Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious Kernel Callback, No Infection Detected from FixTDSS


  • Please log in to reply
9 replies to this topic

#1 Dennis59

Dennis59

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:38 AM

Posted 01 September 2012 - 03:02 PM

Yesterday while using my computer a window popped up saying that I had a hard disk failure and that some special software should be downloaded (and purchased) to fix it. This was clearly a fake so an antivirus scan (Avira) was run and nothing was found. Several detection programs, like TDSSKiller and FixTDSS would not run. They would appear to start and then disappear. At that point it was obvious that the Avira antivirus had been compromised and was blocking all internet traffic (and some of the functions were in an error state). This was reinstalled and internet was restored. During this time nearly all files on the computer were hidden and were restored by unhiding. At this point the computer was functional (mostly) but browsers were being redirected to sites other than what was entered and any scanning program would not work as described above.

Two Avira rescue products were used from boot CD (Rescue System and Boot Sector Repair Tool) but neither found anything. After some additional research it was found that the boot sector had been changed using ListParts64 suggesting a rootkit virus. Using a linux shell the boot sector was reassigned and the hidden sector deleted. At this point the computer is behaving normally except that after running FixTDSS the warning "Suspicious Kernal Callback... No Infection Detected" is obtained. Researching on the web shows nothing definitive on this. Is this an issue that should be addressed?

Thanks

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 01 September 2012 - 03:09 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Dennis59

Dennis59
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:38 AM

Posted 02 September 2012 - 08:09 AM

Thank you for the quick reply! The requested scans were run last night and the results are posted below:

TDSSKiller:

