 vdrvroot - ok
22:36:16.0528 5664 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:36:16.0528 5664 vds - ok
22:36:16.0590 5664 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:36:16.0590 5664 vga - ok
22:36:16.0622 5664 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:36:16.0622 5664 VgaSave - ok
22:36:16.0684 5664 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:36:16.0746 5664 vhdmp - ok
22:36:16.0793 5664 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:36:16.0793 5664 viaide - ok
22:36:16.0838 5664 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:36:16.0839 5664 volmgr - ok
22:36:16.0887 5664 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:36:16.0890 5664 volmgrx - ok
22:36:16.0930 5664 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
22:36:16.0932 5664 volsnap - ok
22:36:17.0011 5664 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
22:36:17.0017 5664 vsmraid - ok
22:36:17.0186 5664 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:36:17.0342 5664 VSS - ok
22:36:17.0918 5664 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:36:17.0988 5664 vwifibus - ok
22:36:18.0018 5664 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:36:18.0020 5664 vwififlt - ok
22:36:18.0108 5664 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
22:36:18.0108 5664 vwifimp - ok
22:36:18.0280 5664 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:36:18.0295 5664 W32Time - ok
22:36:18.0373 5664 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
22:36:18.0467 5664 WacomPen - ok
22:36:18.0623 5664 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:36:18.0623 5664 WANARP - ok
22:36:18.0639 5664 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:36:18.0639 5664 Wanarpv6 - ok
22:36:18.0976 5664 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:36:19.0073 5664 WatAdminSvc - ok
22:36:19.0435 5664 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:36:19.0591 5664 wbengine - ok
22:36:20.0015 5664 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:36:20.0041 5664 WbioSrvc - ok
22:36:20.0087 5664 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:36:20.0087 5664 wcncsvc - ok
22:36:20.0118 5664 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:36:20.0134 5664 WcsPlugInService - ok
22:36:20.0212 5664 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
22:36:20.0212 5664 Wd - ok
22:36:20.0305 5664 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
22:36:20.0321 5664 WDC_SAM - ok
22:36:20.0539 5664 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:36:20.0586 5664 Wdf01000 - ok
22:36:20.0617 5664 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:36:20.0617 5664 WdiServiceHost - ok
22:36:20.0617 5664 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:36:20.0617 5664 WdiSystemHost - ok
22:36:20.0727 5664 wdkmd (63ce387483e74a0bd79ee4e5eba1fd2e) C:\Windows\system32\DRIVERS\WDKMD.sys
22:36:20.0727 5664 wdkmd - ok
22:36:20.0984 5664 Web Assistant Updater (325718c52130abb9fb96a437a492d119) C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
22:36:20.0989 5664 Web Assistant Updater - ok
22:36:21.0073 5664 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:36:21.0098 5664 WebClient - ok
22:36:21.0191 5664 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:36:21.0207 5664 Wecsvc - ok
22:36:21.0269 5664 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:36:21.0269 5664 wercplsupport - ok
22:36:21.0441 5664 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:36:21.0472 5664 WerSvc - ok
22:36:21.0503 5664 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:36:21.0503 5664 WfpLwf - ok
22:36:21.0691 5664 WiMAXAppSrv (245ea6a2cfae7b183ee9a14a4673b1f1) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
22:36:21.0691 5664 WiMAXAppSrv - ok
22:36:21.0859 5664 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
22:36:21.0883 5664 WimFltr - ok
22:36:21.0935 5664 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:36:21.0937 5664 WIMMount - ok
22:36:21.0997 5664 WinDefend - ok
22:36:22.0002 5664 WinHttpAutoProxySvc - ok
22:36:22.0087 5664 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:36:22.0090 5664 Winmgmt - ok
22:36:22.0425 5664 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:36:22.0519 5664 WinRM - ok
22:36:22.0911 5664 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
22:36:22.0915 5664 WinUsb - ok
22:36:23.0085 5664 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:36:23.0131 5664 Wlansvc - ok
22:36:23.0271 5664 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:36:23.0271 5664 wlcrasvc - ok
22:36:23.0771 5664 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:36:23.0802 5664 wlidsvc - ok
22:36:23.0983 5664 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:36:23.0983 5664 WmiAcpi - ok
22:36:24.0112 5664 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:36:24.0121 5664 wmiApSrv - ok
22:36:24.0193 5664 WMPNetworkSvc - ok
22:36:24.0240 5664 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:36:24.0240 5664 WPCSvc - ok
22:36:24.0318 5664 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:36:24.0333 5664 WPDBusEnum - ok
22:36:24.0364 5664 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:36:24.0364 5664 ws2ifsl - ok
22:36:24.0396 5664 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
22:36:24.0396 5664 wscsvc - ok
22:36:24.0396 5664 WSearch - ok
22:36:24.0708 5664 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:36:24.0770 5664 wuauserv - ok
22:36:25.0033 5664 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:36:25.0036 5664 WudfPf - ok
22:36:25.0086 5664 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:36:25.0093 5664 WUDFRd - ok
22:36:25.0129 5664 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:36:25.0132 5664 wudfsvc - ok
22:36:25.0201 5664 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:36:25.0232 5664 WwanSvc - ok
22:36:25.0341 5664 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:36:26.0284 5664 \Device\Harddisk0\DR0 - ok
22:36:26.0284 5664 MBR (0x1B8) (06449e7c4af0550b77e260798769aa40) \Device\Harddisk2\DR2
22:36:26.0471 5664 \Device\Harddisk2\DR2 - ok
22:36:26.0502 5664 Boot (0x1200) (5aa27af0cff779a8a4b989c1779c9de4) \Device\Harddisk0\DR0\Partition0
22:36:26.0502 5664 \Device\Harddisk0\DR0\Partition0 - ok
22:36:26.0502 5664 Boot (0x1200) (6cc7ba121a36f6cf4626db34f31cf0bf) \Device\Harddisk2\DR2\Partition0
22:36:26.0518 5664 \Device\Harddisk2\DR2\Partition0 - ok
22:36:26.0518 5664 ============================================================
22:36:26.0518 5664 Scan finished
22:36:26.0518 5664 ============================================================
22:36:26.0533 6608 Detected object count: 0
22:36:26.0533 6608 Actual detected object count: 0
22:36:35.0398 6768 Deinitialize success


