Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removed FBI Moneypak virus with Malwarebytes - further action needed?


  • Please log in to reply
9 replies to this topic

#1 S1927

S1927

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 23 August 2012 - 08:13 AM

So I recently fell victim to what a Google search told me is the "FBI Moneypack" "ransom" virus that's been going around. It wasn't this exact screenshot for me but it looked something like it:
http://www.fbi.gov/news/stories/2012/august/new-internet-scam
I booted my computer in safe mode, read some literature, downloaded the free version of Malwarebytes, and ran a scan which found some files it deleted. I rebooted normally and, thank god, everything's fine now, the screen's gone and I'm typing this from said malware'd computer. My question is, do you advise anything I do anything else? I just ran another malwarebytes scan, which turned up negative, and I'm currently running another standard MS Security Essentials system scan. In the event that everything seems fine and ends up back to normal, should I still take any other actions or consult a (real-life) tech help pro? Thanks a lot!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:12 PM

Posted 23 August 2012 - 08:18 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 S1927

S1927
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 23 August 2012 - 07:40 PM

TDSSkiller:

14:15:01.0442 5552  TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
14:15:01.0746 5552  ============================================================
14:15:01.0746 5552  Current date / time: 2012/08/23 14:15:01.0746
14:15:01.0746 5552  SystemInfo:
14:15:01.0747 5552  
14:15:01.0747 5552  OS Version: 6.1.7601 ServicePack: 1.0
14:15:01.0747 5552  Product type: Workstation
14:15:01.0747 5552  ComputerName: SIVAN-PC
14:15:01.0747 5552  UserName: Sivan
14:15:01.0747 5552  Windows directory: C:\windows
14:15:01.0748 5552  System windows directory: C:\windows
14:15:01.0748 5552  Running under WOW64
14:15:01.0748 5552  Processor architecture: Intel x64
14:15:01.0748 5552  Number of processors: 4
14:15:01.0748 5552  Page size: 0x1000
14:15:01.0748 5552  Boot type: Normal boot
14:15:01.0748 5552  ============================================================
14:15:02.0912 5552  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:15:02.0923 5552  ============================================================
14:15:02.0923 5552  \Device\Harddisk0\DR0:
14:15:02.0924 5552  MBR partitions:
14:15:02.0924 5552  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
14:15:02.0924 5552  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
14:15:02.0925 5552  ============================================================
14:15:03.0071 5552  C: <-> \Device\Harddisk0\DR0\Partition2
14:15:03.0071 5552  ============================================================
14:15:03.0071 5552  Initialize success
14:15:03.0071 5552  ============================================================
14:15:23.0675 6064  ============================================================
14:15:23.0675 6064  Scan started
14:15:23.0675 6064  Mode: Manual; TDLFS; 
14:15:23.0675 6064  ============================================================
14:15:24.0377 6064  ================ Scan system memory ========================
14:15:24.0377 6064  System memory - ok
14:15:24.0377 6064  ================ Scan services =============================
14:15:25.0766 6064  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
14:15:25.0781 6064  1394ohci - ok
14:15:25.0922 6064  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
14:15:25.0922 6064  ACPI - ok
14:15:26.0015 6064  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
14:15:26.0015 6064  AcpiPmi - ok
14:15:26.0374 6064  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:15:26.0374 6064  AdobeARMservice - ok
14:15:27.0388 6064  [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:15:27.0388 6064  AdobeFlashPlayerUpdateSvc - ok
14:15:27.0606 6064  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
14:15:27.0622 6064  adp94xx - ok
14:15:27.0747 6064  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
14:15:27.0747 6064  adpahci - ok
14:15:27.0840 6064  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
14:15:27.0856 6064  adpu320 - ok
14:15:27.0903 6064  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
14:15:27.0903 6064  AeLookupSvc - ok
14:15:28.0230 6064  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
14:15:28.0230 6064  AESTFilters - ok
14:15:28.0449 6064  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys
14:15:28.0464 6064  AFD - ok
14:15:28.0558 6064  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
14:15:28.0558 6064  agp440 - ok
14:15:28.0652 6064  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe
14:15:28.0652 6064  ALG - ok
14:15:28.0792 6064  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
14:15:28.0792 6064  aliide - ok
14:15:28.0854 6064  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
14:15:28.0854 6064  amdide - ok
14:15:28.0948 6064  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
14:15:28.0948 6064  AmdK8 - ok
14:15:29.0026 6064  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
14:15:29.0026 6064  AmdPPM - ok
14:15:29.0120 6064  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys
14:15:29.0120 6064  amdsata - ok
14:15:29.0229 6064  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
14:15:29.0229 6064  amdsbs - ok
14:15:29.0260 6064  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys
14:15:29.0260 6064  amdxata - ok
14:15:29.0463 6064  [ 24ED0EB2B2558970176ECEE680F8F806 ] ApfiltrService  C:\windows\system32\DRIVERS\Apfiltr.sys
14:15:29.0478 6064  ApfiltrService - ok
14:15:29.0634 6064  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys
14:15:29.0634 6064  AppID - ok
14:15:29.0681 6064  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
14:15:29.0681 6064  AppIDSvc - ok
14:15:29.0790 6064  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\windows\System32\appinfo.dll
14:15:29.0790 6064  Appinfo - ok
14:15:29.0853 6064  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\DRIVERS\arc.sys
14:15:29.0853 6064  arc - ok
14:15:29.0868 6064  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
14:15:29.0868 6064  arcsas - ok
14:15:29.0900 6064  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
14:15:29.0900 6064  AsyncMac - ok
14:15:29.0931 6064  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys
14:15:29.0931 6064  atapi - ok
14:15:30.0118 6064  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
14:15:30.0180 6064  AudioEndpointBuilder - ok
14:15:30.0196 6064  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
14:15:30.0212 6064  AudioSrv - ok
14:15:30.0336 6064  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
14:15:30.0336 6064  AxInstSV - ok
14:15:30.0399 6064  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
14:15:30.0399 6064  b06bdrv - ok
14:15:30.0461 6064  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
14:15:30.0461 6064  b57nd60a - ok
14:15:30.0524 6064  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
14:15:30.0524 6064  BDESVC - ok
14:15:30.0555 6064  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
14:15:30.0555 6064  Beep - ok
14:15:30.0773 6064  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll
14:15:30.0789 6064  BFE - ok
14:15:31.0070 6064  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\System32\qmgr.dll
14:15:31.0070 6064  BITS - ok
14:15:31.0132 6064  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
14:15:31.0132 6064  blbdrive - ok
14:15:31.0288 6064  [ 093B1B419EF25B15D3A1CA6953F41AFB ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
14:15:31.0288 6064  Bluetooth Device Monitor - ok
14:15:31.0725 6064  [ 03A7341E94ACD92E0831336D4F3ACE92 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
14:15:31.0740 6064  Bluetooth Media Service - ok
14:15:31.0865 6064  [ A2EBF384ED105FED7D05C5465500EF2E ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
14:15:31.0865 6064  Bluetooth OBEX Service - ok
14:15:31.0928 6064  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
14:15:31.0928 6064  bowser - ok
14:15:31.0959 6064  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
14:15:31.0959 6064  BrFiltLo - ok
14:15:31.0974 6064  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
14:15:31.0974 6064  BrFiltUp - ok
14:15:32.0021 6064  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll
14:15:32.0021 6064  Browser - ok
14:15:32.0052 6064  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys
14:15:32.0068 6064  Brserid - ok
14:15:32.0099 6064  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
14:15:32.0099 6064  BrSerWdm - ok
14:15:32.0130 6064  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
14:15:32.0130 6064  BrUsbMdm - ok
14:15:32.0146 6064  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
14:15:32.0146 6064  BrUsbSer - ok
14:15:32.0208 6064  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
14:15:32.0208 6064  BthEnum - ok
14:15:32.0240 6064  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
14:15:32.0240 6064  BTHMODEM - ok
14:15:32.0271 6064  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
14:15:32.0271 6064  BthPan - ok
14:15:32.0318 6064  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
14:15:32.0318 6064  BTHPORT - ok
14:15:32.0364 6064  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll
14:15:32.0364 6064  bthserv - ok
14:15:32.0427 6064  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
14:15:32.0427 6064  BTHUSB - ok
14:15:32.0474 6064  [ 16C1BAC9760C9FA85A30F3FA0FBB1B7A ] btmaux          C:\windows\system32\DRIVERS\btmaux.sys
14:15:32.0474 6064  btmaux - ok
14:15:32.0505 6064  [ 0C468D8DA95BE16BFDD380BB9DE88259 ] btmhsf          C:\windows\system32\DRIVERS\btmhsf.sys
14:15:32.0505 6064  btmhsf - ok
14:15:32.0552 6064  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
14:15:32.0552 6064  cdfs - ok
14:15:32.0598 6064  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
14:15:32.0598 6064  cdrom - ok
14:15:32.0661 6064  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll
14:15:32.0661 6064  CertPropSvc - ok
14:15:32.0723 6064  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\DRIVERS\circlass.sys
14:15:32.0723 6064  circlass - ok
14:15:32.0754 6064  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
14:15:32.0770 6064  CLFS - ok
14:15:32.0957 6064  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:15:32.0957 6064  clr_optimization_v2.0.50727_32 - ok
14:15:33.0020 6064  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:15:33.0035 6064  clr_optimization_v2.0.50727_64 - ok
14:15:33.0160 6064  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:15:33.0222 6064  clr_optimization_v4.0.30319_32 - ok
14:15:33.0269 6064  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:15:33.0269 6064  clr_optimization_v4.0.30319_64 - ok
14:15:33.0300 6064  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
14:15:33.0300 6064  CmBatt - ok
14:15:33.0316 6064  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
14:15:33.0316 6064  cmdide - ok
14:15:33.0394 6064  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\windows\system32\Drivers\cng.sys
14:15:33.0410 6064  CNG - ok
14:15:33.0472 6064  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
14:15:33.0472 6064  Compbatt - ok
14:15:33.0503 6064  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
14:15:33.0503 6064  CompositeBus - ok
14:15:33.0519 6064  COMSysApp - ok
14:15:33.0550 6064  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
14:15:33.0550 6064  crcdisk - ok
14:15:33.0644 6064  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\windows\system32\cryptsvc.dll
14:15:33.0644 6064  CryptSvc - ok
14:15:33.0737 6064  [ FBE228ABEAB2BE13B9C3A3A112D4D8DC ] CtClsFlt        C:\windows\system32\DRIVERS\CtClsFlt.sys
14:15:33.0737 6064  CtClsFlt - ok
14:15:33.0878 6064  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
14:15:33.0878 6064  DcomLaunch - ok
14:15:33.0956 6064  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll
14:15:33.0971 6064  defragsvc - ok
14:15:34.0034 6064  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
14:15:34.0049 6064  DfsC - ok
14:15:34.0127 6064  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
14:15:34.0143 6064  Dhcp - ok
14:15:34.0174 6064  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
14:15:34.0174 6064  discache - ok
14:15:34.0205 6064  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\DRIVERS\disk.sys
14:15:34.0205 6064  Disk - ok
14:15:34.0236 6064  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
14:15:34.0252 6064  Dnscache - ok
14:15:34.0314 6064  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll
14:15:34.0314 6064  dot3svc - ok
14:15:34.0377 6064  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll
14:15:34.0392 6064  DPS - ok
14:15:34.0439 6064  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
14:15:34.0439 6064  drmkaud - ok
14:15:34.0517 6064  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
14:15:34.0533 6064  DXGKrnl - ok
14:15:34.0595 6064  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll
14:15:34.0595 6064  EapHost - ok
