Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

click.get-free-answers.com


  • Please log in to reply
9 replies to this topic

#1 Ratchet2

Ratchet2

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 08 August 2012 - 08:13 AM

I have something troubling my computer which occasionally redirects me to a click.get-free-answers.com site when I click on a google link. My Microsoft Security Essentials does not detect it. I've seen this problem posted about before but I'm not sure if I should just follow their previous instructions or post my own topic, so here I am. I have Windows 7 and I am using firefox browser. Any help is greatly appreciated.

-Nate


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 PM

Posted 08 August 2012 - 08:48 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Ratchet2

Ratchet2
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 10 August 2012 - 10:39 AM

Thanks for the help, sorry about being busy for the past few days. The ESET online scanner link you gave gives me a 404 error when I click it. Here are the other two logs.

TDSSkiller log:


11:08:08.0756 0332 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
11:08:09.0035 0332 ============================================================
11:08:09.0035 0332 Current date / time: 2012/08/10 11:08:09.0035
11:08:09.0035 0332 SystemInfo:
11:08:09.0035 0332
11:08:09.0035 0332 OS Version: 6.1.7600 ServicePack: 0.0
11:08:09.0035 0332 Product type: Workstation
11:08:09.0035 0332 ComputerName: NATHAN-PC
11:08:09.0036 0332 UserName: Nathan
11:08:09.0036 0332 Windows directory: C:\Windows
11:08:09.0036 0332 System windows directory: C:\Windows
11:08:09.0036 0332 Running under WOW64
11:08:09.0036 0332 Processor architecture: Intel x64
11:08:09.0036 0332 Number of processors: 2
11:08:09.0036 0332 Page size: 0x1000
11:08:09.0036 0332 Boot type: Normal boot
11:08:09.0036 0332 ============================================================
11:08:11.0104 0332 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x1639B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x6D, Type 'K0', Flags 0x00000040
11:08:11.0168 0332 ============================================================
11:08:11.0168 0332 \Device\Harddisk0\DR0:
11:08:11.0168 0332 MBR partitions:
11:08:11.0168 0332 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:08:11.0168 0332 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x13466000
11:08:11.0168 0332 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x6, StartLBA 0x13498800, BlocksNum 0x107D8800
11:08:11.0168 0332 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23C71000, BlocksNum 0x17BD000
11:08:11.0168 0332 ============================================================
11:08:11.0197 0332 C: <-> \Device\Harddisk0\DR0\Partition1
11:08:11.0269 0332 E: <-> \Device\Harddisk0\DR0\Partition3
11:08:11.0269 0332 ============================================================
11:08:11.0269 0332 Initialize success
11:08:11.0269 0332 ============================================================
11:08:48.0355 2052 ============================================================
11:08:48.0355 2052 Scan started
11:08:48.0355 2052 Mode: Manual; TDLFS;
11:08:48.0355 2052 ============================================================
11:08:48.0703 2052 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
11:08:48.0708 2052 1394ohci - ok
11:08:48.0756 2052 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
11:08:48.0761 2052 ACPI - ok
11:08:48.0774 2052 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
11:08:48.0776 2052 AcpiPmi - ok
11:08:48.0857 2052 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:08:48.0859 2052 AdobeARMservice - ok
11:08:49.0012 2052 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:08:49.0016 2052 AdobeFlashPlayerUpdateSvc - ok
11:08:49.0099 2052 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:08:49.0108 2052 adp94xx - ok
11:08:49.0155 2052 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:08:49.0162 2052 adpahci - ok
11:08:49.0195 2052 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:08:49.0199 2052 adpu320 - ok
11:08:49.0229 2052 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:08:49.0231 2052 AeLookupSvc - ok
11:08:49.0310 2052 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
11:08:49.0319 2052 AFD - ok
11:08:49.0348 2052 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
11:08:49.0350 2052 agp440 - ok
11:08:49.0377 2052 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:08:49.0380 2052 ALG - ok
11:08:49.0411 2052 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
11:08:49.0413 2052 aliide - ok
11:08:49.0431 2052 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
11:08:49.0433 2052 amdide - ok
11:08:49.0460 2052 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:08:49.0463 2052 AmdK8 - ok
11:08:49.0477 2052 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:08:49.0479 2052 AmdPPM - ok
11:08:49.0523 2052 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
11:08:49.0526 2052 amdsata - ok
11:08:49.0565 2052 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:08:49.0569 2052 amdsbs - ok
11:08:49.0589 2052 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
11:08:49.0590 2052 amdxata - ok
11:08:49.0636 2052 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
11:08:49.0638 2052 AppID - ok
11:08:49.0658 2052 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:08:49.0660 2052 AppIDSvc - ok
11:08:49.0682 2052 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
11:08:49.0683 2052 Appinfo - ok
11:08:49.0770 2052 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:08:49.0772 2052 Apple Mobile Device - ok
11:08:49.0804 2052 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:08:49.0806 2052 arc - ok
11:08:49.0836 2052 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:08:49.0838 2052 arcsas - ok
11:08:49.0861 2052 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:08:49.0862 2052 AsyncMac - ok
11:08:49.0873 2052 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
11:08:49.0874 2052 atapi - ok
11:08:50.0006 2052 athr (38562a6a9cb10844759eaf2b01a7fcd3) C:\Windows\system32\DRIVERS\athrx.sys
11:08:50.0027 2052 athr - ok
11:08:50.0216 2052 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:08:50.0228 2052 AudioEndpointBuilder - ok
11:08:50.0240 2052 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:08:50.0245 2052 AudioSrv - ok
11:08:50.0279 2052 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
11:08:50.0281 2052 AxInstSV - ok
11:08:50.0376 2052 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:08:50.0384 2052 b06bdrv - ok
11:08:50.0420 2052 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:08:50.0425 2052 b57nd60a - ok
11:08:50.0470 2052 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:08:50.0472 2052 BDESVC - ok
11:08:50.0484 2052 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:08:50.0486 2052 Beep - ok
11:08:50.0579 2052 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
11:08:50.0591 2052 BFE - ok
11:08:50.0660 2052 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
11:08:50.0672 2052 BITS - ok
11:08:50.0721 2052 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:08:50.0722 2052 blbdrive - ok
11:08:50.0832 2052 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:08:50.0840 2052 Bonjour Service - ok
11:08:50.0887 2052 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
11:08:50.0889 2052 bowser - ok
11:08:50.0914 2052 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:08:50.0916 2052 BrFiltLo - ok
11:08:50.0935 2052 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:08:50.0936 2052 BrFiltUp - ok
11:08:50.0979 2052 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
11:08:50.0982 2052 Browser - ok
11:08:51.0022 2052 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:08:51.0027 2052 Brserid - ok
11:08:51.0048 2052 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:08:51.0050 2052 BrSerWdm - ok
11:08:51.0055 2052 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:08:51.0056 2052 BrUsbMdm - ok
11:08:51.0062 2052 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:08:51.0063 2052 BrUsbSer - ok
11:08:51.0072 2052 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:08:51.0074 2052 BTHMODEM - ok
11:08:51.0093 2052 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:08:51.0095 2052 bthserv - ok
11:08:51.0126 2052 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:08:51.0127 2052 cdfs - ok
11:08:51.0182 2052 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
11:08:51.0186 2052 cdrom - ok
11:08:51.0222 2052 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:08:51.0224 2052 CertPropSvc - ok
11:08:51.0242 2052 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:08:51.0244 2052 circlass - ok
11:08:51.0282 2052 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:08:51.0286 2052 CLFS - ok
11:08:51.0341 2052 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:08:51.0343 2052 clr_optimization_v2.0.50727_32 - ok
11:08:51.0388 2052 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:08:51.0391 2052 clr_optimization_v2.0.50727_64 - ok
11:08:51.0471 2052 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:08:51.0474 2052 clr_optimization_v4.0.30319_32 - ok
11:08:51.0506 2052 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:08:51.0509 2052 clr_optimization_v4.0.30319_64 - ok
11:08:51.0549 2052 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:08:51.0550 2052 CmBatt - ok
11:08:51.0566 2052 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
11:08:51.0567 2052 cmdide - ok
11:08:51.0628 2052 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
11:08:51.0634 2052 CNG - ok
11:08:51.0666 2052 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:08:51.0666 2052 Compbatt - ok
11:08:51.0691 2052 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:08:51.0693 2052 CompositeBus - ok
11:08:51.0711 2052 COMSysApp - ok
11:08:51.0741 2052 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:08:51.0742 2052 crcdisk - ok
11:08:51.0799 2052 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
11:08:51.0802 2052 CryptSvc - ok
11:08:51.0862 2052 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:08:51.0871 2052 DcomLaunch - ok
11:08:51.0928 2052 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:08:51.0932 2052 defragsvc - ok
11:08:51.0975 2052 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
11:08:51.0977 2052 DfsC - ok
11:08:52.0018 2052 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
11:08:52.0023 2052 Dhcp - ok
11:08:52.0049 2052 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:08:52.0050 2052 discache - ok
11:08:52.0091 2052 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:08:52.0092 2052 Disk - ok
11:08:52.0133 2052 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
11:08:52.0137 2052 Dnscache - ok
11:08:52.0200 2052 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
11:08:52.0205 2052 dot3svc - ok
11:08:52.0234 2052 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
11:08:52.0237 2052 DPS - ok
11:08:52.0270 2052 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:08:52.0272 2052 drmkaud - ok
11:08:52.0381 2052 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
11:08:52.0397 2052 DXGKrnl - ok
11:08:52.0449 2052 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:08:52.0452 2052 EapHost - ok
11:08:52.0763 2052 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:08:52.0806 2052 ebdrv - ok
11:08:52.0927 2052 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
11:08:52.0929 2052 EFS - ok
11:08:53.0037 2052 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
11:08:53.0049 2052 ehRecvr - ok
11:08:53.0092 2052 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:08:53.0096 2052 ehSched - ok
11:08:53.0196 2052 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:08:53.0205 2052 elxstor - ok
11:08:53.0225 2052 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
11:08:53.0226 2052 ErrDev - ok
11:08:53.0302 2052 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:08:53.0309 2052 EventSystem - ok
11:08:53.0343 2052 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:08:53.0347 2052 exfat - ok
11:08:53.0381 2052 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:08:53.0385 2052 fastfat - ok
11:08:53.0475 2052 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
11:08:53.0487 2052 Fax - ok
11:08:53.0509 2052 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:08:53.0511 2052 fdc - ok
11:08:53.0536 2052 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:08:53.0538 2052 fdPHost - ok
11:08:53.0557 2052 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:08:53.0560 2052 FDResPub - ok
11:08:53.0585 2052 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:08:53.0586 2052 FileInfo - ok
11:08:53.0598 2052 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:08:53.0600 2052 Filetrace - ok
11:08:53.0613 2052 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:08:53.0615 2052 flpydisk - ok
11:08:53.0653 2052 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
11:08:53.0658 2052 FltMgr - ok
11:08:53.0784 2052 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
11:08:53.0803 2052 FontCache - ok
11:08:53.0875 2052 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:08:53.0877 2052 FontCache3.0.0.0 - ok
11:08:53.0933 2052 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:08:53.0935 2052 FsDepends - ok
11:08:53.0964 2052 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
11:08:53.0966 2052 Fs_Rec - ok
11:08:54.0025 2052 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:08:54.0028 2052 fvevol - ok
11:08:54.0062 2052 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:08:54.0065 2052 gagp30kx - ok
11:08:54.0096 2052 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:08:54.0098 2052 GEARAspiWDM - ok
11:08:54.0200 2052 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
11:08:54.0213 2052 gpsvc - ok
11:08:54.0282 2052 Gun (721ce1551f8198714f3cabfe2147939b) C:\Game\SoftnyxGame\GunBoundIS\Gun64.sys
11:08:54.0284 2052 Gun - ok
11:08:54.0302 2052 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:08:54.0304 2052 hcw85cir - ok
11:08:54.0366 2052 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
11:08:54.0373 2052 HdAudAddService - ok
11:08:54.0408 2052 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:08:54.0410 2052 HDAudBus - ok
11:08:54.0429 2052 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:08:54.0431 2052 HidBatt - ok
11:08:54.0455 2052 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:08:54.0457 2052 HidBth - ok
11:08:54.0472 2052 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:08:54.0474 2052 HidIr - ok
11:08:54.0504 2052 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:08:54.0506 2052 hidserv - ok
11:08:54.0548 2052 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
11:08:54.0577 2052 HidUsb - ok
11:08:54.0611 2052 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
11:08:54.0613 2052 hkmsvc - ok
11:08:54.0640 2052 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
11:08:54.0644 2052 HomeGroupListener - ok
11:08:54.0679 2052 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
11:08:54.0683 2052 HomeGroupProvider - ok
11:08:54.0711 2052 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
11:08:54.0713 2052 HpSAMD - ok
11:08:54.0778 2052 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
11:08:54.0787 2052 HTTP - ok
11:08:54.0810 2052 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
11:08:54.0810 2052 hwpolicy - ok
11:08:54.0842 2052 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:08:54.0844 2052 i8042prt - ok
11:08:54.0924 2052 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
11:08:54.0932 2052 iaStorV - ok
11:08:55.0097 2052 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:08:55.0112 2052 idsvc - ok
11:08:55.0676 2052 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:08:55.0832 2052 igfx - ok
11:08:55.0979 2052 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:08:55.0981 2052 iirsp - ok
11:08:56.0080 2052 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
11:08:56.0093 2052 IKEEXT - ok
11:08:56.0109 2052 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
11:08:56.0110 2052 intelide - ok
11:08:56.0138 2052 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:08:56.0139 2052 intelppm - ok
11:08:56.0168 2052 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:08:56.0171 2052 IPBusEnum - ok
11:08:56.0186 2052 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:08:56.0188 2052 IpFilterDriver - ok
11:08:56.0241 2052 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
11:08:56.0250 2052 iphlpsvc - ok
11:08:56.0271 2052 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:08:56.0273 2052 IPMIDRV - ok
11:08:56.0289 2052 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:08:56.0292 2052 IPNAT - ok
11:08:56.0427 2052 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
11:08:56.0442 2052 iPod Service - ok
11:08:56.0471 2052 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:08:56.0473 2052 IRENUM - ok
11:08:56.0484 2052 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
11:08:56.0486 2052 isapnp - ok
11:08:56.0525 2052 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
11:08:56.0529 2052 iScsiPrt - ok
11:08:56.0557 2052 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:08:56.0559 2052 kbdclass - ok
11:08:56.0593 2052 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
11:08:56.0595 2052 kbdhid - ok
11:08:56.0626 2052 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:08:56.0628 2052 KeyIso - ok
11:08:56.0660 2052 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
11:08:56.0662 2052 KSecDD - ok
11:08:56.0692 2052 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
11:08:56.0695 2052 KSecPkg - ok
11:08:56.0730 2052 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:08:56.0732 2052 ksthunk - ok
11:08:56.0787 2052 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:08:56.0795 2052 KtmRm - ok
11:08:56.0839 2052 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
11:08:56.0845 2052 LanmanServer - ok
11:08:56.0875 2052 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
11:08:56.0880 2052 LanmanWorkstation - ok
11:08:56.0935 2052 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:08:56.0937 2052 lltdio - ok
11:08:56.0989 2052 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:08:56.0995 2052 lltdsvc - ok
11:08:57.0014 2052 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:08:57.0016 2052 lmhosts - ok
11:08:57.0054 2052 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:08:57.0056 2052 LSI_FC - ok
11:08:57.0090 2052 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:08:57.0092 2052 LSI_SAS - ok
11:08:57.0115 2052 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:08:57.0117 2052 LSI_SAS2 - ok
11:08:57.0141 2052 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:08:57.0144 2052 LSI_SCSI - ok
11:08:57.0171 2052 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:08:57.0173 2052 luafv - ok
11:08:57.0200 2052 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
11:08:57.0203 2052 Mcx2Svc - ok
11:08:57.0220 2052 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:08:57.0222 2052 megasas - ok
11:08:57.0252 2052 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:08:57.0256 2052 MegaSR - ok
11:08:57.0282 2052 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:08:57.0285 2052 MMCSS - ok
11:08:57.0313 2052 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:08:57.0314 2052 Modem - ok
11:08:57.0341 2052 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:08:57.0342 2052 monitor - ok
11:08:57.0367 2052 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:08:57.0369 2052 mouclass - ok
11:08:57.0402 2052 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:08:57.0419 2052 mouhid - ok
11:08:57.0435 2052 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
11:08:57.0437 2052 mountmgr - ok
11:08:57.0547 2052 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:08:57.0549 2052 MozillaMaintenance - ok
11:08:57.0590 2052 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
11:08:57.0594 2052 MpFilter - ok
11:08:57.0625 2052 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
11:08:57.0629 2052 mpio - ok
11:08:57.0660 2052 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:08:57.0662 2052 mpsdrv - ok
11:08:57.0760 2052 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
11:08:57.0775 2052 MpsSvc - ok
11:08:57.0805 2052 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
11:08:57.0809 2052 MRxDAV - ok
11:08:57.0846 2052 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:08:57.0849 2052 mrxsmb - ok
11:08:57.0886 2052 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:08:57.0892 2052 mrxsmb10 - ok
11:08:57.0921 2052 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:08:57.0924 2052 mrxsmb20 - ok
11:08:57.0953 2052 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
11:08:57.0954 2052 msahci - ok
11:08:57.0984 2052 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
11:08:57.0988 2052 msdsm - ok
11:08:58.0023 2052 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:08:58.0028 2052 MSDTC - ok
11:08:58.0049 2052 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:08:58.0050 2052 Msfs - ok
11:08:58.0067 2052 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:08:58.0069 2052 mshidkmdf - ok
11:08:58.0085 2052 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
11:08:58.0086 2052 msisadrv - ok
11:08:58.0139 2052 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:08:58.0144 2052 MSiSCSI - ok
11:08:58.0149 2052 msiserver - ok
11:08:58.0183 2052 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:08:58.0184 2052 MSKSSRV - ok
11:08:58.0276 2052 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:08:58.0277 2052 MsMpSvc - ok
11:08:58.0296 2052 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:08:58.0297 2052 MSPCLOCK - ok
11:08:58.0303 2052 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:08:58.0305 2052 MSPQM - ok
11:08:58.0344 2052 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
11:08:58.0349 2052 MsRPC - ok
11:08:58.0367 2052 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:08:58.0368 2052 mssmbios - ok
11:08:58.0394 2052 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:08:58.0395 2052 MSTEE - ok
11:08:58.0407 2052 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:08:58.0409 2052 MTConfig - ok