20:14:41.0172 5500 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
20:14:43.0185 5500 ============================================================
20:14:43.0185 5500 Current date / time: 2012/09/01 20:14:43.0185
20:14:43.0185 5500 SystemInfo:
20:14:43.0185 5500
20:14:43.0185 5500 OS Version: 6.1.7601 ServicePack: 1.0
20:14:43.0185 5500 Product type: Workstation
20:14:43.0185 5500 ComputerName: LAURADESK
20:14:43.0185 5500 UserName: Laura
20:14:43.0185 5500 Windows directory: C:\Windows
20:14:43.0185 5500 System windows directory: C:\Windows
20:14:43.0185 5500 Running under WOW64
20:14:43.0185 5500 Processor architecture: Intel x64
20:14:43.0185 5500 Number of processors: 8
20:14:43.0185 5500 Page size: 0x1000
20:14:43.0185 5500 Boot type: Normal boot
20:14:43.0185 5500 ============================================================
20:14:44.0105 5500 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:14:44.0136 5500 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:14:44.0152 5500 ============================================================
20:14:44.0152 5500 \Device\Harddisk0\DR0:
20:14:44.0152 5500 MBR partitions:
20:14:44.0152 5500 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:14:44.0152 5500 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746CCDB0
20:14:44.0152 5500 \Device\Harddisk1\DR1:
20:14:44.0152 5500 MBR partitions:
20:14:44.0152 5500 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
20:14:44.0152 5500 ============================================================
20:14:44.0230 5500 C: <-> \Device\Harddisk0\DR0\Partition2
20:14:44.0324 5500 E: <-> \Device\Harddisk1\DR1\Partition1
20:14:44.0324 5500 ============================================================
20:14:44.0324 5500 Initialize success
20:14:44.0324 5500 ============================================================
20:15:17.0598 0196 ============================================================
20:15:17.0598 0196 Scan started
20:15:17.0598 0196 Mode: Manual; TDLFS;
20:15:17.0598 0196 ============================================================
20:15:18.0456 0196 ================ Scan system memory ========================
20:15:18.0456 0196 System memory - ok
20:15:18.0456 0196 ================ Scan services =============================
20:15:18.0659 0196 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:15:18.0659 0196 1394ohci - ok
20:15:18.0690 0196 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:15:18.0690 0196 ACPI - ok
20:15:18.0722 0196 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:15:18.0722 0196 AcpiPmi - ok
20:15:18.0862 0196 [ AD2596D8CF9D25CC38CD06F7347A5ED5 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
20:15:18.0862 0196 AcrSch2Svc - ok
20:15:18.0956 0196 [ 1C090E86AFD15231377AD37436C3C719 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
20:15:18.0956 0196 ADIHdAudAddService - ok
20:15:19.0034 0196 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:15:19.0034 0196 AdobeARMservice - ok
20:15:19.0190 0196 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:15:19.0190 0196 AdobeFlashPlayerUpdateSvc - ok
20:15:19.0236 0196 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:15:19.0252 0196 adp94xx - ok
20:15:19.0252 0196 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:15:19.0268 0196 adpahci - ok
20:15:19.0268 0196 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:15:19.0268 0196 adpu320 - ok
20:15:19.0314 0196 [ 3BDB13C79CC8C06E2F8182595903ED69 ] AEADIFilters C:\Windows\system32\AEADISRV.EXE
20:15:19.0314 0196 AEADIFilters - ok
20:15:19.0346 0196 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:15:19.0346 0196 AeLookupSvc - ok
20:15:19.0392 0196 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:15:19.0392 0196 AFD - ok
20:15:19.0408 0196 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:15:19.0408 0196 agp440 - ok
20:15:19.0424 0196 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:15:19.0424 0196 ALG - ok
20:15:19.0439 0196 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:15:19.0439 0196 aliide - ok
20:15:19.0439 0196 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:15:19.0439 0196 amdide - ok
20:15:19.0455 0196 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:15:19.0455 0196 AmdK8 - ok
20:15:19.0455 0196 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:15:19.0470 0196 AmdPPM - ok
20:15:19.0470 0196 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:15:19.0470 0196 amdsata - ok
20:15:19.0486 0196 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:15:19.0486 0196 amdsbs - ok
20:15:19.0502 0196 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:15:19.0502 0196 amdxata - ok
20:15:19.0517 0196 [ 1C95002CE0AB71D9C81B7DC2D790E4C2 ] androidusb C:\Windows\system32\Drivers\wsadb.sys
20:15:19.0517 0196 androidusb - ok
20:15:19.0658 0196 [ D8674E6097CDD4B2FB9BEC42EEE046D7 ] AntiVirFirewallService C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
20:15:19.0658 0196 AntiVirFirewallService - ok
20:15:19.0720 0196 [ B089C306D4DF73A28CEF5240D0142CB3 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
20:15:19.0720 0196 AntiVirMailService - ok
20:15:19.0751 0196 [ 45879699881C9FD3FB53BDE187163661 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:15:19.0751 0196 AntiVirSchedulerService - ok
20:15:19.0782 0196 [ EC5CBEDD47BAE12E7D369C3B5B857964 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:15:19.0798 0196 AntiVirService - ok
20:15:19.0814 0196 [ F7C781C4C098FC3F8E2E4DFB48EE019D ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:15:19.0814 0196 AntiVirWebService - ok
20:15:19.0845 0196 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:15:19.0845 0196 AppID - ok
20:15:19.0892 0196 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:15:19.0892 0196 AppIDSvc - ok
20:15:19.0923 0196 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:15:19.0923 0196 Appinfo - ok
20:15:19.0985 0196 [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:15:19.0985 0196 Apple Mobile Device - ok
20:15:20.0048 0196 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
20:15:20.0048 0196 AppMgmt - ok
20:15:20.0063 0196 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:15:20.0063 0196 arc - ok
20:15:20.0079 0196 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:15:20.0079 0196 arcsas - ok
20:15:20.0172 0196 [ 9149EC69ACD3EFC97B01D5A1BAEB3B57 ] arXfrSvc C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
20:15:20.0188 0196 arXfrSvc - ok
20:15:20.0204 0196 [ E1E75921E9EB025009696D4837F531FB ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
20:15:20.0219 0196 asmthub3 - ok
20:15:20.0250 0196 [ B0CF9AB16006B61634D4F955345CA5D2 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
20:15:20.0250 0196 asmtxhci - ok
20:15:20.0328 0196 [ E781164C7D47950E3D218C84B2901CB2 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
20:15:20.0328 0196 AsSysCtrlService - ok
20:15:20.0344 0196 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:15:20.0344 0196 AsyncMac - ok
20:15:20.0344 0196 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:15:20.0344 0196 atapi - ok
20:15:20.0375 0196 [ AAAE03F8EDA817EC28C5445193EA8BF3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:15:20.0375 0196 AthBTPort - ok
20:15:20.0406 0196 [ 4ECC791539F23982411864037D1AC8FC ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
20:15:20.0406 0196 ATHDFU - ok
20:15:20.0438 0196 [ C34B28D6285EAD94B3A2FABA84E90DA5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:15:20.0438 0196 AtherosSvc - ok
20:15:20.0500 0196 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:15:20.0500 0196 AudioEndpointBuilder - ok
20:15:20.0531 0196 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:15:20.0531 0196 AudioSrv - ok
20:15:20.0562 0196 [ F3A3859D006783A0E0D40E227E52C35C ] avfwim C:\Windows\system32\DRIVERS\avfwim.sys
20:15:20.0562 0196 avfwim - ok
20:15:20.0625 0196 [ BC06315A7BDBCAD0C7719D1C1306A4DB ] avfwot C:\Windows\system32\DRIVERS\avfwot.sys
20:15:20.0625 0196 avfwot - ok
20:15:20.0656 0196 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:15:20.0656 0196 avgntflt - ok
20:15:20.0672 0196 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:15:20.0672 0196 avipbb - ok
20:15:20.0703 0196 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:15:20.0703 0196 avkmgr - ok
20:15:20.0796 0196 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:15:20.0796 0196 AxInstSV - ok
20:15:20.0812 0196 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:15:20.0828 0196 b06bdrv - ok
20:15:20.0859 0196 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:15:20.0859 0196 b57nd60a - ok
20:15:20.0906 0196 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:15:20.0906 0196 BDESVC - ok
20:15:20.0921 0196 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:15:20.0921 0196 Beep - ok