14:15:35.0391 6064  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
14:15:35.0500 6064  ebdrv - ok
14:15:35.0547 6064  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe
14:15:35.0547 6064  EFS - ok
14:15:35.0812 6064  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
14:15:35.0874 6064  ehRecvr - ok
14:15:35.0937 6064  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe
14:15:35.0937 6064  ehSched - ok
14:15:36.0030 6064  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
14:15:36.0046 6064  elxstor - ok
14:15:36.0077 6064  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
14:15:36.0077 6064  ErrDev - ok
14:15:36.0140 6064  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll
14:15:36.0140 6064  EventSystem - ok
14:15:36.0764 6064  [ 8B6C9924B0D333DBF76086B8258A0891 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:15:36.0826 6064  EvtEng - ok
14:15:36.0888 6064  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys
14:15:36.0888 6064  exfat - ok
14:15:36.0920 6064  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys
14:15:36.0935 6064  fastfat - ok
14:15:37.0122 6064  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe
14:15:37.0138 6064  Fax - ok
14:15:37.0185 6064  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\DRIVERS\fdc.sys
14:15:37.0185 6064  fdc - ok
14:15:37.0263 6064  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll
14:15:37.0263 6064  fdPHost - ok
14:15:37.0294 6064  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
14:15:37.0310 6064  FDResPub - ok
14:15:37.0325 6064  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
14:15:37.0325 6064  FileInfo - ok
14:15:37.0341 6064  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
14:15:37.0341 6064  Filetrace - ok
14:15:37.0372 6064  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
14:15:37.0372 6064  flpydisk - ok
14:15:37.0419 6064  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
14:15:37.0419 6064  FltMgr - ok
14:15:37.0590 6064  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\windows\system32\FntCache.dll
14:15:37.0606 6064  FontCache - ok
14:15:37.0668 6064  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:15:37.0668 6064  FontCache3.0.0.0 - ok
14:15:37.0731 6064  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
14:15:37.0731 6064  FsDepends - ok
14:15:37.0762 6064  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
14:15:37.0762 6064  Fs_Rec - ok
14:15:37.0809 6064  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
14:15:37.0824 6064  fvevol - ok
14:15:37.0856 6064  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
14:15:37.0856 6064  gagp30kx - ok
14:15:38.0043 6064  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll
14:15:38.0043 6064  gpsvc - ok
14:15:38.0183 6064  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:15:38.0199 6064  gupdate - ok
14:15:38.0246 6064  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:15:38.0246 6064  gupdatem - ok
14:15:38.0261 6064  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
14:15:38.0277 6064  hcw85cir - ok
14:15:38.0292 6064  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
14:15:38.0308 6064  HdAudAddService - ok
14:15:38.0355 6064  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
14:15:38.0355 6064  HDAudBus - ok
14:15:38.0386 6064  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
14:15:38.0386 6064  HidBatt - ok
14:15:38.0402 6064  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
14:15:38.0402 6064  HidBth - ok
14:15:38.0417 6064  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
14:15:38.0417 6064  HidIr - ok
14:15:38.0448 6064  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\system32\hidserv.dll
14:15:38.0448 6064  hidserv - ok
14:15:38.0480 6064  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\drivers\hidusb.sys
14:15:38.0480 6064  HidUsb - ok
14:15:38.0526 6064  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
14:15:38.0542 6064  hkmsvc - ok
14:15:38.0620 6064  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
14:15:38.0620 6064  HomeGroupListener - ok
14:15:38.0682 6064  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
14:15:38.0682 6064  HomeGroupProvider - ok
14:15:38.0729 6064  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
14:15:38.0729 6064  HpSAMD - ok
14:15:38.0838 6064  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
14:15:38.0854 6064  HTTP - ok
14:15:38.0932 6064  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
14:15:38.0932 6064  hwpolicy - ok
14:15:39.0010 6064  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
14:15:39.0010 6064  i8042prt - ok
14:15:39.0072 6064  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
14:15:39.0072 6064  iaStor - ok
14:15:39.0150 6064  [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:15:39.0150 6064  IAStorDataMgrSvc - ok
14:15:39.0244 6064  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
14:15:39.0244 6064  iaStorV - ok
14:15:39.0291 6064  [ FC85972037815FA7B413E790B426ACB2 ] iBtFltCoex      C:\windows\system32\DRIVERS\iBtFltCoex.sys
14:15:39.0291 6064  iBtFltCoex - ok
14:15:39.0478 6064  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:15:39.0478 6064  IDriverT - ok
14:15:39.0696 6064  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:15:39.0712 6064  idsvc - ok
14:15:42.0255 6064  [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
14:15:42.0520 6064  igfx - ok
14:15:42.0598 6064  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
14:15:42.0598 6064  iirsp - ok
14:15:42.0660 6064  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
14:15:42.0676 6064  IKEEXT - ok
14:15:42.0738 6064  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
14:15:42.0754 6064  IntcDAud - ok
14:15:42.0785 6064  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
14:15:42.0801 6064  intelide - ok
14:15:42.0832 6064  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
14:15:42.0832 6064  intelppm - ok
14:15:42.0863 6064  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll
14:15:42.0863 6064  IPBusEnum - ok
14:15:42.0894 6064  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
14:15:42.0894 6064  IpFilterDriver - ok
14:15:43.0082 6064  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
14:15:43.0082 6064  iphlpsvc - ok
14:15:43.0128 6064  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
14:15:43.0128 6064  IPMIDRV - ok
14:15:43.0160 6064  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
14:15:43.0160 6064  IPNAT - ok
14:15:43.0191 6064  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
14:15:43.0191 6064  IRENUM - ok
14:15:43.0238 6064  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
14:15:43.0238 6064  isapnp - ok
14:15:43.0269 6064  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
14:15:43.0284 6064  iScsiPrt - ok
14:15:43.0331 6064  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
14:15:43.0331 6064  kbdclass - ok
14:15:43.0362 6064  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
14:15:43.0362 6064  kbdhid - ok
14:15:43.0378 6064  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe
14:15:43.0394 6064  KeyIso - ok
14:15:43.0440 6064  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
14:15:43.0440 6064  KSecDD - ok
14:15:43.0503 6064  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
14:15:43.0518 6064  KSecPkg - ok
14:15:43.0565 6064  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
14:15:43.0565 6064  ksthunk - ok
14:15:43.0643 6064  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll
14:15:43.0659 6064  KtmRm - ok
14:15:43.0768 6064  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\system32\srvsvc.dll
14:15:43.0768 6064  LanmanServer - ok
14:15:43.0815 6064  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
14:15:43.0830 6064  LanmanWorkstation - ok
14:15:43.0862 6064  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
14:15:43.0877 6064  lltdio - ok
14:15:43.0940 6064  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll
14:15:43.0955 6064  lltdsvc - ok
14:15:44.0002 6064  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll
14:15:44.0002 6064  lmhosts - ok
14:15:44.0064 6064  [ 0803906D607A9B83184447B75B60ECC2 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:15:44.0064 6064  LMS - ok
14:15:44.0111 6064  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
14:15:44.0127 6064  LSI_FC - ok
14:15:44.0127 6064  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
14:15:44.0142 6064  LSI_SAS - ok
14:15:44.0142 6064  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
14:15:44.0142 6064  LSI_SAS2 - ok
14:15:44.0158 6064  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
14:15:44.0174 6064  LSI_SCSI - ok
14:15:44.0205 6064  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys
14:15:44.0220 6064  luafv - ok
14:15:44.0283 6064  [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
14:15:44.0283 6064  MBAMProtector - ok
14:15:44.0439 6064  [ 43683E970F008C93C9429EF428147A54 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:15:44.0454 6064  MBAMService - ok
14:15:44.0501 6064  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
14:15:44.0517 6064  Mcx2Svc - ok
14:15:44.0548 6064  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
14:15:44.0548 6064  megasas - ok
14:15:44.0564 6064  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
14:15:44.0564 6064  MegaSR - ok
14:15:44.0610 6064  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
14:15:44.0610 6064  MEIx64 - ok
14:15:44.0673 6064  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll
14:15:44.0673 6064  MMCSS - ok
14:15:44.0688 6064  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys
14:15:44.0704 6064  Modem - ok
14:15:44.0735 6064  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys
14:15:44.0735 6064  monitor - ok
14:15:44.0766 6064  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\drivers\mouclass.sys
14:15:44.0782 6064  mouclass - ok
14:15:44.0813 6064  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
14:15:44.0813 6064  mouhid - ok
14:15:44.0860 6064  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
14:15:44.0876 6064  mountmgr - ok
14:15:44.0969 6064  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:15:44.0969 6064  MozillaMaintenance - ok
14:15:45.0063 6064  [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter        C:\windows\system32\DRIVERS\MpFilter.sys
14:15:45.0078 6064  MpFilter - ok
14:15:45.0125 6064  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
14:15:45.0125 6064  mpio - ok
14:15:45.0156 6064  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
14:15:45.0156 6064  mpsdrv - ok
14:15:45.0219 6064  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
14:15:45.0234 6064  MpsSvc - ok
14:15:45.0281 6064  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
14:15:45.0297 6064  MRxDAV - ok
14:15:45.0328 6064  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
14:15:45.0344 6064  mrxsmb - ok
14:15:45.0375 6064  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
14:15:45.0390 6064  mrxsmb10 - ok
14:15:45.0422 6064  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
14:15:45.0422 6064  mrxsmb20 - ok
14:15:45.0468 6064  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\drivers\msahci.sys
14:15:45.0468 6064  msahci - ok
14:15:45.0515 6064  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys
14:15:45.0515 6064  msdsm - ok
14:15:45.0624 6064  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe
14:15:45.0624 6064  MSDTC - ok
14:15:45.0687 6064  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
14:15:45.0687 6064  Msfs - ok
14:15:45.0718 6064  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
14:15:45.0718 6064  mshidkmdf - ok
14:15:45.0749 6064  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
14:15:45.0749 6064  msisadrv - ok
14:15:45.0796 6064  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
14:15:45.0796 6064  MSiSCSI - ok
14:15:45.0796 6064  msiserver - ok
14:15:45.0843 6064  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
14:15:45.0843 6064  MSKSSRV - ok
14:15:45.0921 6064  [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:15:45.0921 6064  MsMpSvc - ok
14:15:45.0968 6064  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
14:15:45.0968 6064  MSPCLOCK - ok
14:15:46.0014 6064  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
14:15:46.0014 6064  MSPQM - ok
14:15:46.0170 6064  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
14:15:46.0186 6064  MsRPC - ok
14:15:46.0217 6064  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
14:15:46.0217 6064  mssmbios - ok
14:15:46.0248 6064  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
14:15:46.0248 6064  MSTEE - ok
14:15:46.0264 6064  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
14:15:46.0264 6064  MTConfig - ok
14:15:46.0295 6064  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys
14:15:46.0295 6064  Mup - ok
14:15:46.0342 6064  [ 6ED8935257672F4CD04A88A0F3DE093D ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:15:46.0358 6064  MyWiFiDHCPDNS - ok
14:15:46.0514 6064  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
14:15:46.0529 6064  napagent - ok
14:15:46.0576 6064  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