11:08:58.0442 2052 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:08:58.0443 2052 Mup - ok
11:08:58.0501 2052 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
11:08:58.0511 2052 napagent - ok
11:08:58.0574 2052 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:08:58.0581 2052 NativeWifiP - ok
11:08:58.0693 2052 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
11:08:58.0708 2052 NDIS - ok
11:08:58.0734 2052 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:08:58.0736 2052 NdisCap - ok
11:08:58.0758 2052 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:08:58.0760 2052 NdisTapi - ok
11:08:58.0810 2052 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
11:08:58.0813 2052 Ndisuio - ok
11:08:58.0845 2052 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:08:58.0849 2052 NdisWan - ok
11:08:58.0871 2052 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
11:08:58.0874 2052 NDProxy - ok
11:08:58.0891 2052 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:08:58.0892 2052 NetBIOS - ok
11:08:58.0930 2052 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
11:08:58.0935 2052 NetBT - ok
11:08:58.0971 2052 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:08:58.0973 2052 Netlogon - ok
11:08:59.0041 2052 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:08:59.0049 2052 Netman - ok
11:08:59.0083 2052 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:08:59.0090 2052 netprofm - ok
11:08:59.0177 2052 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:08:59.0180 2052 NetTcpPortSharing - ok
11:08:59.0222 2052 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:08:59.0224 2052 nfrd960 - ok
11:08:59.0298 2052 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:08:59.0300 2052 NisDrv - ok
11:08:59.0369 2052 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
11:08:59.0375 2052 NisSrv - ok
11:08:59.0442 2052 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
11:08:59.0449 2052 NlaSvc - ok
11:08:59.0462 2052 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:08:59.0463 2052 Npfs - ok
11:08:59.0481 2052 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:08:59.0484 2052 nsi - ok
11:08:59.0522 2052 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:08:59.0523 2052 nsiproxy - ok
11:08:59.0689 2052 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
11:08:59.0709 2052 Ntfs - ok
11:08:59.0824 2052 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:08:59.0825 2052 Null - ok
11:08:59.0873 2052 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
11:08:59.0876 2052 nvraid - ok
11:08:59.0909 2052 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
11:08:59.0912 2052 nvstor - ok
11:08:59.0946 2052 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
11:08:59.0949 2052 nv_agp - ok
11:09:00.0074 2052 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:09:00.0081 2052 odserv - ok
11:09:00.0110 2052 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
11:09:00.0112 2052 ohci1394 - ok
11:09:00.0140 2052 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:09:00.0143 2052 ose - ok
11:09:00.0196 2052 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:09:00.0204 2052 p2pimsvc - ok
11:09:00.0252 2052 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:09:00.0261 2052 p2psvc - ok
11:09:00.0290 2052 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:09:00.0293 2052 Parport - ok
11:09:00.0326 2052 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
11:09:00.0328 2052 partmgr - ok
11:09:00.0362 2052 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:09:00.0367 2052 PcaSvc - ok
11:09:00.0417 2052 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
11:09:00.0420 2052 pci - ok
11:09:00.0426 2052 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
11:09:00.0428 2052 pciide - ok
11:09:00.0448 2052 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:09:00.0451 2052 pcmcia - ok
11:09:00.0466 2052 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:09:00.0467 2052 pcw - ok
11:09:00.0531 2052 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:09:00.0541 2052 PEAUTH - ok
11:09:00.0614 2052 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:09:00.0617 2052 PerfHost - ok
11:09:00.0756 2052 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
11:09:00.0776 2052 pla - ok
11:09:00.0846 2052 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
11:09:00.0856 2052 PlugPlay - ok
11:09:00.0881 2052 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:09:00.0884 2052 PNRPAutoReg - ok
11:09:00.0929 2052 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:09:00.0934 2052 PNRPsvc - ok
11:09:01.0013 2052 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
11:09:01.0022 2052 PolicyAgent - ok
11:09:01.0064 2052 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:09:01.0070 2052 Power - ok
11:09:01.0135 2052 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
11:09:01.0138 2052 PptpMiniport - ok
11:09:01.0169 2052 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:09:01.0172 2052 Processor - ok
11:09:01.0217 2052 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
11:09:01.0223 2052 ProfSvc - ok
11:09:01.0260 2052 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:09:01.0262 2052 ProtectedStorage - ok
11:09:01.0296 2052 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
11:09:01.0298 2052 Psched - ok
11:09:01.0453 2052 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:09:01.0478 2052 ql2300 - ok
11:09:01.0628 2052 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:09:01.0631 2052 ql40xx - ok
11:09:01.0682 2052 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:09:01.0688 2052 QWAVE - ok
11:09:01.0705 2052 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:09:01.0707 2052 QWAVEdrv - ok
11:09:01.0727 2052 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:09:01.0729 2052 RasAcd - ok
11:09:01.0774 2052 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:09:01.0777 2052 RasAgileVpn - ok
11:09:01.0800 2052 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:09:01.0804 2052 RasAuto - ok
11:09:01.0844 2052 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:09:01.0847 2052 Rasl2tp - ok
11:09:01.0894 2052 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
11:09:01.0901 2052 RasMan - ok
11:09:01.0920 2052 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:09:01.0923 2052 RasPppoe - ok
11:09:01.0954 2052 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:09:01.0956 2052 RasSstp - ok
11:09:01.0987 2052 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
11:09:01.0991 2052 rdbss - ok
11:09:02.0002 2052 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:09:02.0004 2052 rdpbus - ok
11:09:02.0025 2052 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:09:02.0026 2052 RDPCDD - ok
11:09:02.0057 2052 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:09:02.0058 2052 RDPENCDD - ok
11:09:02.0078 2052 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:09:02.0079 2052 RDPREFMP - ok
11:09:02.0116 2052 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
11:09:02.0119 2052 RDPWD - ok
11:09:02.0156 2052 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
11:09:02.0159 2052 rdyboost - ok
11:09:02.0193 2052 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:09:02.0195 2052 RemoteAccess - ok
11:09:02.0221 2052 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:09:02.0224 2052 RemoteRegistry - ok
11:09:02.0239 2052 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:09:02.0241 2052 RpcEptMapper - ok
11:09:02.0258 2052 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:09:02.0260 2052 RpcLocator - ok
11:09:02.0307 2052 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:09:02.0313 2052 RpcSs - ok
11:09:02.0349 2052 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:09:02.0351 2052 rspndr - ok
11:09:02.0393 2052 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:09:02.0398 2052 RTL8167 - ok
11:09:02.0425 2052 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:09:02.0427 2052 SamSs - ok
11:09:02.0455 2052 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
11:09:02.0457 2052 sbp2port - ok
11:09:02.0494 2052 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:09:02.0499 2052 SCardSvr - ok
11:09:02.0513 2052 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
11:09:02.0514 2052 scfilter - ok
11:09:02.0623 2052 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
11:09:02.0640 2052 Schedule - ok
11:09:02.0675 2052 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:09:02.0676 2052 SCPolicySvc - ok
11:09:02.0715 2052 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
11:09:02.0719 2052 SDRSVC - ok
11:09:02.0785 2052 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:09:02.0787 2052 secdrv - ok
11:09:02.0808 2052 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
11:09:02.0811 2052 seclogon - ok
11:09:02.0828 2052 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:09:02.0832 2052 SENS - ok
11:09:02.0849 2052 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:09:02.0852 2052 SensrSvc - ok
11:09:02.0868 2052 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:09:02.0869 2052 Serenum - ok
11:09:02.0891 2052 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:09:02.0893 2052 Serial - ok
11:09:02.0909 2052 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:09:02.0911 2052 sermouse - ok
11:09:02.0949 2052 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
11:09:02.0952 2052 SessionEnv - ok
11:09:02.0971 2052 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:09:02.0972 2052 sffdisk - ok
11:09:02.0989 2052 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:09:02.0990 2052 sffp_mmc - ok
11:09:02.0996 2052 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:09:02.0998 2052 sffp_sd - ok
11:09:03.0014 2052 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:09:03.0015 2052 sfloppy - ok
11:09:03.0079 2052 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:09:03.0086 2052 SharedAccess - ok
11:09:03.0132 2052 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
11:09:03.0140 2052 ShellHWDetection - ok
11:09:03.0162 2052 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:09:03.0164 2052 SiSRaid2 - ok
11:09:03.0183 2052 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:09:03.0186 2052 SiSRaid4 - ok
11:09:03.0213 2052 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:09:03.0215 2052 Smb - ok
11:09:03.0250 2052 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:09:03.0252 2052 SNMPTRAP - ok
11:09:03.0261 2052 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:09:03.0262 2052 spldr - ok
11:09:03.0325 2052 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
11:09:03.0337 2052 Spooler - ok
11:09:03.0586 2052 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
11:09:03.0633 2052 sppsvc - ok
11:09:03.0761 2052 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:09:03.0765 2052 sppuinotify - ok
11:09:03.0835 2052 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
11:09:03.0843 2052 srv - ok
11:09:03.0896 2052 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
11:09:03.0903 2052 srv2 - ok
11:09:03.0958 2052 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:09:03.0964 2052 SrvHsfHDA - ok
11:09:04.0110 2052 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:09:04.0133 2052 SrvHsfV92 - ok
11:09:04.0351 2052 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:09:04.0363 2052 SrvHsfWinac - ok
11:09:04.0394 2052 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
11:09:04.0397 2052 srvnet - ok
11:09:04.0445 2052 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:09:04.0450 2052 SSDPSRV - ok
11:09:04.0473 2052 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:09:04.0477 2052 SstpSvc - ok
11:09:04.0546 2052 Steam Client Service - ok
11:09:04.0569 2052 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:09:04.0571 2052 stexstor - ok
11:09:04.0663 2052 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
11:09:04.0675 2052 stisvc - ok
11:09:04.0689 2052 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:09:04.0690 2052 swenum - ok
11:09:04.0757 2052 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:09:04.0766 2052 swprv - ok
11:09:04.0920 2052 SynTP (bd40d01d81669b02cb8366eb10de95a8) C:\Windows\system32\DRIVERS\SynTP.sys
11:09:04.0943 2052 SynTP - ok
11:09:05.0172 2052 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
11:09:05.0200 2052 SysMain - ok
11:09:05.0312 2052 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
11:09:05.0316 2052 TabletInputService - ok
11:09:05.0356 2052 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
11:09:05.0362 2052 TapiSrv - ok
11:09:05.0383 2052 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:09:05.0386 2052 TBS - ok
11:09:05.0552 2052 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
11:09:05.0579 2052 Tcpip - ok
11:09:05.0887 2052 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
11:09:05.0904 2052 TCPIP6 - ok
11:09:05.0968 2052 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
11:09:05.0970 2052 tcpipreg - ok
11:09:05.0996 2052 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:09:05.0997 2052 TDPIPE - ok
11:09:06.0027 2052 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
11:09:06.0028 2052 TDTCP - ok
11:09:06.0059 2052 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
11:09:06.0062 2052 tdx - ok
11:09:06.0077 2052 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
11:09:06.0079 2052 TermDD - ok
11:09:06.0148 2052 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
11:09:06.0160 2052 TermService - ok
11:09:06.0173 2052 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:09:06.0176 2052 Themes - ok
11:09:06.0204 2052 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:09:06.0205 2052 THREADORDER - ok
11:09:06.0230 2052 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:09:06.0233 2052 TrkWks - ok
11:09:06.0291 2052 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
11:09:06.0294 2052 TrustedInstaller - ok
11:09:06.0321 2052 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:09:06.0323 2052 tssecsrv - ok
11:09:06.0376 2052 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
11:09:06.0378 2052 tunnel - ok
11:09:06.0408 2052 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:09:06.0410 2052 uagp35 - ok
11:09:06.0450 2052 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
11:09:06.0455 2052 udfs - ok
11:09:06.0493 2052 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:09:06.0496 2052 UI0Detect - ok
11:09:06.0518 2052 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
11:09:06.0520 2052 uliagpkx - ok
11:09:06.0549 2052 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
11:09:06.0550 2052 umbus - ok
11:09:06.0567 2052 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:09:06.0569 2052 UmPass - ok
11:09:06.0609 2052 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:09:06.0616 2052 upnphost - ok
11:09:06.0653 2052 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
11:09:06.0656 2052 USBAAPL64 - ok
11:09:06.0689 2052 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
11:09:06.0691 2052 usbccgp - ok
11:09:06.0724 2052 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
11:09:06.0727 2052 usbcir - ok
11:09:06.0752 2052 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
11:09:06.0754 2052 usbehci - ok
11:09:06.0815 2052 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
11:09:06.0821 2052 usbhub - ok
11:09:06.0836 2052 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
11:09:06.0838 2052 usbohci - ok
11:09:06.0869 2052 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:09:06.0870 2052 usbprint - ok
11:09:06.0915 2052 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:09:06.0917 2052 usbscan - ok
11:09:06.0952 2052 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:09:06.0975 2052 USBSTOR - ok
11:09:06.0992 2052 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:09:06.0993 2052 usbuhci - ok
11:09:07.0034 2052 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
11:09:07.0038 2052 usbvideo - ok
11:09:07.0067 2052 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:09:07.0070 2052 UxSms - ok
11:09:07.0104 2052 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:09:07.0105 2052 VaultSvc - ok
11:09:07.0150 2052 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
11:09:07.0152 2052 vdrvroot - ok
11:09:07.0209 2052 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
11:09:07.0218 2052 vds - ok
11:09:07.0235 2052 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:09:07.0237 2052 vga - ok
11:09:07.0252 2052 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:09:07.0254 2052 VgaSave - ok
11:09:07.0282 2052 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
11:09:07.0285 2052 vhdmp - ok
11:09:07.0297 2052 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
11:09:07.0299 2052 viaide - ok
11:09:07.0319 2052 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
11:09:07.0321 2052 volmgr - ok
11:09:07.0354 2052 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
11:09:07.0359 2052 volmgrx - ok
11:09:07.0386 2052 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
11:09:07.0390 2052 volsnap - ok
11:09:07.0445 2052 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:09:07.0448 2052 vsmraid - ok
11:09:07.0591 2052 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
11:09:07.0616 2052 VSS - ok
11:09:07.0736 2052 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:09:07.0738 2052 vwifibus - ok
11:09:07.0772 2052 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:09:07.0774 2052 vwififlt - ok
11:09:07.0816 2052 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:09:07.0818 2052 vwifimp - ok
11:09:07.0873 2052 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:09:07.0880 2052 W32Time - ok
11:09:07.0904 2052 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:09:07.0905 2052 WacomPen - ok
11:09:07.0941 2052 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:09:07.0943 2052 WANARP - ok
11:09:07.0949 2052 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:09:07.0950 2052 Wanarpv6 - ok
11:09:08.0095 2052 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:09:08.0131 2052 WatAdminSvc - ok
11:09:08.0291 2052 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
11:09:08.0319 2052 wbengine - ok
11:09:08.0452 2052 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:09:08.0458 2052 WbioSrvc - ok
11:09:08.0512 2052 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
11:09:08.0520 2052 wcncsvc - ok
11:09:08.0541 2052 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:09:08.0544 2052 WcsPlugInService - ok
11:09:08.0570 2052 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:09:08.0572 2052 Wd - ok
11:09:08.0643 2052 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:09:08.0653 2052 Wdf01000 - ok
11:09:08.0675 2052 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:09:08.0679 2052 WdiServiceHost - ok
11:09:08.0682 2052 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:09:08.0685 2052 WdiSystemHost - ok
11:09:08.0719 2052 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
11:09:08.0724 2052 WebClient - ok
11:09:08.0758 2052 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:09:08.0762 2052 Wecsvc - ok
11:09:08.0776 2052 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:09:08.0779 2052 wercplsupport - ok
11:09:08.0799 2052 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:09:08.0802 2052 WerSvc - ok
11:09:08.0848 2052 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:09:08.0850 2052 WfpLwf - ok
11:09:08.0866 2052 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:09:08.0868 2052 WIMMount - ok
11:09:08.0896 2052 WinDefend - ok
11:09:08.0907 2052 WinHttpAutoProxySvc - ok
11:09:08.0990 2052 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:09:08.0995 2052 Winmgmt - ok
11:09:09.0192 2052 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
11:09:09.0218 2052 WinRM - ok
11:09:09.0374 2052 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
11:09:09.0376 2052 WinUsb - ok
11:09:09.0477 2052 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:09:09.0493 2052 Wlansvc - ok
11:09:09.0514 2052 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:09:09.0515 2052 WmiAcpi - ok
11:09:09.0582 2052 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:09:09.0586 2052 wmiApSrv - ok
11:09:09.0628 2052 WMPNetworkSvc - ok
11:09:09.0659 2052 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:09:09.0663 2052 WPCSvc - ok
11:09:09.0685 2052 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
11:09:09.0689 2052 WPDBusEnum - ok
11:09:09.0711 2052 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:09:09.0712 2052 ws2ifsl - ok
11:09:09.0744 2052 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
11:09:09.0747 2052 wscsvc - ok
11:09:09.0752 2052 WSearch - ok
11:09:09.0946 2052 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:09:09.0976 2052 wuauserv - ok
11:09:10.0103 2052 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
11:09:10.0105 2052 WudfPf - ok
11:09:10.0124 2052 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:09:10.0127 2052 WUDFRd - ok
11:09:10.0150 2052 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
11:09:10.0153 2052 wudfsvc - ok
11:09:10.0185 2052 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:09:10.0191 2052 WwanSvc - ok
11:09:10.0226 2052 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:09:10.0634 2052 \Device\Harddisk0\DR0 - ok
11:09:10.0639 2052 Boot (0x1200) (5f6759084afcf38aa753eb892502abfa) \Device\Harddisk0\DR0\Partition0
11:09:10.0641 2052 \Device\Harddisk0\DR0\Partition0 - ok
11:09:10.0675 2052 Boot (0x1200) (9d9fadc5ffbaf7e6c1dfdb48864ba2f9) \Device\Harddisk0\DR0\Partition1
11:09:10.0678 2052 \Device\Harddisk0\DR0\Partition1 - ok
11:09:10.0706 2052 Boot (0x1200) (b6e6acff5c359ecaf599463224565e68) \Device\Harddisk0\DR0\Partition2
11:09:10.0707 2052 \Device\Harddisk0\DR0\Partition2 - ok
11:09:10.0730 2052 Boot (0x1200) (3de3553ef3b99f2f38ac8a11c4d93b51) \Device\Harddisk0\DR0\Partition3
11:09:10.0732 2052 \Device\Harddisk0\DR0\Partition3 - ok
11:09:10.0733 2052 ============================================================
11:09:10.0733 2052 Scan finished
11:09:10.0733 2052 ============================================================
11:09:10.0752 2112 Detected object count: 0
11:09:10.0752 2112 Actual detected object count: 0

aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-10 11:11:30
-----------------------------
11:11:30.719 OS Version: Windows x64 6.1.7600
11:11:30.719 Number of processors: 2 586 0x170A
11:11:30.721 ComputerName: NATHAN-PC UserName: Nathan
11:11:31.511 Initialize success
11:12:42.396 AVAST engine defs: 12081000
11:14:48.773 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:14:48.777 Disk 0 Vendor: Hitachi_HTS543232L9A300 FB4OC40J Size: 305245MB BusType: 11
11:14:48.807 Disk 0 MBR read successfully
11:14:48.812 Disk 0 MBR scan
11:14:48.832 Disk 0 Windows 7 default MBR code
11:14:48.846 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:14:48.900 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 157900 MB offset 206848
11:14:48.929 Disk 0 Partition 3 00 06 FAT16 135089 MB offset 323586048
11:14:48.978 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 12154 MB offset 600248320
11:14:49.082 Disk 0 scanning C:\Windows\system32\drivers
11:15:00.032 Service scanning
11:15:29.613 Modules scanning
11:15:29.627 Disk 0 trace - called modules:
11:15:29.661 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
11:15:29.669 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c4d060]
11:15:29.678 3 CLASSPNP.SYS[fffff880018ad43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80046ba290]
11:15:30.511 AVAST engine scan C:\Windows
11:15:32.957 AVAST engine scan C:\Windows\system32
11:19:12.217 AVAST engine scan C:\Windows\system32\drivers
11:19:26.364 AVAST engine scan C:\Users\Nathan
11:21:01.553 File: C:\Users\Nathan\AppData\Local\Temp\34408220.Uninstall\Uninstall.exe **INFECTED** Win32:Adware-gen [Adw]
11:22:07.214 File: C:\Users\Nathan\AppData\Local\Temp\is1373634743\volonetBrowseForChangeInstaller.exe **INFECTED** Win32:Dropper-gen [Drp]
11:23:50.716 File: C:\Users\Nathan\AppData\Roaming\Ceuty\ehpoa.exe **INFECTED** Win32:Malware-gen
11:24:47.563 AVAST engine scan C:\ProgramData
11:25:19.316 Scan finished successfully
11:36:17.769 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
11:36:17.832 The log file has been saved successfully to "C:\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 PM

Posted 10 August 2012 - 01:55 PM

Try to run ESET online scanner in safemode with networking

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Ratchet2

Ratchet2
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 26 August 2012 - 03:57 PM

Hey sorry for such a long delay. Computer would not connect to internet for a long time. Anyhow I did a system restore and reran everything from the first and second post, and ran malware bytes until I got a clean scan. Thanks for your patience. Here are the logs for each:

<<TDSSkiller log>>

11:51:47.0384 2164 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
11:51:47.0685 2164 ============================================================
11:51:47.0685 2164 Current date / time: 2012/08/17 11:51:47.0685
11:51:47.0685 2164 SystemInfo:
11:51:47.0685 2164
11:51:47.0685 2164 OS Version: 6.1.7600 ServicePack: 0.0
11:51:47.0685 2164 Product type: Workstation
11:51:47.0685 2164 ComputerName: NATHAN-PC
11:51:47.0686 2164 UserName: Nathan
11:51:47.0686 2164 Windows directory: C:\Windows
11:51:47.0686 2164 System windows directory: C:\Windows
11:51:47.0686 2164 Running under WOW64
11:51:47.0686 2164 Processor architecture: Intel x64
11:51:47.0686 2164 Number of processors: 2
11:51:47.0686 2164 Page size: 0x1000
11:51:47.0686 2164 Boot type: Normal boot
11:51:47.0686 2164 ============================================================
11:51:49.0633 2164 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x1639B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x6D, Type 'K0', Flags 0x00000040
11:51:49.0638 2164 ============================================================
11:51:49.0638 2164 \Device\Harddisk0\DR0:
11:51:49.0638 2164 MBR partitions:
11:51:49.0638 2164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:51:49.0638 2164 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x13466000
11:51:49.0638 2164 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x6, StartLBA 0x13498800, BlocksNum 0x107D8800
11:51:49.0638 2164 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x23C71000, BlocksNum 0x17BD000
11:51:49.0638 2164 ============================================================
11:51:49.0670 2164 C: <-> \Device\Harddisk0\DR0\Partition2
11:51:49.0742 2164 E: <-> \Device\Harddisk0\DR0\Partition4
11:51:49.0742 2164 ============================================================
11:51:49.0742 2164 Initialize success
11:51:49.0742 2164 ============================================================
11:52:18.0912 3708 ============================================================
11:52:18.0912 3708 Scan started
11:52:18.0912 3708 Mode: Manual; TDLFS;
11:52:18.0912 3708 ============================================================
11:52:19.0236 3708 ================ Scan services =============================
11:52:19.0430 3708 [ 1b00662092f9f9568b995902f0cc40d5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
11:52:19.0435 3708 1394ohci - ok
11:52:19.0487 3708 [ 6f11e88748cdefd2f76aa215f97ddfe5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
11:52:19.0494 3708 ACPI - ok
11:52:19.0514 3708 [ 63b05a0420ce4bf0e4af6dcc7cada254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
11:52:19.0516 3708 AcpiPmi - ok
11:52:19.0617 3708 [ 11a52cf7b265631deeb24c6149309eff ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:52:19.0619 3708 AdobeARMservice - ok
11:52:19.0757 3708 [ 459ac130c6ab892b1cd5d7544626efc5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:52:19.0763 3708 AdobeFlashPlayerUpdateSvc - ok
11:52:19.0829 3708 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:52:19.0839 3708 adp94xx - ok
11:52:19.0865 3708 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:52:19.0872 3708 adpahci - ok
11:52:19.0901 3708 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:52:19.0906 3708 adpu320 - ok
11:52:19.0942 3708 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:52:19.0944 3708 AeLookupSvc - ok
11:52:19.0987 3708 [ db9d6c6b2cd95a9ca414d045b627422e ] AFD C:\Windows\system32\drivers\afd.sys
11:52:19.0996 3708 AFD - ok
11:52:20.0040 3708 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
11:52:20.0042 3708 agp440 - ok
11:52:20.0069 3708 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
11:52:20.0071 3708 ALG - ok
11:52:20.0107 3708 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
11:52:20.0108 3708 aliide - ok
11:52:20.0126 3708 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\DRIVERS\amdide.sys
11:52:20.0128 3708 amdide - ok
11:52:20.0163 3708 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:52:20.0166 3708 AmdK8 - ok
11:52:20.0183 3708 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:52:20.0185 3708 AmdPPM - ok
11:52:20.0222 3708 [ ec7ebab00a4d8448bab68d1e49b4beb9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:52:20.0225 3708 amdsata - ok
11:52:20.0281 3708 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:52:20.0285 3708 amdsbs - ok
11:52:20.0305 3708 [ db27766102c7bf7e95140a2aa81d042e ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:52:20.0306 3708 amdxata - ok
11:52:20.0360 3708 [ 42fd751b27fa0e9c69bb39f39e409594 ] AppID C:\Windows\system32\drivers\appid.sys
11:52:20.0363 3708 AppID - ok
11:52:20.0384 3708 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:52:20.0386 3708 AppIDSvc - ok
11:52:20.0405 3708 [ d065be66822847b7f127d1f90158376e ] Appinfo C:\Windows\System32\appinfo.dll
11:52:20.0407 3708 Appinfo - ok
11:52:20.0483 3708 [ 3debbecf665dcdde3a95d9b902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:52:20.0486 3708 Apple Mobile Device - ok
11:52:20.0515 3708 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys
11:52:20.0517 3708 arc - ok
11:52:20.0538 3708 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:52:20.0541 3708 arcsas - ok
11:52:20.0577 3708 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:52:20.0578 3708 AsyncMac - ok
11:52:20.0589 3708 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\DRIVERS\atapi.sys
11:52:20.0590 3708 atapi - ok
11:52:20.0659 3708 [ 38562a6a9cb10844759eaf2b01a7fcd3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:52:20.0686 3708 athr - ok
11:52:20.0744 3708 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:52:20.0757 3708 AudioEndpointBuilder - ok
11:52:20.0774 3708 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:52:20.0781 3708 AudioSrv - ok
11:52:20.0813 3708 [ b20b5fa5ca050e9926e4d1db81501b32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:52:20.0817 3708 AxInstSV - ok
11:52:20.0870 3708 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:52:20.0879 3708 b06bdrv - ok
11:52:20.0924 3708 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:52:20.0931 3708 b57nd60a - ok
11:52:20.0982 3708 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:52:20.0985 3708 BDESVC - ok
11:52:21.0001 3708 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:52:21.0004 3708 Beep - ok
11:52:21.0082 3708 [ 4992c609a6315671463e30f6512bc022 ] BFE C:\Windows\System32\bfe.dll
11:52:21.0095 3708 BFE - ok
11:52:21.0136 3708 [ 7f0c323fe3da28aa4aa1bda3f575707f ] BITS C:\Windows\System32\qmgr.dll
11:52:21.0153 3708 BITS - ok
11:52:21.0192 3708 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:52:21.0193 3708 blbdrive - ok
11:52:21.0278 3708 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:52:21.0287 3708 Bonjour Service - ok
11:52:21.0342 3708 [ 19d20159708e152267e53b66677a4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:52:21.0344 3708 bowser - ok
11:52:21.0386 3708 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:52:21.0388 3708 BrFiltLo - ok
11:52:21.0407 3708 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:52:21.0409 3708 BrFiltUp - ok
11:52:21.0431 3708 [ 94fbc06f294d58d02361918418f996e3 ] Browser C:\Windows\System32\browser.dll
11:52:21.0433 3708 Browser - ok
11:52:21.0457 3708 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:52:21.0463 3708 Brserid - ok
11:52:21.0484 3708 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:52:21.0487 3708 BrSerWdm - ok
11:52:21.0493 3708 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:52:21.0495 3708 BrUsbMdm - ok
11:52:21.0504 3708 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:52:21.0505 3708 BrUsbSer - ok
11:52:21.0513 3708 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:52:21.0516 3708 BTHMODEM - ok
11:52:21.0542 3708 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
11:52:21.0544 3708 bthserv - ok
11:52:21.0563 3708 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:52:21.0566 3708 cdfs - ok
11:52:21.0624 3708 [ 83d2d75e1efb81b3450c18131443f7db ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:52:21.0627 3708 cdrom - ok
11:52:21.0667 3708 [ 312e2f82af11e79906898ac3e3d58a1f ] CertPropSvc C:\Windows\System32\certprop.dll
11:52:21.0672 3708 CertPropSvc - ok
11:52:21.0712 3708 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:52:21.0714 3708 circlass - ok
11:52:21.0741 3708 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
11:52:21.0749 3708 CLFS - ok
11:52:21.0808 3708 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:52:21.0811 3708 clr_optimization_v2.0.50727_32 - ok
11:52:21.0870 3708 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:52:21.0873 3708 clr_optimization_v2.0.50727_64 - ok
11:52:21.0936 3708 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:52:21.0939 3708 clr_optimization_v4.0.30319_32 - ok
11:52:21.0982 3708 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:52:21.0986 3708 clr_optimization_v4.0.30319_64 - ok
11:52:22.0043 3708 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:52:22.0044 3708 CmBatt - ok
11:52:22.0060 3708 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
11:52:22.0062 3708 cmdide - ok
11:52:22.0104 3708 [ ca7720b73446fddec5c69519c1174c98 ] CNG C:\Windows\system32\Drivers\cng.sys
11:52:22.0113 3708 CNG - ok
11:52:22.0160 3708 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:52:22.0161 3708 Compbatt - ok
11:52:22.0195 3708 [ f26b3a86f6fa87ca360b879581ab4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:52:22.0209 3708 CompositeBus - ok
11:52:22.0224 3708 COMSysApp - ok
11:52:22.0257 3708 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:52:22.0259 3708 crcdisk - ok
11:52:22.0305 3708 [ f02786b66375292e58c8777082d4396d ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:52:22.0310 3708 CryptSvc - ok
11:52:22.0360 3708 [ 7266972e86890e2b30c0c322e906b027 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:52:22.0371 3708 DcomLaunch - ok
11:52:22.0399 3708 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
11:52:22.0406 3708 defragsvc - ok
11:52:22.0454 3708 [ 9c253ce7311ca60fc11c774692a13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:52:22.0457 3708 DfsC - ok
11:52:22.0500 3708 [ ce3b9562d997f69b330d181a8875960f ] Dhcp C:\Windows\system32\dhcpcore.dll
11:52:22.0507 3708 Dhcp - ok
11:52:22.0542 3708 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
11:52:22.0543 3708 discache - ok
11:52:22.0586 3708 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:52:22.0588 3708 Disk - ok
11:52:22.0628 3708 [ 85cf424c74a1d5ec33533e1dbff9920a ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:52:22.0632 3708 Dnscache - ok
11:52:22.0656 3708 [ 14452acdb09b70964c8c21bf80a13acb ] dot3svc C:\Windows\System32\dot3svc.dll
11:52:22.0663 3708 dot3svc - ok
11:52:22.0685 3708 [ 8c2ba6bea949ee6e68385f5692bafb94 ] DPS C:\Windows\system32\dps.dll
11:52:22.0690 3708 DPS - ok
11:52:22.0732 3708 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:52:22.0734 3708 drmkaud - ok
11:52:22.0789 3708 [ 1633b9abf52784a1331476397a48cbef ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:52:22.0799 3708 DXGKrnl - ok
11:52:22.0847 3708 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:52:22.0851 3708 EapHost - ok
11:52:22.0958 3708 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:52:23.0050 3708 ebdrv - ok
11:52:23.0086 3708 [ 156f6159457d0aa7e59b62681b56eb90 ] EFS C:\Windows\System32\lsass.exe
11:52:23.0089 3708 EFS - ok
11:52:23.0145 3708 [ 47c071994c3f649f23d9cd075ac9304a ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:52:23.0157 3708 ehRecvr - ok
11:52:23.0189 3708 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
11:52:23.0193 3708 ehSched - ok
11:52:23.0256 3708 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:52:23.0266 3708 elxstor - ok
11:52:23.0286 3708 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
11:52:23.0287 3708 ErrDev - ok
11:52:23.0338 3708 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
11:52:23.0345 3708 EventSystem - ok
11:52:23.0369 3708 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
11:52:23.0374 3708 exfat - ok
11:52:23.0389 3708 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:52:23.0395 3708 fastfat - ok
11:52:23.0445 3708 [ d607b2f1bee3992aa6c2c92c0a2f0855 ] Fax C:\Windows\system32\fxssvc.exe
11:52:23.0459 3708 Fax - ok
11:52:23.0480 3708 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:52:23.0482 3708 fdc - ok
11:52:23.0531 3708 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:52:23.0533 3708 fdPHost - ok
11:52:23.0550 3708 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:52:23.0553 3708 FDResPub - ok
11:52:23.0564 3708 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:52:23.0566 3708 FileInfo - ok
11:52:23.0580 3708 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:52:23.0582 3708 Filetrace - ok
11:52:23.0618 3708 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:52:23.0620 3708 flpydisk - ok
11:52:23.0641 3708 [ f7866af72abbaf84b1fa5aa195378c59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:52:23.0647 3708 FltMgr - ok
11:52:23.0697 3708 [ cb5e4b9c319e3c6bb363eb7e58a4a051 ] FontCache C:\Windows\system32\FntCache.dll
11:52:23.0719 3708 FontCache - ok
11:52:23.0780 3708 [ 8d89e3131c27fdd6932189cb785e1b7a ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:52:23.0782 3708 FontCache3.0.0.0 - ok
11:52:23.0813 3708 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:52:23.0816 3708 FsDepends - ok
11:52:23.0847 3708 [ d3e3f93d67821a2db2b3d9fac2dc2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:52:23.0848 3708 Fs_Rec - ok
11:52:23.0894 3708 [ ae87ba80d0ec3b57126ed2cdc15b24ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:52:23.0898 3708 fvevol - ok
11:52:23.0920 3708 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:52:23.0922 3708 gagp30kx - ok
11:52:23.0956 3708 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:52:23.0957 3708 GEARAspiWDM - ok
11:52:24.0002 3708 [ fe5ab4525bc2ec68b9119a6e5d40128b ] gpsvc C:\Windows\System32\gpsvc.dll
11:52:24.0017 3708 gpsvc - ok
11:52:24.0085 3708 [ 721ce1551f8198714f3cabfe2147939b ] Gun C:\Game\SoftnyxGame\GunBoundIS\Gun64.sys
11:52:24.0087 3708 Gun - ok
11:52:24.0108 3708 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:52:24.0110 3708 hcw85cir - ok
11:52:24.0166 3708 [ 6410f6f415b2a5a9037224c41da8bf12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:52:24.0173 3708 HdAudAddService - ok
11:52:24.0206 3708 [ 0a49913402747a0b67de940fb42cbdbb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:52:24.0209 3708 HDAudBus - ok
11:52:24.0222 3708 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:52:24.0224 3708 HidBatt - ok
11:52:24.0243 3708 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:52:24.0246 3708 HidBth - ok
11:52:24.0264 3708 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:52:24.0266 3708 HidIr - ok
11:52:24.0296 3708 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
11:52:24.0299 3708 hidserv - ok
11:52:24.0340 3708 [ b3bf6b5b50006def50b66306d99fcf6f ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:52:24.0369 3708 HidUsb - ok
11:52:24.0403 3708 [ efa58ede58dd74388ffd04cb32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:52:24.0407 3708 hkmsvc - ok
11:52:24.0427 3708 [ 046b2673767ca626e2cfb7fdf735e9e8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:52:24.0435 3708 HomeGroupListener - ok
11:52:24.0465 3708 [ 06a7422224d9865a5613710a089987df ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:52:24.0472 3708 HomeGroupProvider - ok
11:52:24.0526 3708 [ 0886d440058f203eba0e1825e4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
11:52:24.0529 3708 HpSAMD - ok
11:52:24.0578 3708 [ cee049cac4efa7f4e1e4ad014414a5d4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:52:24.0591 3708 HTTP - ok
11:52:24.0604 3708 [ f17766a19145f111856378df337a5d79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:52:24.0605 3708 hwpolicy - ok
11:52:24.0621 3708 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:52:24.0624 3708 i8042prt - ok
11:52:24.0660 3708 [ b75e45c564e944a2657167d197ab29da ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:52:24.0669 3708 iaStorV - ok
11:52:24.0735 3708 [ 2f2be70d3e02b6fa877921ab9516d43c ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:52:24.0751 3708 idsvc - ok
11:52:25.0149 3708 [ a87261ef1546325b559374f5689cf5bc ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:52:25.0377 3708 igfx - ok
11:52:25.0404 3708 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:52:25.0406 3708 iirsp - ok