20:15:21.0030 0196 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:15:21.0030 0196 BFE - ok
20:15:21.0062 0196 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
20:15:21.0062 0196 BITS - ok
20:15:21.0077 0196 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:15:21.0077 0196 blbdrive - ok
20:15:21.0155 0196 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:15:21.0155 0196 Bonjour Service - ok
20:15:21.0171 0196 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:15:21.0171 0196 bowser - ok
20:15:21.0186 0196 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:15:21.0186 0196 BrFiltLo - ok
20:15:21.0186 0196 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:15:21.0186 0196 BrFiltUp - ok
20:15:21.0218 0196 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:15:21.0218 0196 BridgeMP - ok
20:15:21.0233 0196 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:15:21.0233 0196 Browser - ok
20:15:21.0264 0196 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:15:21.0264 0196 Brserid - ok
20:15:21.0280 0196 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:15:21.0280 0196 BrSerWdm - ok
20:15:21.0280 0196 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:15:21.0280 0196 BrUsbMdm - ok
20:15:21.0296 0196 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:15:21.0296 0196 BrUsbSer - ok
20:15:21.0327 0196 [ 3B1B573371B206D1D5F25E0EF5FCD6D6 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:15:21.0327 0196 BTATH_A2DP - ok
20:15:21.0343 0196 [ 2D0446336D9DB55A742B999EC16ADF15 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
20:15:21.0343 0196 BTATH_BUS - ok
20:15:21.0358 0196 [ 9A9694BBEB2849EAF95DFFCAE5DF02AD ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:15:21.0358 0196 BTATH_HCRP - ok
20:15:21.0374 0196 [ FC0A8075DDF2E9C66267AEC91E0676F9 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:15:21.0374 0196 BTATH_LWFLT - ok
20:15:21.0389 0196 [ 5EB4815CBDDBA4541F2380DAE6E269AB ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
20:15:21.0389 0196 BTATH_RCP - ok
20:15:21.0421 0196 [ 0ECEDE7B33CFD9A52A61220ABBD09A50 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:15:21.0421 0196 BtFilter - ok
20:15:21.0436 0196 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:15:21.0452 0196 BthEnum - ok
20:15:21.0452 0196 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:15:21.0452 0196 BTHMODEM - ok
20:15:21.0467 0196 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:15:21.0467 0196 BthPan - ok
20:15:21.0499 0196 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:15:21.0499 0196 BTHPORT - ok
20:15:21.0514 0196 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:15:21.0514 0196 bthserv - ok
20:15:21.0530 0196 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:15:21.0530 0196 BTHUSB - ok
20:15:21.0561 0196 catchme - ok
20:15:21.0561 0196 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:15:21.0561 0196 cdfs - ok
20:15:21.0592 0196 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:15:21.0592 0196 cdrom - ok
20:15:21.0623 0196 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:15:21.0623 0196 CertPropSvc - ok
20:15:21.0639 0196 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:15:21.0639 0196 circlass - ok
20:15:21.0670 0196 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:15:21.0670 0196 CLFS - ok
20:15:21.0857 0196 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:15:21.0857 0196 clr_optimization_v2.0.50727_32 - ok
20:15:21.0998 0196 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:15:21.0998 0196 clr_optimization_v2.0.50727_64 - ok
20:15:22.0029 0196 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:15:22.0029 0196 clr_optimization_v4.0.30319_32 - ok
20:15:22.0107 0196 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:15:22.0123 0196 clr_optimization_v4.0.30319_64 - ok
20:15:22.0123 0196 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:15:22.0123 0196 CmBatt - ok
20:15:22.0138 0196 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:15:22.0138 0196 cmdide - ok
20:15:22.0169 0196 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:15:22.0185 0196 CNG - ok
20:15:22.0201 0196 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:15:22.0201 0196 Compbatt - ok
20:15:22.0216 0196 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:15:22.0216 0196 CompositeBus - ok
20:15:22.0216 0196 COMSysApp - ok
20:15:22.0232 0196 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:15:22.0232 0196 crcdisk - ok
20:15:22.0263 0196 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:15:22.0263 0196 CryptSvc - ok
20:15:22.0341 0196 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
20:15:22.0341 0196 CSC - ok
20:15:22.0466 0196 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
20:15:22.0481 0196 CscService - ok
20:15:22.0497 0196 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
20:15:22.0497 0196 dc3d - ok
20:15:22.0622 0196 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:15:22.0622 0196 DcomLaunch - ok
20:15:22.0653 0196 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:15:22.0669 0196 defragsvc - ok
20:15:22.0715 0196 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:15:22.0715 0196 DfsC - ok
20:15:22.0778 0196 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:15:22.0778 0196 Dhcp - ok
20:15:22.0793 0196 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:15:22.0793 0196 discache - ok
20:15:22.0825 0196 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:15:22.0825 0196 Disk - ok
20:15:22.0840 0196 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:15:22.0840 0196 Dnscache - ok
20:15:22.0903 0196 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:15:22.0903 0196 dot3svc - ok
20:15:22.0949 0196 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:15:22.0965 0196 DPS - ok
20:15:22.0996 0196 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:15:22.0996 0196 drmkaud - ok
20:15:23.0043 0196 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:15:23.0043 0196 DXGKrnl - ok
20:15:23.0105 0196 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
20:15:23.0105 0196 e1cexpress - ok
20:15:23.0137 0196 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:15:23.0137 0196 EapHost - ok
20:15:23.0199 0196 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:15:23.0215 0196 ebdrv - ok
20:15:23.0230 0196 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:15:23.0230 0196 EFS - ok
20:15:23.0324 0196 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:15:23.0324 0196 ehRecvr - ok
20:15:23.0355 0196 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:15:23.0355 0196 ehSched - ok
20:15:23.0386 0196 [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
20:15:23.0402 0196 ElbyCDIO - ok
20:15:23.0495 0196 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:15:23.0495 0196 elxstor - ok
20:15:23.0511 0196 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:15:23.0511 0196 ErrDev - ok
20:15:23.0558 0196 [ 94B3C06DCF580695EBA5304F3C750256 ] esClient C:\Program Files\Windows Home Server\esClient.exe
20:15:23.0558 0196 esClient - ok
20:15:23.0605 0196 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:15:23.0605 0196 EventSystem - ok
20:15:23.0620 0196 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:15:23.0620 0196 exfat - ok
20:15:23.0636 0196 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:15:23.0636 0196 fastfat - ok
20:15:23.0683 0196 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:15:23.0683 0196 Fax - ok
20:15:23.0714 0196 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:15:23.0714 0196 fdc - ok
20:15:23.0729 0196 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:15:23.0729 0196 fdPHost - ok
20:15:23.0745 0196 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:15:23.0745 0196 FDResPub - ok
20:15:23.0761 0196 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:15:23.0761 0196 FileInfo - ok
20:15:23.0792 0196 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:15:23.0792 0196 Filetrace - ok
20:15:23.0823 0196 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:15:23.0823 0196 flpydisk - ok
20:15:23.0854 0196 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:15:23.0870 0196 FltMgr - ok
20:15:23.0979 0196 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:15:23.0979 0196 FontCache - ok
20:15:24.0026 0196 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:15:24.0026 0196 FontCache3.0.0.0 - ok
20:15:24.0041 0196 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:15:24.0041 0196 FsDepends - ok
20:15:24.0088 0196 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:15:24.0088 0196 Fs_Rec - ok
20:15:24.0119 0196 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:15:24.0119 0196 fvevol - ok
20:15:24.0151 0196 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:15:24.0151 0196 gagp30kx - ok