***



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-31 22:37:30
-----------------------------
22:37:30.760 OS Version: Windows x64 6.1.7601 Service Pack 1
22:37:30.761 Number of processors: 4 586 0x2A07
22:37:30.761 ComputerName: OWNER-PC UserName: owner
22:37:33.704 Initialize success
22:37:41.499 AVAST engine defs: 12073102
22:37:47.514 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:37:47.519 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
22:37:47.544 Disk 0 MBR read successfully
22:37:47.548 Disk 0 MBR scan
22:37:47.554 Disk 0 Windows 7 default MBR code
22:37:47.557 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
22:37:47.594 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 584878 MB offset 52430848
22:37:47.618 Disk 0 scanning C:\Windows\system32\drivers
22:38:02.493 Service scanning
22:38:31.956 Modules scanning
22:38:31.972 Disk 0 trace - called modules:
22:38:31.997 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
22:38:32.000 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008860060]
22:38:32.330 3 CLASSPNP.SYS[fffff88001c5143f] -> nt!IofCallDriver -> [0xfffffa8005fdb5a0]
22:38:32.341 5 ACPI.sys[fffff88000f3d7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006041050]
22:38:35.153 AVAST engine scan C:\Windows
22:38:42.136 AVAST engine scan C:\Windows\system32
22:41:38.151 AVAST engine scan C:\Windows\system32\drivers
22:41:52.465 AVAST engine scan C:\Users\owner
22:45:19.568 Disk 0 MBR has been saved successfully to "C:\Users\owner\Desktop\MBR.dat"
22:45:19.573 The log file has been saved successfully to "C:\Users\owner\Desktop\aswMBR.txt"
22:46:00.976 AVAST engine scan C:\ProgramData
22:47:11.303 Scan finished successfully
22:47:35.126 Disk 0 MBR has been saved successfully to "C:\Users\owner\Desktop\MBR.dat"
22:47:35.129 The log file has been saved successfully to "C:\Users\owner\Desktop\aswMBR.txt"


***

C:\Users\owner\AppData\Local\Temp\ICReinstall\cnet2_hjsplit_zip.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\ICReinstall\cnet2_QuickPar-0_9_1_0_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\ICReinstall\cnet2_xnews_zip.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\is1598539481\zgInstaller.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:14 PM

Posted 01 August 2012 - 06:19 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 berowne

berowne
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 01 August 2012 - 08:31 PM

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.01.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
owner :: OWNER-PC [administrator]

Protection: Enabled

8/1/2012 7:31:20 PM
mbam-log-2012-08-01 (19-31-20).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 344820
Time elapsed: 40 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

***

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: owner [Admin rights]
Mode: HOSTSFix -- Date: 08/01/2012 20:13:13

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
::1 localhost
78.46.61.26 www.google-analytics.com.
78.46.61.26 ad-emea.doubleclick.net.
78.46.61.26 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt

***

MiniToolBox by Farbar Version: 23-07-2012
Ran by owner (administrator) on 01-08-2012 at 20:18:50
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 6150 = Wireless Network Connection (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Intel® Centrino® WiMAX 6150 = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hil-denthhx.den.wayport.net

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6150
Physical Address. . . . . . . . . : 64-D4-DA-5E-DA-37
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 40-25-C2-59-55-F1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 40-25-C2-59-55-F1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hil-denthhx.den.wayport.net
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 6150
Physical Address. . . . . . . . . : 40-25-C2-59-55-F0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::100f:3f9f:27f:a857%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.5.138(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.254.0
Lease Obtained. . . . . . . . . . : Wednesday, August 01, 2012 7:28:23 PM
Lease Expires . . . . . . . . . . : Wednesday, August 01, 2012 8:58:22 PM
Default Gateway . . . . . . . . . : 192.168.4.1
DHCP Server . . . . . . . . . . . : 12.216.29.66
DHCPv6 IAID . . . . . . . . . . . : 306193858
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-E2-64-02-14-DA-E9-C2-83-8E
DNS Servers . . . . . . . . . . . : 192.168.4.1
64.134.255.2
64.134.255.10
Primary WINS Server . . . . . . . : 192.168.4.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 14-DA-E9-C2-83-8E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hil-denthhx.den.wayport.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hil-denthhx.den.wayport.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:c7a:2ef0:3f57:fa75(Preferred)
Link-local IPv6 Address . . . . . : fe80::c7a:2ef0:3f57:fa75%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.4.1

Name: google.com
Addresses: 2607:f8b0:4000:801::1005
74.125.227.129
74.125.227.128
74.125.227.132
74.125.227.137
74.125.227.142
74.125.227.134
74.125.227.136
74.125.227.133
74.125.227.135
74.125.227.130
74.125.227.131


Pinging google.com [74.125.227.135] with 32 bytes of data:
Reply from 74.125.227.135: bytes=32 time=43ms TTL=54
Reply from 74.125.227.135: bytes=32 time=44ms TTL=54

Ping statistics for 74.125.227.135:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 43ms, Maximum = 44ms, Average = 43ms
Server: UnKnown
Address: 192.168.4.1

Name: yahoo.com
Addresses: 209.191.122.70
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=87ms TTL=50
Reply from 72.30.38.140: bytes=32 time=96ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 87ms, Maximum = 96ms, Average = 91ms
Server: UnKnown
Address: 192.168.4.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
15...64 d4 da 5e da 37 ......Intel® Centrino® WiMAX 6150
14...40 25 c2 59 55 f1 ......Microsoft Virtual WiFi Miniport Adapter #2
13...40 25 c2 59 55 f1 ......Microsoft Virtual WiFi Miniport Adapter
12...40 25 c2 59 55 f0 ......Intel® Centrino® Wireless-N 6150
11...14 da e9 c2 83 8e ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.4.1 192.168.5.138 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.4.0 255.255.254.0 On-link 192.168.5.138 281
192.168.5.138 255.255.255.255 On-link 192.168.5.138 281
192.168.5.255 255.255.255.255 On-link 192.168.5.138 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.5.138 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.5.138 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:9d38:953c:c7a:2ef0:3f57:fa75/128
On-link
12 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::c7a:2ef0:3f57:fa75/128
On-link
12 281 fe80::100f:3f9f:27f:a857/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/01/2012 10:29:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5148

Error: (08/01/2012 10:29:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5148

Error: (08/01/2012 10:29:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/01/2012 10:29:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4134

Error: (08/01/2012 10:29:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4134

Error: (08/01/2012 10:29:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/01/2012 10:29:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3136

Error: (08/01/2012 10:29:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3136

Error: (08/01/2012 10:29:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/01/2012 10:29:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2075


System errors:
=============
Error: (08/01/2012 11:36:14 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (08/01/2012 11:36:13 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (08/01/2012 11:36:13 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (08/01/2012 11:36:11 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (08/01/2012 10:56:54 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/01/2012 10:56:53 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/31/2012 10:29:43 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:26:20 PM on ?7/?31/?2012 was unexpected.

Error: (07/31/2012 08:22:35 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (07/31/2012 08:22:34 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (07/31/2012 08:21:45 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.