14:15:46.0576 6064  NativeWifiP - ok
14:15:46.0638 6064  [ C38B8AE57F78915905064A9A24DC1586 ] NDIS            C:\windows\system32\drivers\ndis.sys
14:15:46.0654 6064  NDIS - ok
14:15:46.0748 6064  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
14:15:46.0748 6064  NdisCap - ok
14:15:46.0810 6064  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
14:15:46.0810 6064  NdisTapi - ok
14:15:46.0904 6064  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
14:15:46.0904 6064  Ndisuio - ok
14:15:46.0997 6064  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
14:15:46.0997 6064  NdisWan - ok
14:15:47.0075 6064  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
14:15:47.0091 6064  NDProxy - ok
14:15:47.0106 6064  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
14:15:47.0106 6064  NetBIOS - ok
14:15:47.0153 6064  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
14:15:47.0169 6064  NetBT - ok
14:15:47.0184 6064  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe
14:15:47.0184 6064  Netlogon - ok
14:15:47.0262 6064  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
14:15:47.0262 6064  Netman - ok
14:15:47.0294 6064  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
14:15:47.0309 6064  netprofm - ok
14:15:47.0356 6064  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:15:47.0356 6064  NetTcpPortSharing - ok
14:15:49.0181 6064  [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64        C:\windows\system32\DRIVERS\NETwNs64.sys
14:15:49.0400 6064  NETwNs64 - ok
14:15:49.0525 6064  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
14:15:49.0540 6064  nfrd960 - ok
14:15:49.0556 6064  [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv          C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:15:49.0571 6064  NisDrv - ok
14:15:49.0618 6064  [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
14:15:49.0681 6064  NisSrv - ok
14:15:49.0930 6064  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\windows\System32\nlasvc.dll
14:15:49.0946 6064  NlaSvc - ok
14:15:50.0648 6064  [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
14:15:50.0757 6064  NOBU - ok
14:15:50.0773 6064  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
14:15:50.0788 6064  Npfs - ok
14:15:50.0819 6064  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll
14:15:50.0819 6064  nsi - ok
14:15:50.0866 6064  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
14:15:50.0866 6064  nsiproxy - ok
14:15:51.0209 6064  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
14:15:51.0225 6064  Ntfs - ok
14:15:51.0256 6064  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
14:15:51.0256 6064  Null - ok
14:15:51.0287 6064  [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub        C:\windows\system32\DRIVERS\nusb3hub.sys
14:15:51.0287 6064  nusb3hub - ok
14:15:51.0303 6064  [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc        C:\windows\system32\DRIVERS\nusb3xhc.sys
14:15:51.0319 6064  nusb3xhc - ok
14:15:51.0350 6064  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
14:15:51.0350 6064  nvraid - ok
14:15:51.0397 6064  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
14:15:51.0397 6064  nvstor - ok
14:15:51.0428 6064  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
14:15:51.0428 6064  nv_agp - ok
14:15:51.0490 6064  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
14:15:51.0490 6064  ohci1394 - ok
14:15:51.0584 6064  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:15:51.0584 6064  ose - ok
14:15:53.0128 6064  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:15:53.0331 6064  osppsvc - ok
14:15:53.0425 6064  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
14:15:53.0440 6064  p2pimsvc - ok
14:15:53.0581 6064  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
14:15:53.0643 6064  p2psvc - ok
14:15:53.0674 6064  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\DRIVERS\parport.sys
14:15:53.0674 6064  Parport - ok
14:15:53.0721 6064  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys
14:15:53.0721 6064  partmgr - ok
14:15:53.0799 6064  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
14:15:53.0799 6064  PcaSvc - ok
14:15:53.0830 6064  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys
14:15:53.0830 6064  pci - ok
14:15:53.0877 6064  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\drivers\pciide.sys
14:15:53.0877 6064  pciide - ok
14:15:53.0955 6064  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
14:15:53.0955 6064  pcmcia - ok
14:15:54.0017 6064  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys
14:15:54.0017 6064  pcw - ok
14:15:54.0189 6064  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
14:15:54.0251 6064  PEAUTH - ok
14:15:54.0548 6064  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
14:15:54.0548 6064  PerfHost - ok
14:15:54.0829 6064  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll
14:15:55.0063 6064  pla - ok
14:15:55.0141 6064  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
14:15:55.0156 6064  PlugPlay - ok
14:15:55.0234 6064  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
14:15:55.0234 6064  PNRPAutoReg - ok
14:15:55.0281 6064  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
14:15:55.0281 6064  PNRPsvc - ok
14:15:55.0484 6064  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
14:15:55.0499 6064  PolicyAgent - ok
14:15:55.0531 6064  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\windows\system32\umpo.dll
14:15:55.0531 6064  Power - ok
14:15:55.0593 6064  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
14:15:55.0593 6064  PptpMiniport - ok
14:15:55.0671 6064  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\DRIVERS\processr.sys
14:15:55.0718 6064  Processor - ok
14:15:55.0811 6064  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll
14:15:55.0827 6064  ProfSvc - ok
14:15:55.0843 6064  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
14:15:55.0843 6064  ProtectedStorage - ok
14:15:55.0905 6064  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
14:15:55.0905 6064  Psched - ok
14:15:55.0967 6064  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
14:15:55.0967 6064  PxHlpa64 - ok
14:15:56.0045 6064  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
14:15:56.0092 6064  ql2300 - ok
14:15:56.0139 6064  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
14:15:56.0139 6064  ql40xx - ok
14:15:56.0170 6064  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll
14:15:56.0170 6064  QWAVE - ok
14:15:56.0186 6064  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
14:15:56.0186 6064  QWAVEdrv - ok
14:15:56.0217 6064  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
14:15:56.0217 6064  RasAcd - ok
14:15:56.0248 6064  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
14:15:56.0248 6064  RasAgileVpn - ok
14:15:56.0295 6064  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll
14:15:56.0311 6064  RasAuto - ok
14:15:56.0373 6064  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
14:15:56.0373 6064  Rasl2tp - ok
14:15:56.0420 6064  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
14:15:56.0435 6064  RasMan - ok
14:15:56.0482 6064  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
14:15:56.0482 6064  RasPppoe - ok
14:15:56.0513 6064  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
14:15:56.0513 6064  RasSstp - ok
14:15:56.0591 6064  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
14:15:56.0607 6064  rdbss - ok
14:15:56.0654 6064  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
14:15:56.0654 6064  rdpbus - ok
14:15:56.0669 6064  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
14:15:56.0669 6064  RDPCDD - ok
14:15:56.0685 6064  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
14:15:56.0685 6064  RDPENCDD - ok
14:15:56.0685 6064  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
14:15:56.0685 6064  RDPREFMP - ok
14:15:56.0747 6064  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
14:15:56.0747 6064  RDPWD - ok
14:15:56.0825 6064  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
14:15:56.0825 6064  rdyboost - ok
14:15:56.0919 6064  [ 189C5A8D2098E0AA14FD157A954B34FC ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:15:56.0919 6064  RegSrvc - ok
14:15:56.0966 6064  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
14:15:56.0981 6064  RemoteAccess - ok
14:15:57.0013 6064  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
14:15:57.0013 6064  RemoteRegistry - ok
14:15:57.0059 6064  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
14:15:57.0075 6064  RFCOMM - ok
14:15:57.0293 6064  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
14:15:57.0465 6064  RoxMediaDB12OEM - ok
14:15:57.0543 6064  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
14:15:57.0543 6064  RoxWatch12 - ok
14:15:57.0605 6064  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
14:15:57.0605 6064  RpcEptMapper - ok
14:15:57.0637 6064  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
14:15:57.0637 6064  RpcLocator - ok
14:15:57.0699 6064  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll
14:15:57.0699 6064  RpcSs - ok
14:15:57.0777 6064  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
14:15:57.0777 6064  rspndr - ok
14:15:57.0839 6064  [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
14:15:57.0839 6064  RSUSBSTOR - ok
14:15:57.0902 6064  [ 2777226EE8BF50B059D7A7C90177E99C ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
14:15:57.0902 6064  RTL8167 - ok
14:15:57.0933 6064  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe
14:15:57.0949 6064  SamSs - ok
14:15:58.0011 6064  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
14:15:58.0011 6064  sbp2port - ok
14:15:58.0105 6064  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
14:15:58.0136 6064  SCardSvr - ok
14:15:58.0183 6064  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
14:15:58.0183 6064  scfilter - ok
14:15:58.0557 6064  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
14:15:58.0619 6064  Schedule - ok
14:15:58.0666 6064  SCManager - ok
14:15:58.0744 6064  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll
14:15:58.0744 6064  SCPolicySvc - ok
14:15:58.0807 6064  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
14:15:58.0807 6064  SDRSVC - ok
14:15:58.0900 6064  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
14:15:58.0900 6064  secdrv - ok
14:15:58.0947 6064  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
14:15:58.0963 6064  seclogon - ok
14:15:58.0994 6064  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\System32\sens.dll
14:15:58.0994 6064  SENS - ok
14:15:59.0009 6064  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
14:15:59.0009 6064  SensrSvc - ok
14:15:59.0321 6064  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
14:15:59.0321 6064  Serenum - ok
14:15:59.0415 6064  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\DRIVERS\serial.sys
14:15:59.0415 6064  Serial - ok
14:15:59.0446 6064  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
14:15:59.0446 6064  sermouse - ok
14:15:59.0509 6064  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
14:15:59.0509 6064  SessionEnv - ok
14:15:59.0602 6064  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
14:15:59.0602 6064  sffdisk - ok
14:15:59.0665 6064  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
14:15:59.0665 6064  sffp_mmc - ok
14:15:59.0665 6064  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
14:15:59.0680 6064  sffp_sd - ok
14:15:59.0727 6064  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
14:15:59.0743 6064  sfloppy - ok
14:16:00.0429 6064  [ 74EC60E20516AAA573BE74F31175270F ] SftService      c:\program files (x86)\dell datasafe local backup\sftservice.EXE
14:16:00.0460 6064  SftService - ok
14:16:00.0616 6064  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
14:16:00.0632 6064  SharedAccess - ok
14:16:00.0757 6064  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
14:16:00.0772 6064  ShellHWDetection - ok
14:16:00.0819 6064  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
14:16:00.0866 6064  SiSRaid2 - ok
14:16:00.0944 6064  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
14:16:00.0944 6064  SiSRaid4 - ok
14:16:01.0147 6064  [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:16:01.0162 6064  SkypeUpdate - ok
14:16:01.0225 6064  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys
14:16:01.0225 6064  Smb - ok
14:16:01.0303 6064  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
14:16:01.0318 6064  SNMPTRAP - ok
14:16:01.0334 6064  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys
14:16:01.0334 6064  spldr - ok
14:16:01.0568 6064  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe
14:16:01.0583 6064  Spooler - ok
14:16:02.0504 6064  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
14:16:02.0613 6064  sppsvc - ok
14:16:02.0722 6064  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll
14:16:02.0722 6064  sppuinotify - ok
14:16:02.0956 6064  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys
14:16:02.0972 6064  srv - ok
14:16:03.0159 6064  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
14:16:03.0221 6064  srv2 - ok
14:16:03.0315 6064  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