20:15:24.0213 0196 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll
20:15:24.0213 0196 getPlusHelper - ok
20:15:24.0260 0196 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:15:24.0260 0196 gpsvc - ok
20:15:24.0400 0196 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:15:24.0400 0196 gupdate - ok
20:15:24.0400 0196 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:15:24.0400 0196 gupdatem - ok
20:15:24.0447 0196 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:15:24.0447 0196 hcw85cir - ok
20:15:24.0509 0196 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:15:24.0509 0196 HdAudAddService - ok
20:15:24.0541 0196 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:15:24.0541 0196 HDAudBus - ok
20:15:24.0556 0196 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:15:24.0556 0196 HidBatt - ok
20:15:24.0572 0196 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:15:24.0572 0196 HidBth - ok
20:15:24.0587 0196 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:15:24.0587 0196 HidIr - ok
20:15:24.0603 0196 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
20:15:24.0603 0196 hidserv - ok
20:15:24.0634 0196 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:15:24.0634 0196 HidUsb - ok
20:15:24.0665 0196 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:15:24.0665 0196 hkmsvc - ok
20:15:24.0697 0196 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:15:24.0697 0196 HomeGroupListener - ok
20:15:24.0712 0196 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:15:24.0712 0196 HomeGroupProvider - ok
20:15:24.0743 0196 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:15:24.0743 0196 HpSAMD - ok
20:15:24.0775 0196 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:15:24.0790 0196 HTTP - ok
20:15:24.0821 0196 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:15:24.0821 0196 hwpolicy - ok
20:15:24.0837 0196 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:15:24.0853 0196 i8042prt - ok
20:15:24.0868 0196 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:15:24.0868 0196 iaStorV - ok
20:15:24.0915 0196 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:15:24.0931 0196 idsvc - ok
20:15:24.0946 0196 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:15:24.0946 0196 iirsp - ok
20:15:24.0962 0196 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:15:24.0962 0196 IKEEXT - ok
20:15:24.0993 0196 IntcAzAudAddService - ok
20:15:25.0009 0196 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:15:25.0009 0196 intelide - ok
20:15:25.0024 0196 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:15:25.0024 0196 intelppm - ok
20:15:25.0055 0196 [ 068EC06F3B6DD7B81B365D8FD2CE27E6 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
20:15:25.0055 0196 Intel® PROSet Monitoring Service - ok
20:15:25.0087 0196 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:15:25.0087 0196 IPBusEnum - ok
20:15:25.0118 0196 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:15:25.0118 0196 IpFilterDriver - ok
20:15:25.0133 0196 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:15:25.0133 0196 iphlpsvc - ok
20:15:25.0180 0196 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:15:25.0180 0196 IPMIDRV - ok
20:15:25.0180 0196 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:15:25.0180 0196 IPNAT - ok
20:15:25.0196 0196 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:15:25.0196 0196 IRENUM - ok
20:15:25.0211 0196 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:15:25.0211 0196 isapnp - ok
20:15:25.0211 0196 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:15:25.0227 0196 iScsiPrt - ok
20:15:25.0258 0196 [ A577F5DB30F70ECA9708C07C2EACBD9D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
20:15:25.0258 0196 JRAID - ok
20:15:25.0274 0196 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:15:25.0274 0196 kbdclass - ok
20:15:25.0289 0196 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:15:25.0289 0196 kbdhid - ok
20:15:25.0305 0196 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:15:25.0305 0196 KeyIso - ok
20:15:25.0336 0196 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:15:25.0336 0196 KSecDD - ok
20:15:25.0367 0196 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:15:25.0367 0196 KSecPkg - ok
20:15:25.0383 0196 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:15:25.0383 0196 ksthunk - ok
20:15:25.0461 0196 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:15:25.0461 0196 KtmRm - ok
20:15:25.0508 0196 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:15:25.0508 0196 LanmanServer - ok
20:15:25.0539 0196 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:15:25.0539 0196 LanmanWorkstation - ok
20:15:26.0179 0196 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
20:15:26.0194 0196 LeapFrog Connect Device Service - ok
20:15:26.0257 0196 [ 797289607A5EBF31353AA5EAD141F872 ] LeapFrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
20:15:26.0257 0196 LeapFrog-USBLAN - ok
20:15:26.0303 0196 [ 9DBAFD6106EE59D548AA1B0C144799EF ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:15:26.0303 0196 LightScribeService - ok
20:15:26.0335 0196 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:15:26.0335 0196 lltdio - ok
20:15:26.0397 0196 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:15:26.0397 0196 lltdsvc - ok
20:15:26.0413 0196 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:15:26.0413 0196 lmhosts - ok
20:15:26.0444 0196 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:15:26.0444 0196 LSI_FC - ok
20:15:26.0459 0196 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:15:26.0459 0196 LSI_SAS - ok
20:15:26.0475 0196 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:15:26.0475 0196 LSI_SAS2 - ok
20:15:26.0491 0196 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:15:26.0491 0196 LSI_SCSI - ok
20:15:26.0522 0196 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:15:26.0522 0196 luafv - ok
20:15:26.0553 0196 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:15:26.0553 0196 Mcx2Svc - ok
20:15:26.0787 0196 [ 960FB504E94DC6E6CD9132F5B8FC7355 ] MediaMall Server C:\Program Files (x86)\MediaMall\MediaMallServer.exe
20:15:26.0803 0196 MediaMall Server - ok
20:15:26.0818 0196 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:15:26.0818 0196 megasas - ok
20:15:26.0865 0196 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:15:26.0865 0196 MegaSR - ok
20:15:26.0912 0196 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:15:26.0912 0196 MEIx64 - ok
20:15:26.0943 0196 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:15:26.0943 0196 MMCSS - ok
20:15:26.0959 0196 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:15:26.0959 0196 Modem - ok
20:15:26.0990 0196 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:15:26.0990 0196 monitor - ok
20:15:27.0005 0196 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:15:27.0005 0196 mouclass - ok
20:15:27.0037 0196 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:15:27.0037 0196 mouhid - ok
20:15:27.0083 0196 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:15:27.0083 0196 mountmgr - ok
20:15:27.0115 0196 [ 685557336FE0990DFF6CCEC26426125A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:15:27.0115 0196 MozillaMaintenance - ok
20:15:27.0130 0196 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:15:27.0130 0196 mpio - ok
20:15:27.0130 0196 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:15:27.0130 0196 mpsdrv - ok
20:15:27.0193 0196 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:15:27.0208 0196 MpsSvc - ok
20:15:27.0239 0196 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:15:27.0239 0196 MRxDAV - ok
20:15:27.0286 0196 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:15:27.0286 0196 mrxsmb - ok
20:15:27.0302 0196 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:15:27.0302 0196 mrxsmb10 - ok
20:15:27.0317 0196 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:15:27.0317 0196 mrxsmb20 - ok
20:15:27.0333 0196 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
20:15:27.0333 0196 msahci - ok
20:15:27.0380 0196 [ 023E10227D83B47D3B72C9FFCD323704 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
20:15:27.0380 0196 MSCamSvc - ok
20:15:27.0395 0196 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:15:27.0395 0196 msdsm - ok
20:15:27.0427 0196 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:15:27.0427 0196 MSDTC - ok
20:15:27.0442 0196 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:15:27.0442 0196 Msfs - ok
20:15:27.0458 0196 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:15:27.0458 0196 mshidkmdf - ok
20:15:27.0473 0196 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:15:27.0473 0196 msisadrv - ok