11:52:25.0454 3708 [ c5b4683680df085b57bc53e5ef34861f ] IKEEXT C:\Windows\System32\ikeext.dll
11:52:25.0470 3708 IKEEXT - ok
11:52:25.0492 3708 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\DRIVERS\intelide.sys
11:52:25.0494 3708 intelide - ok
11:52:25.0530 3708 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:52:25.0531 3708 intelppm - ok
11:52:25.0547 3708 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:52:25.0551 3708 IPBusEnum - ok
11:52:25.0577 3708 [ 722dd294df62483cecaae6e094b4d695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:52:25.0579 3708 IpFilterDriver - ok
11:52:25.0614 3708 [ f8e058d17363ec580e4b7232778b6cb5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:52:25.0626 3708 iphlpsvc - ok
11:52:25.0640 3708 [ e2b4a4494db7cb9b89b55ca268c337c5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:52:25.0642 3708 IPMIDRV - ok
11:52:25.0657 3708 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:52:25.0660 3708 IPNAT - ok
11:52:25.0723 3708 [ ee4c2a137c7088911a8919effc9812e7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:52:25.0740 3708 iPod Service - ok
11:52:25.0788 3708 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:52:25.0790 3708 IRENUM - ok
11:52:25.0812 3708 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
11:52:25.0814 3708 isapnp - ok
11:52:25.0839 3708 [ fa4d2557de56d45b0a346f93564be6e1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:52:25.0844 3708 iScsiPrt - ok
11:52:25.0882 3708 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:52:25.0884 3708 kbdclass - ok
11:52:25.0919 3708 [ 6def98f8541e1b5dceb2c822a11f7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:52:25.0921 3708 kbdhid - ok
11:52:25.0942 3708 [ 156f6159457d0aa7e59b62681b56eb90 ] KeyIso C:\Windows\system32\lsass.exe
11:52:25.0944 3708 KeyIso - ok
11:52:25.0973 3708 [ 4f4b5fde429416877de7143044582eb5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:52:25.0975 3708 KSecDD - ok
11:52:25.0989 3708 [ 6f40465a44ecdc1731befafec5bdd03c ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:52:25.0993 3708 KSecPkg - ok
11:52:26.0024 3708 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:52:26.0027 3708 ksthunk - ok
11:52:26.0062 3708 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
11:52:26.0071 3708 KtmRm - ok
11:52:26.0108 3708 [ 81f1d04d4d0e433099365127375fd501 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:52:26.0115 3708 LanmanServer - ok
11:52:26.0164 3708 [ 27026eac8818e8a6c00a1cad2f11d29a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:52:26.0170 3708 LanmanWorkstation - ok
11:52:26.0226 3708 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:52:26.0228 3708 lltdio - ok
11:52:26.0254 3708 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:52:26.0262 3708 lltdsvc - ok
11:52:26.0285 3708 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:52:26.0288 3708 lmhosts - ok
11:52:26.0319 3708 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:52:26.0322 3708 LSI_FC - ok
11:52:26.0344 3708 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:52:26.0347 3708 LSI_SAS - ok
11:52:26.0363 3708 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:52:26.0365 3708 LSI_SAS2 - ok
11:52:26.0386 3708 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:52:26.0389 3708 LSI_SCSI - ok
11:52:26.0428 3708 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
11:52:26.0431 3708 luafv - ok
11:52:26.0458 3708 [ f84c8f1000bc11e3b7b23cbd3baff111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:52:26.0462 3708 Mcx2Svc - ok
11:52:26.0480 3708 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:52:26.0482 3708 megasas - ok
11:52:26.0502 3708 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:52:26.0507 3708 MegaSR - ok
11:52:26.0530 3708 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
11:52:26.0533 3708 MMCSS - ok
11:52:26.0550 3708 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:52:26.0552 3708 Modem - ok
11:52:26.0579 3708 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:52:26.0580 3708 monitor - ok
11:52:26.0616 3708 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:52:26.0617 3708 mouclass - ok
11:52:26.0664 3708 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:52:26.0687 3708 mouhid - ok
11:52:26.0728 3708 [ 791af66c4d0e7c90a3646066386fb571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:52:26.0730 3708 mountmgr - ok
11:52:26.0820 3708 [ 96aa8ba23142cc8e2b30f3cae0c80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:52:26.0821 3708 MozillaMaintenance - ok
11:52:26.0862 3708 [ 94c66ededcdb6a126880472f9a704d8e ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
11:52:26.0866 3708 MpFilter - ok
11:52:26.0887 3708 [ 609d1d87649ecc19796f4d76d4c15cea ] mpio C:\Windows\system32\DRIVERS\mpio.sys
11:52:26.0891 3708 mpio - ok
11:52:26.0906 3708 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:52:26.0908 3708 mpsdrv - ok
11:52:26.0947 3708 [ aecab449567d1846dad63ece49e893e3 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:52:26.0964 3708 MpsSvc - ok
11:52:26.0980 3708 [ 30524261bb51d96d6fcbac20c810183c ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:52:26.0984 3708 MRxDAV - ok
11:52:27.0041 3708 [ 040d62a9d8ad28922632137acdd984f2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:52:27.0046 3708 mrxsmb - ok
11:52:27.0076 3708 [ f0067552f8f9b33d7c59403ab808a3cb ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:52:27.0081 3708 mrxsmb10 - ok
11:52:27.0119 3708 [ 3c142d31de9f2f193218a53fe2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:52:27.0122 3708 mrxsmb20 - ok
11:52:27.0169 3708 [ 5c37497276e3b3a5488b23a326a754b7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
11:52:27.0170 3708 msahci - ok
11:52:27.0205 3708 [ 8d27b597229aed79430fb9db3bcbfbd0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
11:52:27.0209 3708 msdsm - ok
11:52:27.0231 3708 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
11:52:27.0236 3708 MSDTC - ok
11:52:27.0265 3708 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:52:27.0267 3708 Msfs - ok
11:52:27.0284 3708 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:52:27.0286 3708 mshidkmdf - ok
11:52:27.0302 3708 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
11:52:27.0303 3708 msisadrv - ok
11:52:27.0347 3708 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:52:27.0354 3708 MSiSCSI - ok
11:52:27.0360 3708 msiserver - ok
11:52:27.0400 3708 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:52:27.0402 3708 MSKSSRV - ok
11:52:27.0448 3708 [ 59faaf2c83c8169ea20f9e335e418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:52:27.0449 3708 MsMpSvc - ok
11:52:27.0468 3708 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:52:27.0470 3708 MSPCLOCK - ok
11:52:27.0476 3708 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:52:27.0478 3708 MSPQM - ok
11:52:27.0504 3708 [ 89cb141aa8616d8c6a4610fa26c60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:52:27.0511 3708 MsRPC - ok
11:52:27.0527 3708 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:52:27.0528 3708 mssmbios - ok
11:52:27.0544 3708 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:52:27.0546 3708 MSTEE - ok
11:52:27.0557 3708 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:52:27.0559 3708 MTConfig - ok
11:52:27.0600 3708 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:52:27.0602 3708 Mup - ok
11:52:27.0640 3708 [ 4987e079a4530fa737a128be54b63b12 ] napagent C:\Windows\system32\qagentRT.dll
11:52:27.0652 3708 napagent - ok
11:52:27.0728 3708 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:52:27.0735 3708 NativeWifiP - ok
11:52:27.0795 3708 [ cad515dbd07d082bb317d9928ce8962c ] NDIS C:\Windows\system32\drivers\ndis.sys
11:52:27.0812 3708 NDIS - ok
11:52:27.0849 3708 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:52:27.0851 3708 NdisCap - ok
11:52:27.0885 3708 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:52:27.0887 3708 NdisTapi - ok
11:52:27.0935 3708 [ f105ba1e22bf1f2ee8f005d4305e4bec ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:52:27.0937 3708 Ndisuio - ok
11:52:27.0952 3708 [ 557dfab9ca1fcb036ac77564c010dad3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:52:27.0957 3708 NdisWan - ok
11:52:27.0973 3708 [ 659b74fb74b86228d6338d643cd3e3cf ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:52:27.0976 3708 NDProxy - ok
11:52:27.0994 3708 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:52:27.0996 3708 NetBIOS - ok
11:52:28.0021 3708 [ 9162b273a44ab9dce5b44362731d062a ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:52:28.0026 3708 NetBT - ok
11:52:28.0042 3708 [ 156f6159457d0aa7e59b62681b56eb90 ] Netlogon C:\Windows\system32\lsass.exe
11:52:28.0044 3708 Netlogon - ok
11:52:28.0100 3708 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
11:52:28.0109 3708 Netman - ok
11:52:28.0124 3708 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
11:52:28.0134 3708 netprofm - ok
11:52:28.0175 3708 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:52:28.0179 3708 NetTcpPortSharing - ok
11:52:28.0203 3708 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:52:28.0205 3708 nfrd960 - ok
11:52:28.0275 3708 [ 91b4e0273d2f6c24ef845f2b41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:52:28.0277 3708 NisDrv - ok
11:52:28.0304 3708 [ 10a43829a9e606af3eef25a1c1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
11:52:28.0310 3708 NisSrv - ok
11:52:28.0364 3708 [ d9a0ce66046d6efa0c61baa885cba0a8 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:52:28.0372 3708 NlaSvc - ok
11:52:28.0387 3708 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:52:28.0389 3708 Npfs - ok
11:52:28.0407 3708 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:52:28.0411 3708 nsi - ok
11:52:28.0437 3708 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:52:28.0439 3708 nsiproxy - ok
11:52:28.0505 3708 [ 378e0e0dfea67d98ae6ea53adbbd76bc ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:52:28.0535 3708 Ntfs - ok
11:52:28.0563 3708 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
11:52:28.0565 3708 Null - ok
11:52:28.0601 3708 [ a4d9c9a608a97f59307c2f2600edc6a4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:52:28.0606 3708 nvraid - ok
11:52:28.0625 3708 [ 6c1d5f70e7a6a3fd1c90d840edc048b9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:52:28.0630 3708 nvstor - ok
11:52:28.0655 3708 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
11:52:28.0659 3708 nv_agp - ok
11:52:28.0732 3708 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:52:28.0741 3708 odserv - ok
11:52:28.0778 3708 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:52:28.0780 3708 ohci1394 - ok
11:52:28.0804 3708 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:52:28.0808 3708 ose - ok
11:52:28.0848 3708 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:52:28.0857 3708 p2pimsvc - ok
11:52:28.0874 3708 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:52:28.0885 3708 p2psvc - ok
11:52:28.0912 3708 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:52:28.0915 3708 Parport - ok
11:52:28.0949 3708 [ 90061b1acfe8ccaa5345750ffe08d8b8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:52:28.0951 3708 partmgr - ok
11:52:28.0967 3708 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:52:28.0973 3708 PcaSvc - ok
11:52:29.0011 3708 [ f36f6504009f2fb0dfd1b17a116ad74b ] pci C:\Windows\system32\DRIVERS\pci.sys
11:52:29.0015 3708 pci - ok
11:52:29.0021 3708 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\DRIVERS\pciide.sys
11:52:29.0023 3708 pciide - ok
11:52:29.0034 3708 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:52:29.0039 3708 pcmcia - ok
11:52:29.0058 3708 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:52:29.0060 3708 pcw - ok
11:52:29.0105 3708 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:52:29.0117 3708 PEAUTH - ok
11:52:29.0208 3708 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:52:29.0211 3708 PerfHost - ok
11:52:29.0286 3708 [ 557e9a86f65f0de18c9b6751dfe9d3f1 ] pla C:\Windows\system32\pla.dll
11:52:29.0313 3708 pla - ok
11:52:29.0373 3708 [ 98b1721b8718164293b9701b98c52d77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:52:29.0384 3708 PlugPlay - ok
11:52:29.0407 3708 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:52:29.0411 3708 PNRPAutoReg - ok
11:52:29.0437 3708 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:52:29.0442 3708 PNRPsvc - ok
11:52:29.0476 3708 [ 166eb40d1f5b47e615de3d0fffe5f243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:52:29.0487 3708 PolicyAgent - ok
11:52:29.0517 3708 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
11:52:29.0524 3708 Power - ok
11:52:29.0556 3708 [ 27cc19e81ba5e3403c48302127bda717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:52:29.0559 3708 PptpMiniport - ok
11:52:29.0594 3708 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:52:29.0596 3708 Processor - ok
11:52:29.0630 3708 [ 97293447431311c06703368ad0f6c4be ] ProfSvc C:\Windows\system32\profsvc.dll
11:52:29.0637 3708 ProfSvc - ok
11:52:29.0653 3708 [ 156f6159457d0aa7e59b62681b56eb90 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:52:29.0655 3708 ProtectedStorage - ok
11:52:29.0694 3708 [ ee992183bd8eaefd9973f352e587a299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:52:29.0696 3708 Psched - ok
11:52:29.0760 3708 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:52:29.0787 3708 ql2300 - ok
11:52:29.0817 3708 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:52:29.0821 3708 ql40xx - ok
11:52:29.0864 3708 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
11:52:29.0871 3708 QWAVE - ok
11:52:29.0886 3708 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:52:29.0889 3708 QWAVEdrv - ok
11:52:29.0900 3708 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:52:29.0902 3708 RasAcd - ok
11:52:29.0932 3708 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:52:29.0934 3708 RasAgileVpn - ok
11:52:29.0955 3708 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
11:52:29.0960 3708 RasAuto - ok
11:52:29.0997 3708 [ 87a6e852a22991580d6d39adc4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:52:30.0007 3708 Rasl2tp - ok
11:52:30.0035 3708 [ 47394ed3d16d053f5906efe5ab51cc83 ] RasMan C:\Windows\System32\rasmans.dll
11:52:30.0044 3708 RasMan - ok
11:52:30.0067 3708 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:52:30.0069 3708 RasPppoe - ok
11:52:30.0089 3708 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:52:30.0092 3708 RasSstp - ok
11:52:30.0114 3708 [ 3bac8142102c15d59a87757c1d41dce5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:52:30.0121 3708 rdbss - ok
11:52:30.0140 3708 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:52:30.0142 3708 rdpbus - ok
11:52:30.0154 3708 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:52:30.0155 3708 RDPCDD - ok
11:52:30.0197 3708 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:52:30.0198 3708 RDPENCDD - ok
11:52:30.0217 3708 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:52:30.0218 3708 RDPREFMP - ok
11:52:30.0246 3708 [ 447de7e3dea39d422c1504f245b668b1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:52:30.0251 3708 RDPWD - ok
11:52:30.0297 3708 [ 634b9a2181d98f15941236886164ec8b ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:52:30.0301 3708 rdyboost - ok
11:52:30.0338 3708 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:52:30.0343 3708 RemoteAccess - ok
11:52:30.0364 3708 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:52:30.0370 3708 RemoteRegistry - ok
11:52:30.0386 3708 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:52:30.0391 3708 RpcEptMapper - ok
11:52:30.0409 3708 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
11:52:30.0411 3708 RpcLocator - ok
11:52:30.0448 3708 [ 7266972e86890e2b30c0c322e906b027 ] RpcSs C:\Windows\system32\rpcss.dll
11:52:30.0456 3708 RpcSs - ok
11:52:30.0507 3708 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:52:30.0509 3708 rspndr - ok
11:52:30.0556 3708 [ baefee35d27a5440d35092ce10267bec ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:52:30.0560 3708 RTL8167 - ok
11:52:30.0575 3708 [ 156f6159457d0aa7e59b62681b56eb90 ] SamSs C:\Windows\system32\lsass.exe
11:52:30.0577 3708 SamSs - ok
11:52:30.0600 3708 [ e3bbb89983daf5622c1d50cf49f28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
11:52:30.0604 3708 sbp2port - ok
11:52:30.0636 3708 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:52:30.0643 3708 SCardSvr - ok