14:16:03.0315 6064  srvnet - ok
14:16:03.0471 6064  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
14:16:03.0471 6064  SSDPSRV - ok
14:16:03.0502 6064  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll
14:16:03.0502 6064  SstpSvc - ok
14:16:03.0877 6064  [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
14:16:03.0892 6064  STacSV - ok
14:16:03.0939 6064  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
14:16:03.0939 6064  stexstor - ok
14:16:04.0282 6064  [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
14:16:04.0329 6064  STHDA - ok
14:16:04.0532 6064  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
14:16:04.0547 6064  stisvc - ok
14:16:04.0688 6064  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
14:16:04.0766 6064  stllssvr - ok
14:16:04.0813 6064  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\drivers\swenum.sys
14:16:04.0828 6064  swenum - ok
14:16:05.0031 6064  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll
14:16:05.0078 6064  swprv - ok
14:16:05.0749 6064  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll
14:16:05.0811 6064  SysMain - ok
14:16:05.0858 6064  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
14:16:05.0858 6064  TabletInputService - ok
14:16:06.0107 6064  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll
14:16:06.0139 6064  TapiSrv - ok
14:16:06.0201 6064  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll
14:16:06.0201 6064  TBS - ok
14:16:06.0451 6064  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
14:16:06.0544 6064  Tcpip - ok
14:16:06.0919 6064  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
14:16:06.0934 6064  TCPIP6 - ok
14:16:06.0981 6064  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
14:16:06.0981 6064  tcpipreg - ok
14:16:07.0106 6064  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
14:16:07.0121 6064  TDPIPE - ok
14:16:07.0184 6064  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
14:16:07.0184 6064  TDTCP - ok
14:16:07.0293 6064  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
14:16:07.0309 6064  tdx - ok
14:16:07.0355 6064  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\drivers\termdd.sys
14:16:07.0355 6064  TermDD - ok
14:16:07.0465 6064  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll
14:16:07.0699 6064  TermService - ok
14:16:07.0761 6064  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
14:16:07.0761 6064  Themes - ok
14:16:07.0823 6064  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll
14:16:07.0823 6064  THREADORDER - ok
14:16:08.0057 6064  [ 832F9D02B20DE69C52E81DBE13599EE1 ] Tpkd            C:\windows\system32\drivers\Tpkd.sys
14:16:08.0057 6064  Tpkd - ok
14:16:08.0151 6064  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
14:16:08.0151 6064  TrkWks - ok
14:16:08.0323 6064  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
14:16:08.0338 6064  TrustedInstaller - ok
14:16:08.0385 6064  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
14:16:08.0401 6064  tssecsrv - ok
14:16:08.0557 6064  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
14:16:08.0572 6064  TsUsbFlt - ok
14:16:08.0728 6064  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
14:16:08.0728 6064  tunnel - ok
14:16:08.0791 6064  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
14:16:08.0791 6064  uagp35 - ok
14:16:08.0915 6064  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
14:16:08.0915 6064  udfs - ok
14:16:08.0993 6064  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe
14:16:08.0993 6064  UI0Detect - ok
14:16:09.0040 6064  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
14:16:09.0040 6064  uliagpkx - ok
14:16:09.0134 6064  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\drivers\umbus.sys
14:16:09.0134 6064  umbus - ok
14:16:09.0196 6064  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
14:16:09.0196 6064  UmPass - ok
14:16:09.0992 6064  [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:16:10.0007 6064  UNS - ok
14:16:10.0117 6064  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
14:16:10.0163 6064  upnphost - ok
14:16:10.0241 6064  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
14:16:10.0241 6064  usbccgp - ok
14:16:10.0335 6064  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
14:16:10.0351 6064  usbcir - ok
14:16:10.0491 6064  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\drivers\usbehci.sys
14:16:10.0491 6064  usbehci - ok
14:16:10.0694 6064  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
14:16:10.0709 6064  usbhub - ok
14:16:10.0787 6064  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\drivers\usbohci.sys
14:16:10.0787 6064  usbohci - ok
14:16:10.0943 6064  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
14:16:10.0943 6064  usbprint - ok
14:16:11.0099 6064  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
14:16:11.0099 6064  usbscan - ok
14:16:11.0177 6064  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
14:16:11.0177 6064  USBSTOR - ok
14:16:11.0271 6064  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
14:16:11.0271 6064  usbuhci - ok
14:16:11.0458 6064  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
14:16:11.0474 6064  usbvideo - ok
14:16:11.0536 6064  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll
14:16:11.0552 6064  UxSms - ok
14:16:11.0599 6064  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe
14:16:11.0599 6064  VaultSvc - ok
14:16:11.0723 6064  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
14:16:11.0723 6064  vdrvroot - ok
14:16:11.0864 6064  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe
14:16:11.0864 6064  vds - ok
14:16:11.0973 6064  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
14:16:11.0989 6064  vga - ok
14:16:12.0035 6064  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys
14:16:12.0035 6064  VgaSave - ok
14:16:12.0207 6064  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
14:16:12.0223 6064  vhdmp - ok
14:16:12.0285 6064  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
14:16:12.0285 6064  viaide - ok
14:16:12.0488 6064  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
14:16:12.0488 6064  volmgr - ok
14:16:12.0613 6064  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
14:16:12.0613 6064  volmgrx - ok
14:16:12.0753 6064  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\windows\system32\drivers\volsnap.sys
14:16:12.0784 6064  volsnap - ok
14:16:12.0909 6064  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
14:16:12.0909 6064  vsmraid - ok
14:16:13.0283 6064  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe
14:16:13.0330 6064  VSS - ok
14:16:13.0361 6064  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
14:16:13.0361 6064  vwifibus - ok
14:16:13.0455 6064  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
14:16:13.0455 6064  vwififlt - ok
14:16:13.0549 6064  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
14:16:13.0549 6064  vwifimp - ok
14:16:13.0767 6064  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll
14:16:13.0798 6064  W32Time - ok
14:16:13.0939 6064  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
14:16:13.0954 6064  WacomPen - ok
14:16:14.0141 6064  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
14:16:14.0141 6064  WANARP - ok
14:16:14.0173 6064  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
14:16:14.0173 6064  Wanarpv6 - ok
14:16:14.0563 6064  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
14:16:14.0641 6064  WatAdminSvc - ok
14:16:14.0875 6064  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
14:16:14.0921 6064  wbengine - ok
14:16:15.0062 6064  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
14:16:15.0062 6064  WbioSrvc - ok
14:16:15.0202 6064  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll
14:16:15.0218 6064  wcncsvc - ok
14:16:15.0280 6064  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
14:16:15.0280 6064  WcsPlugInService - ok
14:16:15.0343 6064  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\DRIVERS\wd.sys
14:16:15.0343 6064  Wd - ok
14:16:15.0514 6064  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
14:16:15.0530 6064  Wdf01000 - ok
14:16:15.0561 6064  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
14:16:15.0577 6064  WdiServiceHost - ok
14:16:15.0577 6064  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll
14:16:15.0577 6064  WdiSystemHost - ok
14:16:15.0670 6064  [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd           C:\windows\system32\DRIVERS\WDKMD.sys
14:16:15.0670 6064  wdkmd - ok
14:16:15.0764 6064  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll
14:16:15.0779 6064  WebClient - ok
14:16:15.0857 6064  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll
14:16:15.0873 6064  Wecsvc - ok
14:16:15.0967 6064  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll
14:16:15.0967 6064  wercplsupport - ok
14:16:16.0060 6064  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
14:16:16.0060 6064  WerSvc - ok
14:16:16.0107 6064  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
14:16:16.0107 6064  WfpLwf - ok
14:16:16.0310 6064  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
14:16:16.0310 6064  WimFltr - ok
14:16:16.0341 6064  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
14:16:16.0341 6064  WIMMount - ok
14:16:16.0372 6064  WinDefend - ok
14:16:16.0388 6064  WinHttpAutoProxySvc - ok
14:16:16.0731 6064  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
14:16:16.0731 6064  Winmgmt - ok
14:16:17.0105 6064  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll
14:16:17.0480 6064  WinRM - ok
14:16:17.0667 6064  [ FE88B288356E7B47B74B13372ADD906D ] WinUSB          C:\windows\system32\DRIVERS\WinUSB.sys
14:16:17.0667 6064  WinUSB - ok
14:16:17.0823 6064  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll
14:16:17.0839 6064  Wlansvc - ok
14:16:17.0963 6064  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:16:17.0979 6064  wlcrasvc - ok
14:16:18.0353 6064  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:16:18.0431 6064  wlidsvc - ok
14:16:18.0541 6064  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
14:16:18.0541 6064  WmiAcpi - ok
14:16:18.0650 6064  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
14:16:18.0681 6064  wmiApSrv - ok
14:16:18.0743 6064  WMPNetworkSvc - ok
14:16:19.0071 6064  [ 58540037A4A3EEEEFA47C84100E1694F ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
14:16:19.0087 6064  WMZuneComm - ok
14:16:19.0165 6064  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
14:16:19.0165 6064  WPCSvc - ok
14:16:19.0227 6064  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
14:16:19.0227 6064  WPDBusEnum - ok
14:16:19.0289 6064  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
14:16:19.0289 6064  ws2ifsl - ok
14:16:19.0321 6064  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\System32\wscsvc.dll
14:16:19.0321 6064  wscsvc - ok
14:16:19.0321 6064  WSearch - ok
14:16:19.0648 6064  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
14:16:19.0679 6064  wuauserv - ok
14:16:19.0726 6064  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
14:16:19.0726 6064  WudfPf - ok
14:16:19.0742 6064  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
14:16:19.0742 6064  WUDFRd - ok
14:16:19.0773 6064  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
14:16:19.0789 6064  wudfsvc - ok
14:16:19.0835 6064  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\windows\System32\wwansvc.dll
14:16:19.0835 6064  WwanSvc - ok
14:16:19.0867 6064  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\windows\system32\DRIVERS\yk62x64.sys
14:16:19.0867 6064  yukonw7 - ok
14:16:20.0210 6064  [ D6EF205269C2A584AF6B56B9F95010F8 ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
14:16:20.0381 6064  ZuneNetworkSvc - ok
14:16:20.0553 6064  [ 7A565AFE58F3822A9E622868E5CC0E5C ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
14:16:20.0569 6064  ZuneWlanCfgSvc - ok
14:16:20.0584 6064  ================ Scan global ===============================
14:16:20.0631 6064  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
14:16:20.0678 6064  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
14:16:20.0693 6064  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
14:16:20.0740 6064  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
14:16:20.0818 6064  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
14:16:20.0818 6064  [Global] - ok
14:16:20.0818 6064  ================ Scan MBR ==================================
14:16:20.0849 6064  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:16:23.0392 6064  \Device\Harddisk0\DR0 - ok
14:16:23.0392 6064  ================ Scan VBR ==================================
14:16:23.0439 6064  [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
14:16:23.0439 6064  \Device\Harddisk0\DR0\Partition1 - ok
14:16:23.0470 6064  [ 723FFEBDE086355CE5F5C8E20D4FDB4A ] \Device\Harddisk0\DR0\Partition2
14:16:23.0470 6064  \Device\Harddisk0\DR0\Partition2 - ok
14:16:23.0470 6064  ============================================================
14:16:23.0470 6064  Scan finished
14:16:23.0470 6064  ============================================================
14:16:23.0486 6436  Detected object count: 0
14:16:23.0486 6436  Actual detected object count: 0