20:15:27.0505 0196 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:15:27.0520 0196 MSiSCSI - ok
20:15:27.0520 0196 msiserver - ok
20:15:27.0536 0196 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:15:27.0536 0196 MSKSSRV - ok
20:15:27.0536 0196 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:15:27.0536 0196 MSPCLOCK - ok
20:15:27.0551 0196 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:15:27.0551 0196 MSPQM - ok
20:15:27.0598 0196 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:15:27.0598 0196 MsRPC - ok
20:15:27.0614 0196 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:15:27.0614 0196 mssmbios - ok
20:15:27.0614 0196 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:15:27.0614 0196 MSTEE - ok
20:15:27.0645 0196 [ C83829C280F0207677B7AAA151EF9C4D ] msvad_simple C:\Windows\system32\drivers\povrtdev.sys
20:15:27.0645 0196 msvad_simple - ok
20:15:27.0661 0196 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:15:27.0661 0196 MTConfig - ok
20:15:27.0692 0196 [ 2219A3D695405E7BA2186BA6B9EDE14A ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
20:15:27.0692 0196 MTsensor - ok
20:15:27.0707 0196 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:15:27.0707 0196 Mup - ok
20:15:27.0739 0196 [ 42AB117AB98AC93F487B2913EE4FBDD8 ] mv61xx C:\Windows\system32\DRIVERS\mv61xx.sys
20:15:27.0739 0196 mv61xx - ok
20:15:27.0770 0196 [ 38B4C95E821528FB91DF16A78E04450F ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
20:15:27.0770 0196 mv91xx - ok
20:15:27.0817 0196 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:15:27.0817 0196 napagent - ok
20:15:27.0848 0196 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:15:27.0848 0196 NativeWifiP - ok
20:15:27.0879 0196 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
20:15:27.0895 0196 NDIS - ok
20:15:27.0895 0196 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:15:27.0895 0196 NdisCap - ok
20:15:27.0910 0196 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:15:27.0910 0196 NdisTapi - ok
20:15:27.0941 0196 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:15:27.0941 0196 Ndisuio - ok
20:15:27.0973 0196 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:15:27.0988 0196 NdisWan - ok
20:15:28.0019 0196 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:15:28.0019 0196 NDProxy - ok
20:15:28.0035 0196 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:15:28.0035 0196 NetBIOS - ok
20:15:28.0097 0196 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:15:28.0097 0196 NetBT - ok
20:15:28.0113 0196 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:15:28.0113 0196 Netlogon - ok
20:15:28.0160 0196 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:15:28.0175 0196 Netman - ok
20:15:28.0191 0196 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:15:28.0191 0196 netprofm - ok
20:15:28.0222 0196 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:15:28.0222 0196 NetTcpPortSharing - ok
20:15:28.0238 0196 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:15:28.0238 0196 nfrd960 - ok
20:15:28.0316 0196 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:15:28.0316 0196 NlaSvc - ok
20:15:28.0456 0196 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
20:15:28.0456 0196 NMIndexingService - ok
20:15:28.0472 0196 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:15:28.0472 0196 Npfs - ok
20:15:28.0519 0196 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:15:28.0519 0196 nsi - ok
20:15:28.0534 0196 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:15:28.0534 0196 nsiproxy - ok
20:15:28.0784 0196 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:15:28.0784 0196 Ntfs - ok
20:15:28.0815 0196 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
20:15:28.0815 0196 NuidFltr - ok
20:15:28.0815 0196 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:15:28.0815 0196 Null - ok
20:15:28.0846 0196 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:15:28.0846 0196 NVHDA - ok
20:15:29.0548 0196 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:15:29.0595 0196 nvlddmkm - ok
20:15:29.0626 0196 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:15:29.0642 0196 nvraid - ok
20:15:29.0657 0196 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:15:29.0657 0196 nvstor - ok
20:15:29.0689 0196 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:15:29.0689 0196 nvsvc - ok
20:15:29.0782 0196 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:15:29.0798 0196 nvUpdatusService - ok
20:15:29.0813 0196 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:15:29.0813 0196 nv_agp - ok
20:15:29.0845 0196 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:15:29.0845 0196 ohci1394 - ok
20:15:29.0876 0196 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:15:29.0876 0196 p2pimsvc - ok
20:15:29.0969 0196 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:15:29.0969 0196 p2psvc - ok
20:15:30.0032 0196 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:15:30.0032 0196 Parport - ok
20:15:30.0063 0196 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:15:30.0063 0196 partmgr - ok
20:15:30.0079 0196 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:15:30.0079 0196 PcaSvc - ok
20:15:30.0110 0196 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:15:30.0110 0196 pci - ok
20:15:30.0141 0196 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:15:30.0141 0196 pciide - ok
20:15:30.0172 0196 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:15:30.0172 0196 pcmcia - ok
20:15:30.0203 0196 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:15:30.0203 0196 pcw - ok
20:15:30.0328 0196 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:15:30.0328 0196 PEAUTH - ok
20:15:30.0578 0196 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:15:30.0578 0196 PeerDistSvc - ok
20:15:30.0671 0196 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:15:30.0671 0196 PerfHost - ok
20:15:30.0781 0196 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:15:30.0781 0196 pla - ok
20:15:30.0812 0196 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:15:30.0812 0196 PlugPlay - ok
20:15:30.0843 0196 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:15:30.0843 0196 PNRPAutoReg - ok
20:15:30.0843 0196 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:15:30.0843 0196 PNRPsvc - ok
20:15:30.0890 0196 [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
20:15:30.0890 0196 Point64 - ok
20:15:30.0952 0196 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:15:30.0952 0196 PolicyAgent - ok
20:15:30.0983 0196 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:15:30.0983 0196 Power - ok
20:15:31.0015 0196 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:15:31.0015 0196 PptpMiniport - ok
20:15:31.0030 0196 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:15:31.0030 0196 Processor - ok
20:15:31.0093 0196 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:15:31.0093 0196 ProfSvc - ok
20:15:31.0108 0196 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:15:31.0108 0196 ProtectedStorage - ok
20:15:31.0155 0196 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:15:31.0171 0196 Psched - ok
20:15:31.0202 0196 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:15:31.0217 0196 ql2300 - ok
20:15:31.0233 0196 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:15:31.0233 0196 ql40xx - ok
20:15:31.0264 0196 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:15:31.0264 0196 QWAVE - ok
20:15:31.0280 0196 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:15:31.0280 0196 QWAVEdrv - ok
20:15:31.0295 0196 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:15:31.0295 0196 RasAcd - ok
20:15:31.0342 0196 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:15:31.0342 0196 RasAgileVpn - ok
20:15:31.0358 0196 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:15:31.0358 0196 RasAuto - ok
20:15:31.0405 0196 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:15:31.0405 0196 Rasl2tp - ok
20:15:31.0451 0196 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:15:31.0451 0196 RasMan - ok
20:15:31.0467 0196 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:15:31.0467 0196 RasPppoe - ok
20:15:31.0483 0196 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:15:31.0483 0196 RasSstp - ok
20:15:31.0529 0196 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:15:31.0529 0196 rdbss - ok
20:15:31.0545 0196 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:15:31.0545 0196 rdpbus - ok
20:15:31.0561 0196 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:15:31.0576 0196 RDPCDD - ok
20:15:31.0639 0196 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:15:31.0639 0196 RDPDR - ok
20:15:31.0701 0196 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:15:31.0701 0196 RDPENCDD - ok