11:52:30.0662 3708 [ c94da20c7e3ba1dca269bc8460d98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:52:30.0664 3708 scfilter - ok
11:52:30.0721 3708 [ 624d0f5ff99428bb90a5b8a4123e918e ] Schedule C:\Windows\system32\schedsvc.dll
11:52:30.0743 3708 Schedule - ok
11:52:30.0766 3708 [ 312e2f82af11e79906898ac3e3d58a1f ] SCPolicySvc C:\Windows\System32\certprop.dll
11:52:30.0768 3708 SCPolicySvc - ok
11:52:30.0802 3708 [ 765a27c3279ce11d14cb9e4f5869fca5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:52:30.0809 3708 SDRSVC - ok
11:52:30.0846 3708 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:52:30.0847 3708 secdrv - ok
11:52:30.0868 3708 [ 463b386ebc70f98da5dff85f7e654346 ] seclogon C:\Windows\system32\seclogon.dll
11:52:30.0872 3708 seclogon - ok
11:52:30.0886 3708 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
11:52:30.0891 3708 SENS - ok
11:52:30.0911 3708 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:52:30.0916 3708 SensrSvc - ok
11:52:30.0929 3708 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:52:30.0930 3708 Serenum - ok
11:52:30.0953 3708 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:52:30.0956 3708 Serial - ok
11:52:30.0970 3708 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:52:30.0972 3708 sermouse - ok
11:52:31.0017 3708 [ c3bc61ce47ff6f4e88ab8a3b429a36af ] SessionEnv C:\Windows\system32\sessenv.dll
11:52:31.0022 3708 SessionEnv - ok
11:52:31.0065 3708 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
11:52:31.0067 3708 sffdisk - ok
11:52:31.0084 3708 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:52:31.0085 3708 sffp_mmc - ok
11:52:31.0102 3708 [ 5588b8c6193eb1522490c122eb94dffa ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
11:52:31.0105 3708 sffp_sd - ok
11:52:31.0119 3708 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:52:31.0121 3708 sfloppy - ok
11:52:31.0163 3708 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:52:31.0171 3708 SharedAccess - ok
11:52:31.0193 3708 [ 0298ac45d0efffb2db4baa7dd186e7bf ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:52:31.0202 3708 ShellHWDetection - ok
11:52:31.0221 3708 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:52:31.0224 3708 SiSRaid2 - ok
11:52:31.0242 3708 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:52:31.0245 3708 SiSRaid4 - ok
11:52:31.0281 3708 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:52:31.0284 3708 Smb - ok
11:52:31.0334 3708 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:52:31.0337 3708 SNMPTRAP - ok
11:52:31.0355 3708 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:52:31.0357 3708 spldr - ok
11:52:31.0398 3708 [ f8e1fa03cb70d54a9892ac88b91d1e7b ] Spooler C:\Windows\System32\spoolsv.exe
11:52:31.0407 3708 Spooler - ok
11:52:31.0510 3708 [ 913d843498553a1bc8f8dbad6358e49f ] sppsvc C:\Windows\system32\sppsvc.exe
11:52:31.0614 3708 sppsvc - ok
11:52:31.0631 3708 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:52:31.0634 3708 sppuinotify - ok
11:52:31.0669 3708 [ 2408c0366d96bcdf63e8f1c78e4a29c5 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:52:31.0678 3708 srv - ok
11:52:31.0701 3708 [ 76548f7b818881b47d8d1ae1be9c11f8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:52:31.0710 3708 srv2 - ok
11:52:31.0747 3708 [ 0c4540311e11664b245a263e1154cef8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:52:31.0752 3708 SrvHsfHDA - ok
11:52:31.0809 3708 [ 02071d207a9858fbe3a48cbfd59c4a04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:52:31.0836 3708 SrvHsfV92 - ok
11:52:31.0890 3708 [ 18e40c245dbfaf36fd0134a7ef2df396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:52:31.0903 3708 SrvHsfWinac - ok
11:52:31.0927 3708 [ 0af6e19d39c70844c5caa8fb0183c36e ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:52:31.0931 3708 srvnet - ok
11:52:31.0985 3708 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:52:31.0992 3708 SSDPSRV - ok
11:52:32.0010 3708 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:52:32.0015 3708 SstpSvc - ok
11:52:32.0059 3708 Steam Client Service - ok
11:52:32.0075 3708 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:52:32.0077 3708 stexstor - ok
11:52:32.0131 3708 [ 52d0e33b681bd0f33fdc08812fee4f7d ] stisvc C:\Windows\System32\wiaservc.dll
11:52:32.0144 3708 stisvc - ok
11:52:32.0163 3708 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:52:32.0164 3708 swenum - ok
11:52:32.0204 3708 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
11:52:32.0216 3708 swprv - ok
11:52:32.0294 3708 [ bd40d01d81669b02cb8366eb10de95a8 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:52:32.0308 3708 SynTP - ok
11:52:32.0380 3708 [ 3c1284516a62078fb68f768de4f1a7be ] SysMain C:\Windows\system32\sysmain.dll
11:52:32.0414 3708 SysMain - ok
11:52:32.0435 3708 [ 238935c3cf2854886dc7cbb2a0e2cc66 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:52:32.0441 3708 TabletInputService - ok
11:52:32.0472 3708 [ 884264ac597b690c5707c89723bb8e7b ] TapiSrv C:\Windows\System32\tapisrv.dll
11:52:32.0481 3708 TapiSrv - ok
11:52:32.0498 3708 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
11:52:32.0503 3708 TBS - ok
11:52:32.0574 3708 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:52:32.0608 3708 Tcpip - ok
11:52:32.0685 3708 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:52:32.0703 3708 TCPIP6 - ok
11:52:32.0740 3708 [ 76d078af6f587b162d50210f761eb9ed ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:52:32.0741 3708 tcpipreg - ok
11:52:32.0781 3708 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:52:32.0783 3708 TDPIPE - ok
11:52:32.0811 3708 [ 7518f7bcfd4b308abc9192bacaf6c970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:52:32.0813 3708 TDTCP - ok
11:52:32.0830 3708 [ 079125c4b17b01fcaeebce0bcb290c0f ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:52:32.0833 3708 tdx - ok
11:52:32.0849 3708 [ c448651339196c0e869a355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:52:32.0850 3708 TermDD - ok
11:52:32.0894 3708 [ 0f05ec2887bfe197ad82a13287d2f404 ] TermService C:\Windows\System32\termsrv.dll
11:52:32.0907 3708 TermService - ok
11:52:32.0920 3708 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
11:52:32.0923 3708 Themes - ok
11:52:32.0941 3708 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
11:52:32.0943 3708 THREADORDER - ok
11:52:32.0965 3708 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
11:52:32.0971 3708 TrkWks - ok
11:52:33.0019 3708 [ 840f7fb849f5887a49ba18c13b2da920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:52:33.0023 3708 TrustedInstaller - ok
11:52:33.0060 3708 [ 61b96c26131e37b24e93327a0bd1fb95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:52:33.0062 3708 tssecsrv - ok
11:52:33.0111 3708 [ 3836171a2cdf3af8ef10856db9835a70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:52:33.0114 3708 tunnel - ok
11:52:33.0146 3708 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:52:33.0148 3708 uagp35 - ok
11:52:33.0176 3708 [ d47baead86c65d4f4069d7ce0a4edceb ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:52:33.0183 3708 udfs - ok
11:52:33.0221 3708 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:52:33.0226 3708 UI0Detect - ok
11:52:33.0245 3708 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
11:52:33.0248 3708 uliagpkx - ok
11:52:33.0288 3708 [ eab6c35e62b1b0db0d1b48b671d3a117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:52:33.0289 3708 umbus - ok
11:52:33.0308 3708 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:52:33.0309 3708 UmPass - ok
11:52:33.0337 3708 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
11:52:33.0346 3708 upnphost - ok
11:52:33.0402 3708 [ aa33fc47ed58c34e6e9261e4f850b7eb ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:52:33.0405 3708 USBAAPL64 - ok
11:52:33.0434 3708 [ 7b6a127c93ee590e4d79a5f2a76fe46f ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:52:33.0437 3708 usbccgp - ok
11:52:33.0472 3708 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
11:52:33.0475 3708 usbcir - ok
11:52:33.0490 3708 [ 92969ba5ac44e229c55a332864f79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:52:33.0492 3708 usbehci - ok
11:52:33.0533 3708 [ e7df1cfd28ca86b35ef5add0735ceef3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:52:33.0539 3708 usbhub - ok
11:52:33.0553 3708 [ f1bb1e55f1e7a65c5839ccc7b36d773e ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:52:33.0555 3708 usbohci - ok
11:52:33.0586 3708 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:52:33.0588 3708 usbprint - ok
11:52:33.0630 3708 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:52:33.0633 3708 usbscan - ok
11:52:33.0666 3708 [ f39983647bc1f3e6100778ddfe9dce29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:52:33.0686 3708 USBSTOR - ok
11:52:33.0708 3708 [ bc3070350a491d84b518d7cca9abd36f ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:52:33.0710 3708 usbuhci - ok
11:52:33.0766 3708 [ 7cb8c573c6e4a2714402cc0a36eab4fe ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:52:33.0771 3708 usbvideo - ok
11:52:33.0798 3708 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
11:52:33.0803 3708 UxSms - ok
11:52:33.0820 3708 [ 156f6159457d0aa7e59b62681b56eb90 ] VaultSvc C:\Windows\system32\lsass.exe
11:52:33.0823 3708 VaultSvc - ok
11:52:33.0866 3708 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
11:52:33.0867 3708 vdrvroot - ok
11:52:33.0902 3708 [ 44d73e0bbc1d3c8981304ba15135c2f2 ] vds C:\Windows\System32\vds.exe
11:52:33.0914 3708 vds - ok
11:52:33.0929 3708 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:52:33.0931 3708 vga - ok
11:52:33.0946 3708 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
11:52:33.0948 3708 VgaSave - ok
11:52:33.0969 3708 [ c82e748660f62a242b2dfac1442f22a4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
11:52:33.0974 3708 vhdmp - ok
11:52:33.0992 3708 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
11:52:33.0994 3708 viaide - ok
11:52:34.0011 3708 [ 2b1a3dae2b4e70dbba822b7a03fbd4a3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
11:52:34.0013 3708 volmgr - ok
11:52:34.0035 3708 [ 99b0cbb569ca79acaed8c91461d765fb ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:52:34.0042 3708 volmgrx - ok
11:52:34.0070 3708 [ 58f82eed8ca24b461441f9c3e4f0bf5c ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
11:52:34.0076 3708 volsnap - ok
11:52:34.0111 3708 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:52:34.0115 3708 vsmraid - ok
11:52:34.0181 3708 [ 787898bf9fb6d7bd87a36e2d95c899ba ] VSS C:\Windows\system32\vssvc.exe
11:52:34.0212 3708 VSS - ok
11:52:34.0230 3708 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:52:34.0232 3708 vwifibus - ok
11:52:34.0264 3708 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:52:34.0266 3708 vwififlt - ok
11:52:34.0299 3708 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:52:34.0300 3708 vwifimp - ok
11:52:34.0329 3708 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
11:52:34.0339 3708 W32Time - ok
11:52:34.0364 3708 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:52:34.0367 3708 WacomPen - ok
11:52:34.0410 3708 [ 47ca49400643effd3f1c9a27e1d69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:52:34.0412 3708 WANARP - ok
11:52:34.0419 3708 [ 47ca49400643effd3f1c9a27e1d69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:52:34.0421 3708 Wanarpv6 - ok
11:52:34.0502 3708 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:52:34.0526 3708 WatAdminSvc - ok
11:52:34.0605 3708 [ 5ab1bb85bd8b5089cc5d64200dedae68 ] wbengine C:\Windows\system32\wbengine.exe
11:52:34.0635 3708 wbengine - ok
11:52:34.0658 3708 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:52:34.0666 3708 WbioSrvc - ok
11:52:34.0695 3708 [ dd1bae8ebfc653824d29ccf8c9054d68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:52:34.0706 3708 wcncsvc - ok
11:52:34.0733 3708 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:52:34.0738 3708 WcsPlugInService - ok
11:52:34.0764 3708 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:52:34.0766 3708 Wd - ok
11:52:34.0798 3708 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:52:34.0810 3708 Wdf01000 - ok
11:52:34.0832 3708 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:52:34.0838 3708 WdiServiceHost - ok
11:52:34.0847 3708 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:52:34.0851 3708 WdiSystemHost - ok
11:52:34.0881 3708 [ 733006127f235be7c35354ebee7b9a7b ] WebClient C:\Windows\System32\webclnt.dll
11:52:34.0890 3708 WebClient - ok
11:52:34.0921 3708 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:52:34.0928 3708 Wecsvc - ok
11:52:34.0945 3708 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:52:34.0950 3708 wercplsupport - ok
11:52:34.0980 3708 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:52:34.0985 3708 WerSvc - ok
11:52:35.0021 3708 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:52:35.0022 3708 WfpLwf - ok
11:52:35.0038 3708 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:52:35.0040 3708 WIMMount - ok
11:52:35.0054 3708 WinDefend - ok
11:52:35.0064 3708 WinHttpAutoProxySvc - ok
11:52:35.0138 3708 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:52:35.0144 3708 Winmgmt - ok
11:52:35.0215 3708 [ 41fbb751936b387f9179e7f03a74fe29 ] WinRM C:\Windows\system32\WsmSvc.dll
11:52:35.0254 3708 WinRM - ok
11:52:35.0311 3708 [ 817eaff5d38674edd7713b9dfb8e9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:52:35.0313 3708 WinUsb - ok
11:52:35.0362 3708 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
11:52:35.0381 3708 Wlansvc - ok
11:52:35.0420 3708 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:52:35.0421 3708 WmiAcpi - ok
11:52:35.0454 3708 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:52:35.0459 3708 wmiApSrv - ok
11:52:35.0500 3708 WMPNetworkSvc - ok
11:52:35.0521 3708 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:52:35.0525 3708 WPCSvc - ok
11:52:35.0539 3708 [ 2e57ddf2880a7e52e76f41c7e96d327b ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:52:35.0545 3708 WPDBusEnum - ok
11:52:35.0553 3708 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:52:35.0555 3708 ws2ifsl - ok
11:52:35.0579 3708 [ 8f9f3969933c02da96eb0f84576db43e ] wscsvc C:\Windows\System32\wscsvc.dll
11:52:35.0584 3708 wscsvc - ok
11:52:35.0590 3708 WSearch - ok
11:52:35.0692 3708 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:52:35.0739 3708 wuauserv - ok
11:52:35.0757 3708 [ 7cadc74271dd6461c452c271b30bd378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:52:35.0760 3708 WudfPf - ok
11:52:35.0780 3708 [ 3b197af0fff08aa66b6b2241ca538d64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:52:35.0785 3708 WUDFRd - ok
11:52:35.0808 3708 [ b551d6637aa0e132c18ac6e504f7b79b ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:52:35.0814 3708 wudfsvc - ok
11:52:35.0840 3708 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
11:52:35.0848 3708 WwanSvc - ok
11:52:35.0880 3708 ================ Scan global ===============================
11:52:35.0914 3708 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
11:52:35.0946 3708 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll
11:52:35.0961 3708 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll
11:52:35.0990 3708 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
11:52:36.0028 3708 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
11:52:36.0037 3708 [Global] - ok
11:52:36.0037 3708 ================ Scan MBR ==================================
11:52:36.0055 3708 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:52:36.0463 3708 \Device\Harddisk0\DR0 - ok
11:52:36.0464 3708 ================ Scan VBR ==================================
11:52:36.0468 3708 Boot (0x1200) (5f6759084afcf38aa753eb892502abfa) \Device\Harddisk0\DR0\Partition1
11:52:36.0470 3708 \Device\Harddisk0\DR0\Partition1 - ok
11:52:36.0504 3708 Boot (0x1200) (9d9fadc5ffbaf7e6c1dfdb48864ba2f9) \Device\Harddisk0\DR0\Partition2
11:52:36.0506 3708 \Device\Harddisk0\DR0\Partition2 - ok
11:52:36.0535 3708 Boot (0x1200) (b6e6acff5c359ecaf599463224565e68) \Device\Harddisk0\DR0\Partition3
11:52:36.0535 3708 \Device\Harddisk0\DR0\Partition3 - ok
11:52:36.0559 3708 Boot (0x1200) (3de3553ef3b99f2f38ac8a11c4d93b51) \Device\Harddisk0\DR0\Partition4
11:52:36.0561 3708 \Device\Harddisk0\DR0\Partition4 - ok
11:52:36.0562 3708 ============================================================
11:52:36.0562 3708 Scan finished
11:52:36.0562 3708 ============================================================
11:52:36.0579 1860 Detected object count: 0
11:52:36.0579 1860 Actual detected object count: 0
11:55:06.0624 1564 Deinitialize success