Microsoft Office Sessions:
=========================
Error: (08/01/2012 10:29:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5148

Error: (08/01/2012 10:29:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5148

Error: (08/01/2012 10:29:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/01/2012 10:29:41 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4134

Error: (08/01/2012 10:29:41 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4134

Error: (08/01/2012 10:29:41 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/01/2012 10:29:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3136

Error: (08/01/2012 10:29:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3136

Error: (08/01/2012 10:29:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/01/2012 10:29:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2075


=========================== Installed Programs ============================

Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.2)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Setup (Version: 1.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Alcor Micro USB Card Reader (Version: 1.2.0117.08443)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.12.5.0)
ASUS AI Recovery (Version: 1.0.14)
ASUS LifeFrame3 (Version: 3.0.22)
ASUS Live Update (Version: 3.0.3)
ASUS Power4Gear Hybrid (Version: 1.1.45)
ASUS Secure Delete (Version: 1.00.0007)
ASUS SmartLogon (Version: 1.0.0011)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0033)
ASUS USB Charger Plus (Version: 2.0.3)
ASUS Virtual Camera (Version: 1.0.21)
AsusScr_U46_ENG (Version: 1.0.0001)
AsusVibe2.0 (Version: 2.0.5.103)
ATK Package (Version: 1.0.0010)
Best Buy Connect (Version: 3.00.68)
Best Buy pc app (Version: 3.2.2.0)
Best Buy pc app (Version: 3.2.545.3)
Bing Bar (Version: 7.0.610.0)
BitTorrent (Version: 7.6.1)
Bonjour (Version: 3.0.0.10)
Coupon Printer for Windows (Version: 5.0.0.0)
CutePDF Professional 3.6 (Evaluation)
CutePDF Writer 2.8
CyberLink LabelPrint (Version: 2.5.1908)
CyberLink Power2Go (Version: 6.1.3602c)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox (Version: 1.4.8)
ESET Online Scanner v3
Fast Boot (Version: 1.0.10)
Final Draft 7 (Version: 7.0.0.54)
Giganews Accelerator (Version: 1.0.111)
Google Chrome (Version: 20.0.1132.57)
HP Deskjet 3520 series Basic Device Software (Version: 27.0.847.0)
HP Deskjet 3520 series Help (Version: 27.0.0)
HP Deskjet 3520 series Product Improvement Study (Version: 27.0.847.0)
HP Deskjet 3520 series Setup Guide (Version: 27.0.0)
HP Photo Creations (Version: 1.0.0.3341)
HP Update (Version: 5.003.003.001)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2405)
Intel® PROSet/Wireless WiFi Software (Version: 14.01.1000)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® WiDi (Version: 2.1.39.0)
Intel® Wireless Display
Intel® PROSet/Wireless WiMAX Software (Version: 6.05.0000)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Security Scan Plus (Version: 3.0.207.4)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Norton AntiVirus (Version: 19.7.1.5)
Nuance PDF Reader (Version: 6.00.0041)
PDF Settings (Version: 1.0)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6383)
SceneSwitch (Version: 1.0.8)
Sonic Focus (Version: 1.0.0.4)
StartNow Toolbar (Version: 2.3.0)
SUPERAntiSpyware (Version: 5.5.1012)
Synaptics Pointing Device Driver (Version: 15.3.6.0)
System Requirements Lab for Intel (Version: 4.5.3.0)
TimeLeft (Version: 3.58)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VLC media player 1.1.11 (Version: 1.1.11)
Web Assistant 2.0.0.458
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash (Version: 2.31.1)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Wireless Console 3 (Version: 3.0.19)

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 6049.14 MB
Available physical RAM: 2907.59 MB
Total Pagefile: 12096.46 MB
Available Pagefile: 8478.66 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.73 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:571.17 GB) (Free:515.67 GB) NTFS
4 Drive g: (DATA) (Removable) (Total:1.91 GB) (Free:1.65 GB) FAT

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest owner


**** End of log ****

***

Farbar Service Scanner Version: 26-07-2012
Ran by owner (administrator) on 01-08-2012 at 20:20:33
Running from "C:\Users\owner\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

***

# AdwCleaner v1.800 - Logfile created 08/01/2012 at 20:21:17
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : owner - OWNER-PC
# Running from : C:\Users\owner\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Updater Service for StartNow Toolbar
Stopped & Deleted : Web Assistant Updater

***** [Files / Folders] *****

Folder Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\5ledowh4.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
Folder Deleted : C:\Program Files\Web Assistant
File Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\5ledowh4.default\searchplugins\MyStart Search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartNow Toolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [StartNowToolbarHelper]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
[x64] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
[x64] Key Deleted : HKLM\SOFTWARE\Web Assistant