20:15:31.0717 0196 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:15:31.0717 0196 RDPREFMP - ok
20:15:31.0795 0196 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:15:31.0795 0196 RdpVideoMiniport - ok
20:15:31.0826 0196 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:15:31.0841 0196 RDPWD - ok
20:15:31.0888 0196 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:15:31.0888 0196 rdyboost - ok
20:15:31.0935 0196 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:15:31.0935 0196 RemoteAccess - ok
20:15:31.0935 0196 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:15:31.0951 0196 RemoteRegistry - ok
20:15:31.0966 0196 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:15:31.0966 0196 RFCOMM - ok
20:15:31.0997 0196 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:15:31.0997 0196 RpcEptMapper - ok
20:15:32.0044 0196 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:15:32.0044 0196 RpcLocator - ok
20:15:32.0122 0196 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:15:32.0122 0196 RpcSs - ok
20:15:32.0138 0196 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:15:32.0138 0196 rspndr - ok
20:15:32.0169 0196 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:15:32.0169 0196 s3cap - ok
20:15:32.0169 0196 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:15:32.0169 0196 SamSs - ok
20:15:32.0185 0196 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:15:32.0185 0196 sbp2port - ok
20:15:32.0263 0196 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:15:32.0263 0196 SCardSvr - ok
20:15:32.0294 0196 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:15:32.0294 0196 scfilter - ok
20:15:32.0387 0196 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:15:32.0387 0196 Schedule - ok
20:15:32.0419 0196 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:15:32.0419 0196 SCPolicySvc - ok
20:15:32.0465 0196 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:15:32.0481 0196 SDRSVC - ok
20:15:32.0497 0196 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:15:32.0497 0196 secdrv - ok
20:15:32.0528 0196 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:15:32.0528 0196 seclogon - ok
20:15:32.0559 0196 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
20:15:32.0559 0196 SENS - ok
20:15:32.0606 0196 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:15:32.0606 0196 SensrSvc - ok
20:15:32.0621 0196 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:15:32.0621 0196 Serenum - ok
20:15:32.0637 0196 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:15:32.0637 0196 Serial - ok
20:15:32.0653 0196 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:15:32.0653 0196 sermouse - ok
20:15:32.0668 0196 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:15:32.0668 0196 SessionEnv - ok
20:15:32.0699 0196 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:15:32.0699 0196 sffdisk - ok
20:15:32.0715 0196 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:15:32.0715 0196 sffp_mmc - ok
20:15:32.0731 0196 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:15:32.0731 0196 sffp_sd - ok
20:15:32.0746 0196 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:15:32.0746 0196 sfloppy - ok
20:15:32.0793 0196 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:15:32.0793 0196 SharedAccess - ok
20:15:32.0840 0196 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:15:32.0840 0196 ShellHWDetection - ok
20:15:32.0855 0196 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:15:32.0855 0196 SiSRaid2 - ok
20:15:32.0871 0196 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:15:32.0871 0196 SiSRaid4 - ok
20:15:32.0933 0196 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:15:32.0933 0196 SkypeUpdate - ok
20:15:32.0965 0196 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
20:15:32.0965 0196 SmartDefragDriver - ok
20:15:32.0996 0196 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:15:32.0996 0196 Smb - ok
20:15:33.0043 0196 [ 32CDE417100C530964E79C53B4E994CA ] snapman C:\Windows\system32\DRIVERS\snapman.sys
20:15:33.0043 0196 snapman - ok
20:15:33.0074 0196 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:15:33.0089 0196 SNMPTRAP - ok
20:15:33.0121 0196 [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan C:\Windows\syswow64\speedfan.sys
20:15:33.0121 0196 speedfan - ok
20:15:33.0136 0196 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:15:33.0136 0196 spldr - ok
20:15:33.0152 0196 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:15:33.0152 0196 Spooler - ok
20:15:33.0885 0196 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:15:33.0885 0196 sppsvc - ok
20:15:33.0901 0196 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:15:33.0901 0196 sppuinotify - ok
20:15:33.0963 0196 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:15:33.0963 0196 srv - ok
20:15:34.0010 0196 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:15:34.0010 0196 srv2 - ok
20:15:34.0057 0196 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:15:34.0057 0196 srvnet - ok
20:15:34.0088 0196 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:15:34.0088 0196 SSDPSRV - ok
20:15:34.0103 0196 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:15:34.0103 0196 SstpSvc - ok
20:15:34.0150 0196 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:15:34.0150 0196 Stereo Service - ok
20:15:34.0166 0196 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:15:34.0166 0196 stexstor - ok
20:15:34.0275 0196 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:15:34.0291 0196 stisvc - ok
20:15:34.0322 0196 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:15:34.0322 0196 storflt - ok
20:15:34.0337 0196 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:15:34.0337 0196 storvsc - ok
20:15:34.0353 0196 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:15:34.0353 0196 swenum - ok
20:15:34.0400 0196 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:15:34.0400 0196 swprv - ok
20:15:34.0415 0196 Synth3dVsc - ok
20:15:34.0462 0196 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:15:34.0478 0196 SysMain - ok
20:15:34.0525 0196 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:15:34.0525 0196 TabletInputService - ok
20:15:34.0587 0196 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:15:34.0587 0196 TapiSrv - ok
20:15:34.0603 0196 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:15:34.0603 0196 TBS - ok
20:15:34.0696 0196 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:15:34.0712 0196 Tcpip - ok
20:15:34.0743 0196 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:15:34.0743 0196 TCPIP6 - ok
20:15:34.0790 0196 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:15:34.0790 0196 tcpipreg - ok
20:15:34.0805 0196 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:15:34.0805 0196 TDPIPE - ok
20:15:34.0852 0196 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:15:34.0868 0196 TDTCP - ok
20:15:34.0915 0196 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:15:34.0915 0196 tdx - ok
20:15:34.0930 0196 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:15:34.0930 0196 TermDD - ok
20:15:34.0961 0196 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:15:34.0961 0196 TermService - ok
20:15:34.0993 0196 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:15:34.0993 0196 Themes - ok
20:15:35.0039 0196 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:15:35.0039 0196 THREADORDER - ok
20:15:35.0071 0196 [ 6ADC063FD51F03EF0CAB3E716A725BD2 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
20:15:35.0086 0196 timounter - ok
20:15:35.0117 0196 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:15:35.0133 0196 TrkWks - ok
20:15:35.0195 0196 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:15:35.0195 0196 TrustedInstaller - ok
20:15:35.0227 0196 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:15:35.0227 0196 tssecsrv - ok
20:15:35.0227 0196 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:15:35.0242 0196 TsUsbFlt - ok
20:15:35.0258 0196 tsusbhub - ok
20:15:35.0305 0196 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:15:35.0305 0196 tunnel - ok
20:15:35.0367 0196 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:15:35.0367 0196 TurboB - ok
20:15:35.0507 0196 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:15:35.0507 0196 TurboBoost - ok
20:15:35.0554 0196 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:15:35.0554 0196 uagp35 - ok
20:15:35.0617 0196 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:15:35.0617 0196 udfs - ok
20:15:35.0663 0196 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:15:35.0663 0196 UI0Detect - ok
20:15:35.0679 0196 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:15:35.0679 0196 uliagpkx - ok
20:15:35.0710 0196 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:15:35.0710 0196 umbus - ok