aswMBR:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-23 16:16:37
-----------------------------
16:16:37.263    OS Version: Windows x64 6.1.7601 Service Pack 1
16:16:37.263    Number of processors: 4 586 0x2A07
16:16:37.263    ComputerName: SIVAN-PC  UserName: Sivan
16:16:39.753    Initialize success
16:18:17.513    AVAST engine defs: 12082300
16:18:25.653    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:18:25.663    Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
16:18:25.683    Disk 0 MBR read successfully
16:18:25.693    Disk 0 MBR scan
16:18:25.773    Disk 0 Windows 7 default MBR code
16:18:25.773    Disk 0 Partition 1 00     DE Dell Utility DELL 8.0      100 MB offset 2048
16:18:25.783    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 206848
16:18:25.823    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       595378 MB offset 30926848
16:18:25.873    Disk 0 scanning C:\windows\system32\drivers
16:18:43.164    Service scanning
16:19:26.074    Modules scanning
16:19:26.084    Disk 0 trace - called modules:
16:19:26.114    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
16:19:26.454    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007890060]
16:19:26.464    3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8005928970]
16:19:26.474    5 ACPI.sys[fffff88000eef7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800592e050]
16:19:29.654    AVAST engine scan C:\windows
16:19:35.584    AVAST engine scan C:\windows\system32
16:24:23.974    AVAST engine scan C:\windows\system32\drivers
16:24:42.974    AVAST engine scan C:\Users\Sivan
17:11:49.562    AVAST engine scan C:\ProgramData
17:15:14.782    Scan finished successfully
18:24:55.023    Disk 0 MBR has been saved successfully to "C:\Users\Sivan\Documents\MBR.dat"
18:24:55.033    The log file has been saved successfully to "C:\Users\Sivan\Documents\aswMBR.txt"