<<aswMBR log>>

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-17 11:54:44
-----------------------------
11:54:44.036 OS Version: Windows x64 6.1.7600
11:54:44.036 Number of processors: 2 586 0x170A
11:54:44.038 ComputerName: NATHAN-PC UserName: Nathan
11:54:44.818 Initialize success
11:55:39.751 AVAST engine defs: 12081700
11:55:52.226 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:55:52.230 Disk 0 Vendor: Hitachi_HTS543232L9A300 FB4OC40J Size: 305245MB BusType: 11
11:55:52.240 Disk 0 MBR read successfully
11:55:52.244 Disk 0 MBR scan
11:55:52.258 Disk 0 Windows 7 default MBR code
11:55:52.263 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:55:52.321 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 157900 MB offset 206848
11:55:52.397 Disk 0 Partition 3 00 06 FAT16 135089 MB offset 323586048
11:55:52.454 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 12154 MB offset 600248320
11:55:52.587 Disk 0 scanning C:\Windows\system32\drivers
11:56:08.177 Service scanning
11:56:41.778 Modules scanning
11:56:41.791 Disk 0 trace - called modules:
11:56:41.827 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
11:56:41.835 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004903060]
11:56:41.843 3 CLASSPNP.SYS[fffff880019a343f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80046b3430]
11:56:42.903 AVAST engine scan C:\Windows
11:56:45.597 AVAST engine scan C:\Windows\system32
12:00:53.754 AVAST engine scan C:\Windows\system32\drivers
12:01:10.838 AVAST engine scan C:\Users\Nathan
12:02:08.940 File: C:\Users\Nathan\AppData\Local\Temp\34408220.Uninstall\Uninstall.exe **INFECTED** Win32:Adware-gen [Adw]
12:03:12.363 File: C:\Users\Nathan\AppData\Local\Temp\is1373634743\volonetBrowseForChangeInstaller.exe **INFECTED** Win32:Dropper-gen [Drp]
12:04:53.651 File: C:\Users\Nathan\AppData\Roaming\Ceuty\ehpoa.exe **INFECTED** Win32:Malware-gen
12:06:04.059 AVAST engine scan C:\ProgramData
12:06:37.750 Scan finished successfully
13:00:02.478 Disk 0 MBR has been saved successfully to "C:\Users\Nathan\Desktop\MBR.dat"
13:00:02.547 The log file has been saved successfully to "C:\Users\Nathan\Desktop\aswMBR.txt"


<<ESET online scanner log>>

C:\Users\Nathan\AppData\Local\Temp\50or.exe Win32/Toolbar.CrossRider application cleaned by deleting - quarantined
C:\Users\Nathan\AppData\Local\Temp\babylon.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Nathan\AppData\Local\Temp\34408220.Uninstall\Uninstall.exe a variant of Win32/InstallCore.N application deleted - quarantined
C:\Users\Nathan\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Nathan\AppData\Local\Temp\ICReinstall\cnet2_WackyB-StickerCam_v3_demo_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Nathan\AppData\Local\Temp\is1373634743\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Nathan\AppData\Local\{C458BB8B-DDB3-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\Nathan\AppData\Roaming\Ceuty\ehpoa.exe Win32/Spy.Zbot.AAQ trojan cleaned by deleting - quarantined

<<mini toolbox log>>

MiniToolBox by Farbar Version: 23-07-2012
Ran by Nathan (administrator) on 26-08-2012 at 16:48:22
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Disconnected)
Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Veni, Vidi, Vici (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Nathan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : buffalo.rr.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : buffalo.rr.com
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 0C-60-76-4C-0C-2F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d840:7b7c:ddb:8167%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.7(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, August 26, 2012 4:42:47 PM
Lease Expires . . . . . . . . . . : Sunday, August 26, 2012 5:42:47 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 218914934
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-84-2E-F0-00-1F-16-EB-77-36
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Veni, Vidi, Vici:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-1F-16-EB-77-36
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3c9c:46c:bc03:40f9(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c9c:46c:bc03:40f9%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable Microsoft 6To4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C2D410DD-99C2-4D6A-80F3-6B9F857B2B85}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #10
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.buffalo.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : buffalo.rr.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4004:803::1006
74.125.228.71
74.125.228.72
74.125.228.73
74.125.228.78
74.125.228.64
74.125.228.65
74.125.228.66
74.125.228.67
74.125.228.68
74.125.228.69
74.125.228.70


Pinging google.com [74.125.228.67] with 32 bytes of data:
Reply from 74.125.228.67: bytes=32 time=38ms TTL=50
Reply from 74.125.228.67: bytes=32 time=158ms TTL=50

Ping statistics for 74.125.228.67:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 38ms, Maximum = 158ms, Average = 98ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=1050ms TTL=52
Reply from 72.30.38.140: bytes=32 time=881ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 881ms, Maximum = 1050ms, Average = 965ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...0c 60 76 4c 0c 2f ......Atheros AR9285 802.11b/g/n WiFi Adapter
11...00 1f 16 eb 77 36 ......Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
22...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #8
16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
19...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #5
21...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #7
20...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #6
35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
24...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #10
23...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #9
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.7 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.7 281
192.168.0.7 255.255.255.255 On-link 192.168.0.7 281
192.168.0.255 255.255.255.255 On-link 192.168.0.7 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.7 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.7 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:953c:3c9c:46c:bc03:40f9/128
On-link
13 306 fe80::/64 On-link
12 281 fe80::/64 On-link
13 306 fe80::3c9c:46c:bc03:40f9/128
On-link
12 281 fe80::d840:7b7c:ddb:8167/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/26/2012 02:49:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1107

Error: (08/26/2012 02:49:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1107

Error: (08/26/2012 02:49:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2012 04:37:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4022330

Error: (08/25/2012 04:37:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4022330

Error: (08/25/2012 04:37:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2012 03:30:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8097

Error: (08/25/2012 03:30:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8097

Error: (08/25/2012 03:30:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2012 03:30:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7098


System errors:
=============
Error: (08/26/2012 08:37:46 AM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (08/26/2012 08:37:46 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (08/21/2012 11:07:14 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (08/19/2012 09:22:44 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/17/2012 02:29:01 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (08/17/2012 02:29:01 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (08/17/2012 10:47:23 AM) (Source: Microsoft Antimalware) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted: %24

Error Code: 0x80070002

Error description: The system cannot find the file specified.

Signature version: 1.131.599.0;1.131.599.0

Engine version: %600

Error: (08/15/2012 08:02:40 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.2038.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/13/2012 08:52:51 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MUMBLES-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B4D50A95-06E2-485E-A504-137516DC0D1A}.
The master browser is stopping or an election is being forced.

Error: (08/13/2012 08:24:51 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.1875.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
AC3Filter (remove only)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.233)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Auditorium
Bonjour (Version: 3.0.0.10)
Canon MP Navigator EX 3.1
Canon MX340 series MP Drivers
Diablo II
DivX Web Player (Version: 1.5.0)
ESET Online Scanner v3
GunboundIS
Hero Editor V1.04
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Skype™ 5.5 (Version: 5.5.124)
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 15.3.12.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
VLC media player 1.1.11 (Version: 1.1.11)
Vuze (Version: 4.7)

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 3999.19 MB
Available physical RAM: 2559.41 MB
Total Pagefile: 7996.53 MB
Available Pagefile: 6488.43 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.7 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:154.2 GB) (Free:111.73 GB) NTFS
3 Drive e: () (Fixed) (Total:11.87 GB) (Free:11.78 GB) NTFS

========================= Users: ========================================

User accounts for \\NATHAN-PC

Administrator Guest Nathan


**** End of log ****

<<FSS log>>

Farbar Service Scanner Version: 06-08-2012
Ran by Nathan (administrator) on 26-08-2012 at 16:52:29
Running from "C:\Users\Nathan\Desktop"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 00:55] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-10 15:39] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-13 06:33] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

<<adware cleaner log>>

# AdwCleaner v1.801 - Logfile created 08/26/2012 at 16:54:10
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Nathan - NATHAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Nathan\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Nathan\AppData\Local\Conduit
Folder Found : C:\Users\Nathan\AppData\Local\Temp\BabylonToolbar
Folder Found : C:\Users\Nathan\AppData\Local\Temp\CT2504091
Folder Found : C:\Users\Nathan\AppData\LocalLow\Conduit
Folder Found : C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\crwtpg0o.default\ConduitCommon
Folder Found : C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\crwtpg0o.default\CT2504091
Folder Found : C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\crwtpg0o.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Folder Found : C:\Program Files (x86)\Conduit
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js

***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Conduit
Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
[x64] Key Found : HKCU\Software\Conduit
[x64] Key Found : HKCU\Software\Cr_Installer
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=111442&tt=280612_6_&babsrc=NT_ss&mntrId=5cb70d430000000000000c60764c0c2f