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\5ledowh4.default\prefs.js

C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\5ledowh4.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "MyStart Search");
Deleted : user_pref("browser.search.selectedEngine", "MyStart Search");
Deleted : user_pref("extensions.incredibar.actvtyRptTime", "1343660535971");
Deleted : user_pref("extensions.incredibar.admin", false);
Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Deleted : user_pref("extensions.incredibar.cntry", "US");
Deleted : user_pref("extensions.incredibar.dfltLng", "EN");
Deleted : user_pref("extensions.incredibar.dfltSrch", false);
Deleted : user_pref("extensions.incredibar.dfltlng", "en");
Deleted : user_pref("extensions.incredibar.dfltsrch", "false");
Deleted : user_pref("extensions.incredibar.did", "10665");
Deleted : user_pref("extensions.incredibar.envrmnt", "production");
Deleted : user_pref("extensions.incredibar.excTlbr", false);
Deleted : user_pref("extensions.incredibar.hdrMd5", "D1C409345FE35428003218B0FFA2F7C2");
Deleted : user_pref("extensions.incredibar.hmpg", false);
Deleted : user_pref("extensions.incredibar.hrdid", "2484ebdd00000000000064d4da5eda37");
Deleted : user_pref("extensions.incredibar.id", "2484ebdd00000000000064d4da5eda37");
Deleted : user_pref("extensions.incredibar.installerproductid", "26");
Deleted : user_pref("extensions.incredibar.instlDay", "15515");
Deleted : user_pref("extensions.incredibar.instlRef", "");
Deleted : user_pref("extensions.incredibar.instlday", "15515");
Deleted : user_pref("extensions.incredibar.instlref", "");
Deleted : user_pref("extensions.incredibar.isDcmntCmplt", false);
Deleted : user_pref("extensions.incredibar.isdcmntcmplt", true);
Deleted : user_pref("extensions.incredibar.keywordurl", "");
Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.141:16:41");
Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Deleted : user_pref("extensions.incredibar.newTab", false);
Deleted : user_pref("extensions.incredibar.newtab", "false");
Deleted : user_pref("extensions.incredibar.newtaburl", "");
Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
Deleted : user_pref("extensions.incredibar.ppd", "");
Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar.productid", "26");
Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Deleted : user_pref("extensions.incredibar.sg", "none");
Deleted : user_pref("extensions.incredibar.smplGrp", "none");
Deleted : user_pref("extensions.incredibar.smplgrp", "none");
Deleted : user_pref("extensions.incredibar.srch", "");
Deleted : user_pref("extensions.incredibar.srchprvdr", "");
Deleted : user_pref("extensions.incredibar.tlbrId", "base");
Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQBpMXZsf&loc=IB_T[...]
Deleted : user_pref("extensions.incredibar.tlbrid", "base");
Deleted : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6PQBpMXZsf&loc=IB_T[...]
Deleted : user_pref("extensions.incredibar.upn2", "6PQBpMXZsf");
Deleted : user_pref("extensions.incredibar.upn2n", "92543113857532947");
Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.141:16:41");
Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Deleted : user_pref("extensions.incredibar.vrsnts", "1.5.11.141:16:41");
Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Deleted : user_pref("extensions.incredibar_i.did", "10665");
Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
Deleted : user_pref("extensions.incredibar_i.id", "2484ebdd00000000000064d4da5eda37");
Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Deleted : user_pref("extensions.incredibar_i.instlDay", "15515");
Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Deleted : user_pref("extensions.incredibar_i.newTab", false);
Deleted : user_pref("extensions.incredibar_i.ppd", "");
Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar_i.productid", "26");
Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQBpMXZsf&loc=IB[...]
Deleted : user_pref("extensions.incredibar_i.upn2", "6PQBpMXZsf");
Deleted : user_pref("extensions.incredibar_i.upn2n", "92543113857532947");
Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.141:16:41");
Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Deleted : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&a=6PQBpMXZsf&&i=26&search="[...]
Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://us.yhs4.sear[...]
Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v20.0.1132.57

File : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "icon_url": "hxxp://mystart.incredibar.com/mb165/favicon.ico",
Deleted : "keyword": "mystart.incredibar.com/mb165",
Deleted : "name": "MyStart Search",
Deleted : "search_url": "hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&search={searchTerms}&a=6PQBpMXZs[...]
Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [10951 octets] - [01/08/2012 20:21:17]

########## EOF - C:\AdwCleaner[S1].txt - [11080 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:14 PM

Posted 01 August 2012 - 08:52 PM

Uninstall firefox

Makesure to checkmark Remove my personal data option

Reinstall firefox

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#7 berowne

berowne
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 02 August 2012 - 10:22 PM

Success! Thank you!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:14 PM

Posted 02 August 2012 - 10:47 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users