ESET Online Scanner:
C:\Users\Sivan\Downloads\VLC_968.exe	a variant of Win32/InstallIQ application	cleaned by deleting - quarantined


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:12 PM

Posted 23 August 2012 - 08:25 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

Edited by narenxp, 23 August 2012 - 08:25 PM.


#5 S1927

S1927
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 23 August 2012 - 09:34 PM

mini toolbox:
MiniToolBox by Farbar  Version: 23-07-2012
Ran by Sivan (administrator) on 23-08-2012 at 22:09:35
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel(R) Centrino(R) Wireless-N 1030 = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Sivan-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : columbus.rr.com

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : BC-77-37-B6-97-5D
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : BC-77-37-B6-97-5D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : columbus.rr.com
   Description . . . . . . . . . . . : Intel(R) Centrino(R) Wireless-N 1030
   Physical Address. . . . . . . . . : BC-77-37-B6-97-5C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c9a2:feaa:3c27:21b1%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.12(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, August 23, 2012 6:24:33 PM
   Lease Expires . . . . . . . . . . : Thursday, August 23, 2012 11:08:30 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 364672823
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-85-CB-A8-18-03-73-5B-E9-32
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : cohums.ohio-state.edu
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 18-03-73-5B-E9-32
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : BC-77-37-B6-97-60
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{10B809C4-1948-468C-818A-4C2ED46A5EDC}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.wireless.oberlin.edu:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {702E8E84-593D-47D4-9D33-82C3319CE629}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D218EF06-CA0A-4CDE-B67C-D304181927CD}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.columbus.rr.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : columbus.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3c5f:2669:b34a:b971(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3c5f:2669:b34a:b971%29(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.cohums.ohio-state.edu:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1CAFCF69-B32F-4908-B58F-249C125CB48F}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  2607:f8b0:4009:803::1000
	  74.125.225.73
	  74.125.225.78
	  74.125.225.64
	  74.125.225.65
	  74.125.225.66
	  74.125.225.67
	  74.125.225.68
	  74.125.225.69
	  74.125.225.70
	  74.125.225.71
	  74.125.225.72


Pinging google.com [74.125.225.71] with 32 bytes of data:
Reply from 74.125.225.71: bytes=32 time=33ms TTL=56
Reply from 74.125.225.71: bytes=32 time=20ms TTL=56

Ping statistics for 74.125.225.71:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 20ms, Maximum = 33ms, Average = 26ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  98.138.253.109
	  98.139.183.24
	  72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=198ms TTL=52
Reply from 98.139.183.24: bytes=32 time=96ms TTL=51