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\crwtpg0o.default\prefs.js

Found : user_pref("CT2504091..clientLogIsEnabled", false);
Found : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2504091.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2504091.BrowserCompStateIsOpen_129707804829376918", true);
Found : user_pref("CT2504091.CTID", "CT2504091");
Found : user_pref("CT2504091.CurrentServerDate", "26-8-2012");
Found : user_pref("CT2504091.DSInstall", false);
Found : user_pref("CT2504091.DialogsAlignMode", "LTR");
Found : user_pref("CT2504091.DialogsGetterLastCheckTime", "Sun Aug 26 2012 13:27:30 GMT-0400 (Eastern Daylig[...]
Found : user_pref("CT2504091.DownloadReferralCookieData", "");
Found : user_pref("CT2504091.EMailNotifierPollDate", "Sun Jan 22 2012 14:52:40 GMT-0500 (Eastern Standard Ti[...]
Found : user_pref("CT2504091.EnableClickToSearchBox", false);
Found : user_pref("CT2504091.EnableSearchHistory", false);
Found : user_pref("CT2504091.EnableSearchSuggest", false);
Found : user_pref("CT2504091.FeedLastCount129079840422964131", 0);
Found : user_pref("CT2504091.FeedPollDate128891351169457140", "Sun Jan 22 2012 14:52:41 GMT-0500 (Eastern St[...]
Found : user_pref("CT2504091.FeedPollDate129079840422964131", "Sun Jan 22 2012 14:52:41 GMT-0500 (Eastern St[...]
Found : user_pref("CT2504091.FeedTTL128891351169457140", 40);
Found : user_pref("CT2504091.FirstServerDate", "22-1-2012");
Found : user_pref("CT2504091.FirstTime", true);
Found : user_pref("CT2504091.FirstTimeFF3", true);
Found : user_pref("CT2504091.FixPageNotFoundErrors", true);
Found : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2504091.HPInstall", false);
Found : user_pref("CT2504091.HasUserGlobalKeys", true);
Found : user_pref("CT2504091.Initialize", true);
Found : user_pref("CT2504091.InitializeCommonPrefs", true);
Found : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2504091.InstallationId", "ConduitNSISIntegration");
Found : user_pref("CT2504091.InstallationType", "ConduitXPEIntegration");
Found : user_pref("CT2504091.InstalledDate", "Sun Jan 22 2012 14:52:40 GMT-0500 (Eastern Standard Time)");
Found : user_pref("CT2504091.IsGrouping", false);
Found : user_pref("CT2504091.IsInitSetupIni", true);
Found : user_pref("CT2504091.IsMulticommunity", false);
Found : user_pref("CT2504091.IsOpenThankYouPage", false);
Found : user_pref("CT2504091.IsOpenUninstallPage", false);
Found : user_pref("CT2504091.LanguagePackLastCheckTime", "Sat Aug 25 2012 16:37:54 GMT-0400 (Eastern Dayligh[...]
Found : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2504091.LastLogin_3.13.0.6", "Sun Jul 15 2012 13:05:47 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT2504091.LastLogin_3.14.1.0", "Tue Aug 21 2012 08:49:05 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT2504091.LastLogin_3.15.1.0", "Sun Aug 26 2012 13:27:31 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT2504091.LastLogin_3.9.0.3", "Sun Jan 22 2012 14:52:42 GMT-0500 (Eastern Standard Time)"[...]
Found : user_pref("CT2504091.LatestVersion", "3.15.1.0");
Found : user_pref("CT2504091.Locale", "en-us");
Found : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Found : user_pref("CT2504091.MCDetectTooltipShow", false);
Found : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Found : user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2504091.OriginalFirstVersion", "3.9.0.3");
Found : user_pref("CT2504091.RadioShrinked", "shrinked");
Found : user_pref("CT2504091.RadioShrinkedFromSetup", true);
Found : user_pref("CT2504091.SHRINK_TOOLBAR", 0);
Found : user_pref("CT2504091.SearchBackToDefaultEngine", false);
Found : user_pref("CT2504091.SearchCaption", "Web Search");
Found : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]
Found : user_pref("CT2504091.SearchInNewTabEnabled", true);
Found : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sat Aug 25 2012 16:37:54 GMT-0400 (Eastern Dayli[...]
Found : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2504091.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2504091.SendProtectorDataViaLogin", true);
Found : user_pref("CT2504091.ServiceMapLastCheckTime", "Sat Aug 25 2012 16:37:54 GMT-0400 (Eastern Daylight [...]
Found : user_pref("CT2504091.SettingsLastCheckTime", "Sun Aug 26 2012 13:27:30 GMT-0400 (Eastern Daylight Ti[...]
Found : user_pref("CT2504091.SettingsLastUpdate", "1344950536");
Found : user_pref("CT2504091.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2504091&SearchSource=13");
Found : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Sun Jan 22 2012 14:52:38 GMT-0500 (Eastern Sta[...]
Found : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT2504091.ToolbarShrinkedFromSetup", true);
Found : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2504091");
Found : user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2504091.UserID", "UN54646838920049588");
Found : user_pref("CT2504091.alertChannelId", "897164");
Found : user_pref("CT2504091.approveUntrustedApps", false);
Found : user_pref("CT2504091.autoDisableScopes", -1);
Found : user_pref("CT2504091.backendstorage.cbfirsttime", "53756E204A616E20323220323031322031343A35323A35302[...]
Found : user_pref("CT2504091.backendstorage.shoppingapp.gk.exipres", "467269204A616E20323720323031322031343A[...]
Found : user_pref("CT2504091.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Found : user_pref("CT2504091.componentAlertEnabled", false);
Found : user_pref("CT2504091.components.1000034", false);
Found : user_pref("CT2504091.components.129079840422182852", false);
Found : user_pref("CT2504091.components.129079840422339107", false);
Found : user_pref("CT2504091.components.129079840422964131", false);
Found : user_pref("CT2504091.components.129079849636241789", false);
Found : user_pref("CT2504091.components.129707804829376918", false);
Found : user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Sun Jan 22 2012 14:52:40 GMT-0500 (Eastern [...]
Found : user_pref("CT2504091.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2504091.initDone", true);
Found : user_pref("CT2504091.isAppTrackingManagerOn", true);
Found : user_pref("CT2504091.isFirstRadioInstallation", false);
Found : user_pref("CT2504091.myStuffEnabled", true);
Found : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2504091.revertSettingsEnabled", false);
Found : user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2504091.searchProtectorEnableByLogin", true);
Found : user_pref("CT2504091.testingCtid", "");
Found : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Sat Aug 25 2012 15:30:19 GMT-0400 (Eastern D[...]
Found : user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Sun Jan 22 2012 14:52:42 GMT-0500 (Eastern S[...]
Found : user_pref("CT2504091.undefined", "Sun Jan 22 2012 14:52:41 GMT-0500 (Eastern Standard Time)");
Found : user_pref("CT2504091.usageEnabled", false);
Found : user_pref("CT2504091.usagesFlag", 1);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2504091/CT2504091[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Nathan\\AppData\\Roaming\\Mozilla\\[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2504091");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2504091");
Found : user_pref("CommunityToolbar.globalUserId", "3807c1ea-ca83-4bb7-8476-ad5b2a6adc0d");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jan 22 2012 14:52:4[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jan 22 2012 14:52:40 GMT-0500 (E[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "e3fb2f81-570a-4597-b1c7-ddcd94abeb19");
Found : user_pref("CommunityToolbar.originalHomepage", "google.com");
Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]

*************************

AdwCleaner[R1].txt - [15176 octets] - [26/08/2012 16:54:10]

########## EOF - C:\AdwCleaner[R1].txt - [15305 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 PM

Posted 27 August 2012 - 11:31 AM

Sorry i did not get notifications regarding your post

Malwarebytes log?

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 Ratchet2

Ratchet2
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 28 August 2012 - 08:41 AM

Thanks for the help!

<<Malwarebytes log>>

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.26.04

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Nathan :: NATHAN-PC [administrator]

8/26/2012 1:56:44 PM
mbam-log-2012-08-26 (13-56-44).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 327538
Time elapsed: 40 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


<<RKILL log>>

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/28/2012 09:36:35 AM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Nathan\Desktop\rkill\rkill-08-28-2012-09-36-39.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/28/2012 09:36:52 AM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 PM

Posted 28 August 2012 - 08:43 AM

Download

adware cleaner

Launch it click on Delete

post the generated log


Do this again.Previously you selected SEARCH option

Please select DELETE option and post the log

#9 Ratchet2

Ratchet2
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 28 August 2012 - 02:32 PM

<<adware cleaner>>

# AdwCleaner v1.801 - Logfile created 08/28/2012 at 15:26:05
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Nathan - NATHAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Nathan\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Nathan\AppData\Local\Conduit
Folder Deleted : C:\Users\Nathan\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\Nathan\AppData\Local\Temp\CT2504091
Folder Deleted : C:\Users\Nathan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\crwtpg0o.default\ConduitCommon
Folder Deleted : C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\crwtpg0o.default\CT2504091
Folder Deleted : C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\crwtpg0o.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Folder Deleted : C:\Program Files (x86)\Conduit
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\user.js

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Conduit
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=111442&tt=280612_6_&babsrc=NT_ss&mntrId=5cb70d430000000000000c60764c0c2f --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\crwtpg0o.default\prefs.js

C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\crwtpg0o.default\user.js ... Deleted !

Deleted : user_pref("CT2504091..clientLogIsEnabled", false);
Deleted : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2504091.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2504091.BrowserCompStateIsOpen_129707804829376918", true);
Deleted : user_pref("CT2504091.CTID", "CT2504091");
Deleted : user_pref("CT2504091.CurrentServerDate", "28-8-2012");
Deleted : user_pref("CT2504091.DSInstall", false);
Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2504091.DialogsGetterLastCheckTime", "Sun Aug 26 2012 13:27:30 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2504091.DownloadReferralCookieData", "");
Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Sun Jan 22 2012 14:52:40 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT2504091.EnableClickToSearchBox", false);
Deleted : user_pref("CT2504091.EnableSearchHistory", false);
Deleted : user_pref("CT2504091.EnableSearchSuggest", false);
Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 0);
Deleted : user_pref("CT2504091.FeedPollDate128891351169457140", "Sun Jan 22 2012 14:52:41 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Sun Jan 22 2012 14:52:41 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2504091.FeedTTL128891351169457140", 40);
Deleted : user_pref("CT2504091.FirstServerDate", "22-1-2012");
Deleted : user_pref("CT2504091.FirstTime", true);
Deleted : user_pref("CT2504091.FirstTimeFF3", true);
Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2504091.HPInstall", false);
Deleted : user_pref("CT2504091.HasUserGlobalKeys", true);
Deleted : user_pref("CT2504091.Initialize", true);
Deleted : user_pref("CT2504091.InitializeCommonPrefs", true);
Deleted : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2504091.InstallationId", "ConduitNSISIntegration");
Deleted : user_pref("CT2504091.InstallationType", "ConduitXPEIntegration");
Deleted : user_pref("CT2504091.InstalledDate", "Sun Jan 22 2012 14:52:40 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2504091.IsGrouping", false);
Deleted : user_pref("CT2504091.IsInitSetupIni", true);
Deleted : user_pref("CT2504091.IsMulticommunity", false);
Deleted : user_pref("CT2504091.IsOpenThankYouPage", false);
Deleted : user_pref("CT2504091.IsOpenUninstallPage", false);
Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Tue Aug 28 2012 09:34:58 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2504091.LastLogin_3.13.0.6", "Sun Jul 15 2012 13:05:47 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2504091.LastLogin_3.14.1.0", "Tue Aug 21 2012 08:49:05 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2504091.LastLogin_3.15.1.0", "Tue Aug 28 2012 14:26:26 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2504091.LastLogin_3.9.0.3", "Sun Jan 22 2012 14:52:42 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2504091.LatestVersion", "3.15.1.0");
Deleted : user_pref("CT2504091.Locale", "en-us");
Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2504091.MCDetectTooltipShow", false);
Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2504091.OriginalFirstVersion", "3.9.0.3");
Deleted : user_pref("CT2504091.RadioShrinked", "shrinked");
Deleted : user_pref("CT2504091.RadioShrinkedFromSetup", true);
Deleted : user_pref("CT2504091.SHRINK_TOOLBAR", 0);
Deleted : user_pref("CT2504091.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT2504091.SearchCaption", "Web Search");
Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]
Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Tue Aug 28 2012 09:34:57 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2504091.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2504091.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2504091.ServiceMapLastCheckTime", "Tue Aug 28 2012 09:34:57 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Tue Aug 28 2012 14:26:25 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2504091.SettingsLastUpdate", "1346153368");
Deleted : user_pref("CT2504091.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2504091&SearchSource=13");
Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Sun Jan 22 2012 14:52:38 GMT-0500 (Eastern Sta[...]
Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2504091.ToolbarShrinkedFromSetup", true);
Deleted : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2504091");
Deleted : user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2504091.UserID", "UN54646838920049588");
Deleted : user_pref("CT2504091.alertChannelId", "897164");
Deleted : user_pref("CT2504091.approveUntrustedApps", false);
Deleted : user_pref("CT2504091.autoDisableScopes", -1);
Deleted : user_pref("CT2504091.backendstorage.cbfirsttime", "53756E204A616E20323220323031322031343A35323A35302[...]
Deleted : user_pref("CT2504091.backendstorage.shoppingapp.gk.exipres", "467269204A616E20323720323031322031343A[...]
Deleted : user_pref("CT2504091.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Deleted : user_pref("CT2504091.componentAlertEnabled", false);
Deleted : user_pref("CT2504091.components.1000034", false);
Deleted : user_pref("CT2504091.components.129079840422182852", false);
Deleted : user_pref("CT2504091.components.129079840422339107", false);
Deleted : user_pref("CT2504091.components.129079840422964131", false);
Deleted : user_pref("CT2504091.components.129079849636241789", false);
Deleted : user_pref("CT2504091.components.129707804829376918", false);
Deleted : user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Sun Jan 22 2012 14:52:40 GMT-0500 (Eastern [...]
Deleted : user_pref("CT2504091.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2504091.initDone", true);
Deleted : user_pref("CT2504091.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2504091.isFirstRadioInstallation", false);
Deleted : user_pref("CT2504091.myStuffEnabled", true);
Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2504091.revertSettingsEnabled", false);
Deleted : user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2504091.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2504091.testingCtid", "");
Deleted : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Tue Aug 28 2012 09:34:58 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Sun Jan 22 2012 14:52:42 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT2504091.undefined", "Sun Jan 22 2012 14:52:41 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2504091.usageEnabled", false);
Deleted : user_pref("CT2504091.usagesFlag", 1);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2504091/CT2504091[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Nathan\\AppData\\Roaming\\Mozilla\\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2504091");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2504091");
Deleted : user_pref("CommunityToolbar.globalUserId", "3807c1ea-ca83-4bb7-8476-ad5b2a6adc0d");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jan 22 2012 14:52:4[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jan 22 2012 14:52:40 GMT-0500 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "e3fb2f81-570a-4597-b1c7-ddcd94abeb19");
Deleted : user_pref("CommunityToolbar.originalHomepage", "google.com");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]

*************************

AdwCleaner[R1].txt - [15293 octets] - [26/08/2012 16:54:10]
AdwCleaner[S1].txt - [279 octets] - [26/08/2012 18:04:17]
AdwCleaner[S2].txt - [15230 octets] - [28/08/2012 15:26:05]

########## EOF - C:\AdwCleaner[S2].txt - [15359 octets] ##########

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 PM

Posted 28 August 2012 - 02:57 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users