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 96ms, Maximum = 198ms, Average = 147ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    bleepingcomputer.com
Address:  208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 2ms, Maximum = 5ms, Average = 3ms
===========================================================================
Interface List
 15...bc 77 37 b6 97 5d ......Microsoft Virtual WiFi Miniport Adapter #2
 14...bc 77 37 b6 97 5d ......Microsoft Virtual WiFi Miniport Adapter
 13...bc 77 37 b6 97 5c ......Intel(R) Centrino(R) Wireless-N 1030
 12...18 03 73 5b e9 32 ......Realtek PCIe FE Family Controller
 11...bc 77 37 b6 97 60 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
 32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
 29...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
 30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.12     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.12    286
     192.168.0.12  255.255.255.255         On-link      192.168.0.12    286
    192.168.0.255  255.255.255.255         On-link      192.168.0.12    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.12    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.12    286
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 29     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 29     58 2001::/32                On-link
 29    306 2001:0:9d38:953c:3c5f:2669:b34a:b971/128
                                    On-link
 13    286 fe80::/64                On-link
 29    306 fe80::/64                On-link
 29    306 fe80::3c5f:2669:b34a:b971/128
                                    On-link
 13    286 fe80::c9a2:feaa:3c27:21b1/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    286 ff00::/8                 On-link
 29    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/23/2012 06:28:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/23/2012 06:27:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/23/2012 06:27:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/23/2012 10:08:38 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (08/23/2012 09:53:48 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (08/23/2012 08:08:53 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/23/2012 08:08:53 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/23/2012 08:08:53 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/23/2012 08:08:52 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
	Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (08/23/2012 08:08:18 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (08/23/2012 02:12:11 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (08/23/2012 02:11:41 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (08/23/2012 08:45:26 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (08/23/2012 08:42:24 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (08/23/2012 08:42:24 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (08/23/2012 08:42:24 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (08/23/2012 08:42:24 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (08/23/2012 08:42:24 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (08/23/2012 08:42:24 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (08/23/2012 08:40:20 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068


Microsoft Office Sessions:
=========================
Error: (08/23/2012 06:28:01 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sivan\Downloads\esetsmartinstaller_enu.exe

Error: (08/23/2012 06:27:58 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sivan\Downloads\esetsmartinstaller_enu.exe

Error: (08/23/2012 06:27:58 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sivan\Downloads\esetsmartinstaller_enu.exe

Error: (08/23/2012 10:08:38 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (08/23/2012 09:53:48 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (08/23/2012 08:08:53 AM) (Source: Windows Search Service)(User: )
Description: Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/23/2012 08:08:53 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/23/2012 08:08:53 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/23/2012 08:08:52 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
	Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (08/23/2012 08:08:18 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore


=========================== Installed Programs ============================

µTorrent (Version: 3.2.0)
3DVIA player 5.0.0.20 (Version: 5.0.20)
700 Lloyd Building
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Panorama Maker 4
Audacity 1.3.13 (Unicode)
CDisplayEx 1.8
Columbus Terrain Mod 1.0 english (Version: 1.0 english)
Commonwealth (Equitable) Building
Cozi (Version: 1.0.4323.24051)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell MusicStage (Version: 1.3.31.0)
Dell Perks Webslice IE8 (Version: 8.0)
Dell PhotoStage (Version: 1.5.0.19)
Dell Stage (Version: 1.4.173.0)
Dell Support Center (Version: 3.2.6032.47)
Dell Touchpad (Version: 7.1209.101.204)
Dell VideoStage (Version: 1.1.0.1011)
Dell Webcam Central (Version: 2.00.35)
DirectX 9 Runtime (Version: 1.00.0000)
DivX Setup (Version: 2.6.1.9)
Dropbox (Version: 1.4.7)
eBay (Version: 1.4.0)
Encore (Version: 5.0.2)
ESET Online Scanner v3
Facemoods Toolbar
File Uploader (Version: 1.1.1)
Free NaturalReader (Version: 9.0)
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 21.0.1180.83)
Google Earth (Version: 6.2.2.6613)
Google SketchUp 8 (Version: 3.0.14346)
Google Update Helper (Version: 1.3.21.115)
GPL Ghostscript 8.56
GPL Ghostscript Fonts
IDT Audio (Version: 1.0.6341.0)
Inkscape 0.48.2 (Version: 0.48.2)
Intel PROSet Wireless
Intel(R) Control Center (Version: 1.2.1.1007)
Intel(R) Management Engine Components (Version: 7.0.0.1118)
Intel(R) Processor Graphics (Version: 8.15.10.2342)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.0.0.0454)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.00.1000)
Intel(R) Rapid Storage Technology (Version: 10.1.0.1008)
Intel(R) Wireless Display
Intel(R) Wireless Display (Version: 2.0.27.0)
Internet Explorer (Version: 8)
Jackson Tower
Java Auto Updater (Version: 2.0.7.1)
Java(TM) 6 Update 24 (64-bit) (Version: 6.0.240)
Java(TM) 6 Update 32 (Version: 6.0.320)
JDownloader 0.9 (Version: 0.9)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaiser Permanente Tower
LAME v3.98.3 for Audacity
Major League Baseball 2K12 (Version: 1.0.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Max 6.0.4 (Version: 136.0.4)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mixxx 1.9.0 (Version: 1.9.0)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NAM Hotfix Package 301 (13 April 2012) (Version: 301 (13 April 2012))
Network Addon Mod Version 30 with Essentials r132 (Version: Version 30 with Essentials r132)
Network Widening Mod Version 2.0.0 (Version: Version 2.0.0)
Neuratron AudioScore Lite (Version: 6.5.0)
Neuratron PhotoScore Lite (Version: 6.0.0)
Nikon Message Center (Version: 0.92.000)
Nikon Message Center 2 (Version: 2.1.0)
Nikon Movie Editor (Version: 2.5.0)
Nikon Transfer (Version: 1.3.0)
Octoshape add-in for Adobe Flash Player
Out of the Park Baseball 12 (Version: 12)
Out of the Park Baseball 13 (Version: 13)
PhotoShowExpress (Version: 2.0.063)
Picture Control Utility x64 (Version: 1.4.6)
Quickset64 (Version: 10.09.20)
QuickTime (Version: 7.71.80.42)
Rainmeter
RBVirtualFolder64Inst (Version: 1.00.0000)
RealHighway Mod Version 5.0.0 (Version: Version 5.0.0)
Realtek Ethernet Controller Driver (Version: 7.31.1025.2010)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
SafeConnect
Sibelius 6.2.0.88
Sibelius Scorch (all browsers) (Version: 6.2.0)
Sibelius Sounds Essentials for Sibelius 6 (Version: 1.1.0)
SimCity 4 Deluxe
Simcity Community BAT Committee
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.8 (Version: 5.8.158)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SPEAR v0.7.4 r.148
Standard Insurance Plaza
StreamTorrent 1.0
Street Addon Mod Beta v3 (Version: Beta v3)
Synekism 0.4.6.28 (Version: 0.4.6.28)
TrustedID (Version: 5.0)
TuxGuitar (Version: 1.2)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
uTorrentControl2 Toolbar (Version: 6.8.11.4)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
ViewNX 2 (Version: 2.5.0)
VirtualDJ Home FREE (Version: 7.0.5)
VLC media player 2.0.2 (Version: 2.0.2)
Winamp (Version: 5.621 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile Device Updater Component (Version: 04.07.1404.01)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Zune (Version: 04.07.1404.01)
Zune Language Pack (DEU) (Version: 04.07.1404.01)
Zune Language Pack (ESP) (Version: 04.07.1404.01)
Zune Language Pack (FRA) (Version: 04.07.1404.01)
Zune Language Pack (ITA) (Version: 04.07.1404.01)
Zune Language Pack (NLD) (Version: 04.07.1404.01)
Zune Language Pack (PTB) (Version: 04.07.1404.01)
Zune Language Pack (PTG) (Version: 04.07.1404.01)

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 6051.18 MB
Available physical RAM: 2926.77 MB
Total Pagefile: 12100.54 MB
Available Pagefile: 9077.82 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.84 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:337.94 GB) NTFS

========================= Users: ========================================

User accounts for \\SIVAN-PC

Administrator            Guest                    Sivan                    


**** End of log ****

FSS:
Farbar Service Scanner Version: 06-08-2012
Ran by Sivan (administrator) on 23-08-2012 at 22:14:45
Running from "C:\Users\Sivan\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Adware Cleaner:
# AdwCleaner v1.801 - Logfile created 08/23/2012 at 22:15:44
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Sivan - SIVAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Sivan\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Sivan\AppData\Local\Conduit
Folder Deleted : C:\Users\Sivan\AppData\Local\Temp\CT3072253
Folder Deleted : C:\Users\Sivan\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Sivan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Sivan\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Sivan\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Sivan\AppData\Roaming\Mozilla\Firefox\Profiles\khewq1p1.default\ConduitCommon
Folder Deleted : C:\Users\Sivan\AppData\Roaming\Mozilla\Firefox\Profiles\khewq1p1.default\CT3072253
Folder Deleted : C:\Users\Sivan\AppData\Roaming\Mozilla\Firefox\Profiles\khewq1p1.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\facemoods.com
Folder Deleted : C:\Program Files (x86)\uTorrentControl2
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\facemoods.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\facemoods.com
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\uTorrentControl2
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [facemoods]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C49273A-AEFD-419D-B244-DA0FB44B2E0A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{02063720-A09F-4758-B7A9-DFA58AE05A46}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ddrnw --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.facemoods.com/?a=ddrnw&f=2 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default 
File : C:\Users\Sivan\AppData\Roaming\Mozilla\Firefox\Profiles\khewq1p1.default\prefs.js

Deleted : user_pref("CT3072253..clientLogIsEnabled", true);
Deleted : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Deleted : user_pref("CT3072253.CTID", "CT3072253");
Deleted : user_pref("CT3072253.CurrentServerDate", "11-7-2012");
Deleted : user_pref("CT3072253.DSInstall", false);
Deleted : user_pref("CT3072253.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3072253.DialogsGetterLastCheckTime", "Wed Jul 11 2012 14:17:16 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT3072253.DownloadReferralCookieData", "");
Deleted : user_pref("CT3072253.FirstServerDate", "11-7-2012");
Deleted : user_pref("CT3072253.FirstTime", true);
Deleted : user_pref("CT3072253.FirstTimeFF3", true);
Deleted : user_pref("CT3072253.FirstTimeHiddenVer", true);
Deleted : user_pref("CT3072253.FixPageNotFoundErrors", true);
Deleted : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3072253.HPInstall", false);
Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Deleted : user_pref("CT3072253.Initialize", true);
Deleted : user_pref("CT3072253.InitializeCommonPrefs", true);
Deleted : user_pref("CT3072253.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT3072253.InstallationId", "fft5B98.tmp.exe");
Deleted : user_pref("CT3072253.InstallationType", "XPE");
Deleted : user_pref("CT3072253.InstalledDate", "Wed Jul 11 2012 14:17:40 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT3072253.IsAlertDBUpdated", true);
Deleted : user_pref("CT3072253.IsGrouping", false);
Deleted : user_pref("CT3072253.IsInitSetupIni", true);
Deleted : user_pref("CT3072253.IsMulticommunity", false);
Deleted : user_pref("CT3072253.IsOpenThankYouPage", true);
Deleted : user_pref("CT3072253.IsOpenUninstallPage", false);
Deleted : user_pref("CT3072253.LanguagePackLastCheckTime", "Wed Jul 11 2012 14:17:40 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3072253.LastLogin_3.13.0.6", "Wed Jul 11 2012 14:17:40 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3072253.LatestVersion", "3.13.0.6");
Deleted : user_pref("CT3072253.Locale", "en");
Deleted : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3072253.MyStuffEnabledAtInstallation", false);
Deleted : user_pref("CT3072253.OriginalFirstVersion", "3.13.0.6");
Deleted : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Deleted : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Deleted : user_pref("CT3072253.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Wed Jul 11 2012 14:17:40 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3072253.SearchProtectorToolbarDisabled", true);
Deleted : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Wed Jul 11 2012 14:17:15 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT3072253.SettingsLastCheckTime", "Wed Jul 11 2012 14:17:15 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT3072253.SettingsLastUpdate", "1339665152");
Deleted : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Deleted : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Wed Jul 11 2012 14:17:15 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT3072253.ToolbarDisabled", true);
Deleted : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Deleted : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3072253.UserID", "UN49075739229774185");
Deleted : user_pref("CT3072253.alertChannelId", "1463702");
Deleted : user_pref("CT3072253.autoDisableScopes", -1);
Deleted : user_pref("CT3072253.backendstorage.cbcountry_001", "5553");
Deleted : user_pref("CT3072253.backendstorage.cbfirsttime", "576564204A756C20313120323031322031343A31373A34352[...]
Deleted : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Wed Jul 11 2012 14:17:16 GMT-0400 (Eastern [...]
Deleted : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3072253.initDone", true);
Deleted : user_pref("CT3072253.isAppTrackingManagerOn", true);
Deleted : user_pref("CT3072253.myStuffEnabled", true);
Deleted : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3072253.navigateToUrlOnSearch", false);
Deleted : user_pref("CT3072253.revertSettingsEnabled", false);
Deleted : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3072253.testingCtid", "");
Deleted : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Wed Jul 11 2012 14:17:16 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Wed Jul 11 2012 14:17:17 GMT-0400 (Eastern D[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"21b[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Sivan\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Deleted : user_pref("CommunityToolbar.globalUserId", "94fafe29-cfee-4406-bb7d-cd9b6a58c917");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Jul 11 2012 14:17:4[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Jul 11 2012 14:17:54 GMT-040[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Jul 11 2012 14:17:16 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "303faeae-ed31-4749-973b-2c2bd13208e9");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://mlb.mlb.com/index.jsp");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "B-Ref Search");
Deleted : user_pref("extensions.facemoods._xpiupdate", true);
Deleted : user_pref("extensions.facemoods.aflt", "_#wbst");
Deleted : user_pref("extensions.facemoods.dnsErr", false);
Deleted : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Deleted : user_pref("extensions.facemoods.first_time", false);
Deleted : user_pref("extensions.facemoods.id", "_#f392e42e923c4ee48b86cda023409e26");
Deleted : user_pref("extensions.facemoods.instlDay", "_#15368");
Deleted : user_pref("extensions.facemoods.newTab", false);
Deleted : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Deleted : user_pref("extensions.facemoods.sid", "_#f392e42e923c4ee48b86cda023409e26");
Deleted : user_pref("extensions.facemoods.uninst", true);
Deleted : user_pref("extensions.facemoods.update", "_#v1.4.0");
Deleted : user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=[...]

*************************

AdwCleaner[S1].txt - [21183 octets] - [23/08/2012 22:15:44]

########## EOF - C:\AdwCleaner[S1].txt - [21312 octets] ##########


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:12 PM

Posted 23 August 2012 - 09:36 PM

Malwarebytes log?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 S1927

S1927
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 23 August 2012 - 10:22 PM

Sorry, did you want me to post a log of the malwarebytes quick scan I did earlier? I redid the scan, here it is. (I also did a full scan earlier in the day which came up with nothing.)
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.23.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sivan :: SIVAN-PC [administrator]

Protection: Enabled

8/23/2012 11:14:02 PM
mbam-log-2012-08-23 (23-14-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213439
Time elapsed: 6 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


And, RKILL log:
Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/23/2012 11:11:41 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

 * No malware services found to stop.

Checking for processes to terminate.

 * C:\Users\Sivan\Documents\Rainmeter\Skins\Gnometer\Media Player\ZunePlaying.exe (PID: 6612) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings.

 * Advanced Explorer Setting Removed:  HideIcons [HKCU]
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Sivan\Desktop\rkill\rkill-08-23-2012-11-11-49.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity: 

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

 * AppMgmt [Missing Service]
 * CscService [Missing Service]
 * PeerDistSvc [Missing Service]
 * UmRdpService [Missing Service]

Searching for Missing Digital Signatures: 

 * No issues found.

Program finished at: 08/23/2012 11:12:02 PM
Execution time: 0 hours(s), 0 minute(s), and 20 seconds(s)


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:12 PM

Posted 23 August 2012 - 10:26 PM

Looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 S1927

S1927
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 23 August 2012 - 11:23 PM

Fantastic, can't thank you enough!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:12 PM

Posted 23 August 2012 - 11:25 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users