20:15:35.0741 0196 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:15:35.0741 0196 UmPass - ok
20:15:35.0773 0196 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
20:15:35.0773 0196 UmRdpService - ok
20:15:35.0819 0196 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:15:35.0819 0196 upnphost - ok
20:15:35.0851 0196 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:15:35.0851 0196 usbaudio - ok
20:15:35.0882 0196 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:15:35.0882 0196 usbccgp - ok
20:15:35.0897 0196 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:15:35.0897 0196 usbcir - ok
20:15:35.0913 0196 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:15:35.0913 0196 usbehci - ok
20:15:35.0929 0196 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:15:35.0929 0196 usbhub - ok
20:15:35.0944 0196 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:15:35.0944 0196 usbohci - ok
20:15:35.0944 0196 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:15:35.0960 0196 usbprint - ok
20:15:35.0960 0196 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:15:35.0960 0196 USBSTOR - ok
20:15:35.0960 0196 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:15:35.0960 0196 usbuhci - ok
20:15:35.0975 0196 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:15:35.0975 0196 UxSms - ok
20:15:35.0991 0196 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:15:35.0991 0196 VaultSvc - ok
20:15:35.0991 0196 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:15:35.0991 0196 vdrvroot - ok
20:15:36.0022 0196 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:15:36.0038 0196 vds - ok
20:15:36.0053 0196 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:15:36.0053 0196 vga - ok
20:15:36.0053 0196 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:15:36.0053 0196 VgaSave - ok
20:15:36.0069 0196 VGPU - ok
20:15:36.0085 0196 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:15:36.0085 0196 vhdmp - ok
20:15:36.0116 0196 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:15:36.0116 0196 viaide - ok
20:15:36.0147 0196 [ 96A4F56CBBA3DCF5D90CDA1BC218D040 ] vididr C:\Windows\system32\DRIVERS\vididr.sys
20:15:36.0147 0196 vididr - ok
20:15:36.0178 0196 [ C69A784BEC737CD7460EBF3C3834D65E ] vidsflt53 C:\Windows\system32\DRIVERS\vsflt53.sys
20:15:36.0178 0196 vidsflt53 - ok
20:15:36.0194 0196 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:15:36.0194 0196 vmbus - ok
20:15:36.0209 0196 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:15:36.0209 0196 VMBusHID - ok
20:15:36.0225 0196 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:15:36.0225 0196 volmgr - ok
20:15:36.0272 0196 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:15:36.0272 0196 volmgrx - ok
20:15:36.0272 0196 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:15:36.0287 0196 volsnap - ok
20:15:36.0319 0196 [ 48BFA6276BCC0535F5F8898107ED489A ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
20:15:36.0319 0196 Vsdatant - ok
20:15:36.0350 0196 vsmon - ok
20:15:36.0381 0196 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:15:36.0381 0196 vsmraid - ok
20:15:36.0443 0196 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:15:36.0459 0196 VSS - ok
20:15:36.0475 0196 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:15:36.0475 0196 vwifibus - ok
20:15:36.0521 0196 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:15:36.0521 0196 W32Time - ok
20:15:36.0537 0196 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:15:36.0537 0196 WacomPen - ok
20:15:36.0568 0196 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:15:36.0568 0196 WANARP - ok
20:15:36.0584 0196 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:15:36.0584 0196 Wanarpv6 - ok
20:15:36.0724 0196 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:15:36.0724 0196 WatAdminSvc - ok
20:15:36.0880 0196 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:15:36.0880 0196 wbengine - ok
20:15:36.0911 0196 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:15:36.0911 0196 WbioSrvc - ok
20:15:36.0974 0196 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:15:36.0989 0196 wcncsvc - ok
20:15:36.0989 0196 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:15:36.0989 0196 WcsPlugInService - ok
20:15:37.0005 0196 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:15:37.0005 0196 Wd - ok
20:15:37.0036 0196 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:15:37.0052 0196 Wdf01000 - ok
20:15:37.0052 0196 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:15:37.0067 0196 WdiServiceHost - ok
20:15:37.0067 0196 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:15:37.0067 0196 WdiSystemHost - ok
20:15:37.0114 0196 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:15:37.0114 0196 WebClient - ok
20:15:37.0130 0196 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:15:37.0130 0196 Wecsvc - ok
20:15:37.0130 0196 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:15:37.0145 0196 wercplsupport - ok
20:15:37.0161 0196 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:15:37.0161 0196 WerSvc - ok
20:15:37.0177 0196 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:15:37.0177 0196 WfpLwf - ok
20:15:37.0270 0196 [ 1EF54B3220EBF3794439EB072B350F3E ] WHSConnector C:\Program Files\Windows Home Server\WHSConnector.exe
20:15:37.0270 0196 WHSConnector - ok
20:15:37.0286 0196 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:15:37.0286 0196 WIMMount - ok
20:15:37.0301 0196 WinDefend - ok
20:15:37.0301 0196 WinHttpAutoProxySvc - ok
20:15:37.0489 0196 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:15:37.0489 0196 Winmgmt - ok
20:15:37.0629 0196 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:15:37.0645 0196 WinRM - ok
20:15:37.0738 0196 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:15:37.0738 0196 Wlansvc - ok
20:15:37.0754 0196 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:15:37.0769 0196 WmiAcpi - ok
20:15:37.0785 0196 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:15:37.0801 0196 wmiApSrv - ok
20:15:37.0801 0196 WMPNetworkSvc - ok
20:15:37.0847 0196 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:15:37.0847 0196 WPCSvc - ok
20:15:37.0879 0196 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:15:37.0894 0196 WPDBusEnum - ok
20:15:37.0910 0196 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:15:37.0910 0196 ws2ifsl - ok
20:15:37.0957 0196 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
20:15:37.0957 0196 wscsvc - ok
20:15:37.0957 0196 WSearch - ok
20:15:38.0066 0196 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:15:38.0081 0196 wuauserv - ok
20:15:38.0113 0196 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:15:38.0113 0196 WudfPf - ok
20:15:38.0159 0196 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:15:38.0159 0196 WUDFRd - ok
20:15:38.0206 0196 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:15:38.0206 0196 wudfsvc - ok
20:15:38.0269 0196 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:15:38.0269 0196 WwanSvc - ok
20:15:38.0315 0196 [ 79D9CE9614C955DD31AA2556B4014662 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
20:15:38.0315 0196 yukonw7 - ok
20:15:38.0331 0196 ================ Scan global ===============================
20:15:38.0362 0196 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:15:38.0409 0196 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:15:38.0409 0196 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:15:38.0456 0196 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:15:38.0503 0196 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:15:38.0503 0196 [Global] - ok
20:15:38.0503 0196 ================ Scan MBR ==================================
20:15:38.0518 0196 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:15:38.0783 0196 \Device\Harddisk0\DR0 - ok
20:15:38.0799 0196 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:15:40.0952 0196 \Device\Harddisk1\DR1 - ok
20:15:40.0952 0196 ================ Scan VBR ==================================
20:15:40.0952 0196 [ DCC091EE54B419C7D94F2F899B85E420 ] \Device\Harddisk0\DR0\Partition1
20:15:40.0952 0196 \Device\Harddisk0\DR0\Partition1 - ok
20:15:40.0967 0196 [ AA93FE9515E74255D93A266DA945C374 ] \Device\Harddisk0\DR0\Partition2
20:15:40.0967 0196 \Device\Harddisk0\DR0\Partition2 - ok
20:15:40.0983 0196 [ C025F64F5DBD279C37656A7DC4E5CB53 ] \Device\Harddisk1\DR1\Partition1
20:15:41.0030 0196 \Device\Harddisk1\DR1\Partition1 - ok
20:15:41.0030 0196 ============================================================
20:15:41.0030 0196 Scan finished
20:15:41.0030 0196 ============================================================
20:15:41.0045 5124 Detected object count: 0
20:15:41.0045 5124 Actual detected object count: 0
20:16:36.0238 5536 Deinitialize success


aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-01 14:24:21
-----------------------------
14:24:21.483 OS Version: Windows x64 6.1.7601 Service Pack 1
14:24:21.483 Number of processors: 8 586 0x2A07
14:24:21.483 ComputerName: LAURADESK UserName: Laura
14:24:23.199 Initialize success
14:25:36.380 AVAST engine defs: 12090100
14:25:57.893 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:25:57.893 Disk 0 Vendor: WDC_WD1002FAEX-00Y9A0 05.01D05 Size: 953869MB BusType: 11
14:25:57.893 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
14:25:57.893 Disk 1 Vendor: WDC_WD2500JD-00HBB0 08.02D08 Size: 238475MB BusType: 11
14:25:57.908 Disk 0 MBR read successfully
14:25:57.924 Disk 0 MBR scan
14:25:57.940 Disk 0 Windows 7 default MBR code
14:25:57.940 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:25:57.955 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953753 MB offset 206848
14:25:57.971 Disk 0 scanning C:\Windows\system32\drivers
14:26:08.875 Service scanning
14:26:28.984 Modules scanning
14:26:28.984 Disk 0 trace - called modules:
14:26:28.999 ntoskrnl.exe CLASSPNP.SYS disk.sys vsflt53.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
14:26:29.015 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800dcf2790]
14:26:29.015 3 CLASSPNP.SYS[fffff88001d2743f] -> nt!IofCallDriver -> [0xfffffa800dc1be30]
14:26:29.015 5 vsflt53.sys[fffff88000db0cfd] -> nt!IofCallDriver -> [0xfffffa800d5f49b0]
14:26:29.030 7 ACPI.sys[fffff88000f8e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800d5f1060]
14:26:30.434 AVAST engine scan C:\Windows
14:26:35.426 AVAST engine scan C:\Windows\system32
14:30:21.159 AVAST engine scan C:\Windows\system32\drivers
14:30:52.936 AVAST engine scan C:\Users\Laura
14:31:50.095 File: C:\Users\Laura\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\13880d26-39bc665b **INFECTED** Win32:FakeSysdef-OX [Trj]
14:43:42.267 Disk 0 MBR has been saved successfully to "C:\Users\Laura\Desktop\MBR.dat"
14:43:42.267 The log file has been saved successfully to "C:\Users\Laura\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-01 20:17:54
-----------------------------
20:17:54.594 OS Version: Windows x64 6.1.7601 Service Pack 1
20:17:54.594 Number of processors: 8 586 0x2A07
20:17:54.594 ComputerName: LAURADESK UserName: Laura
20:17:55.639 Initialize success
20:19:00.871 AVAST engine defs: 12090101
20:20:28.730 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:20:28.730 Disk 0 Vendor: WDC_WD1002FAEX-00Y9A0 05.01D05 Size: 953869MB BusType: 11
20:20:28.730 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
20:20:28.730 Disk 1 Vendor: WDC_WD2500JD-00HBB0 08.02D08 Size: 238475MB BusType: 11
20:20:28.746 Disk 0 MBR read successfully
20:20:28.746 Disk 0 MBR scan
20:20:28.762 Disk 0 Windows 7 default MBR code
20:20:28.762 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:20:28.777 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953753 MB offset 206848
20:20:28.808 Disk 0 scanning C:\Windows\system32\drivers
20:20:44.159 Service scanning
20:21:03.924 Modules scanning
20:21:03.924 Disk 0 trace - called modules:
20:21:04.455 ntoskrnl.exe CLASSPNP.SYS disk.sys vsflt53.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
20:21:04.455 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800dcd4790]
20:21:04.455 3 CLASSPNP.SYS[fffff88001db243f] -> nt!IofCallDriver -> [0xfffffa800dbfedb0]
20:21:04.470 5 vsflt53.sys[fffff88000db3cfd] -> nt!IofCallDriver -> [0xfffffa800d5c8120]
20:21:04.470 7 ACPI.sys[fffff88000f7e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800d5d4060]
20:21:06.436 AVAST engine scan C:\Windows
20:21:22.098 AVAST engine scan C:\Windows\system32
20:25:02.729 AVAST engine scan C:\Windows\system32\drivers
20:25:24.476 AVAST engine scan C:\Users\Laura
20:45:24.062 AVAST engine scan C:\ProgramData
20:52:59.646 Scan finished successfully
20:58:44.827 Disk 0 MBR has been saved successfully to "C:\Users\Laura\Desktop\MBR.dat"
20:58:44.843 The log file has been saved successfully to "C:\Users\Laura\Desktop\aswMBR.txt"


ESET Online Scanner

C:\Program Files (x86)\HyperCam Toolbar\UninstallToolbar.exe Win32/Somoto application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Laura\AppData\Roaming\uapif.dll.vir a variant of Win32/Medfos.CV trojan cleaned by deleting - quarantined
C:\Users\Laura\AppData\Local\{A9BD39B9-F168-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\Laura\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\21fd44ba-2faf680f Java/Exploit.CVE-2012-4681.K trojan cleaned by deleting - quarantined
C:\Users\Laura\Documents\EuropeTrip2010\Miro_Installer.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Laura\L3DT\Downloads\Classic Frames Pack Setup 1.0.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Laura\L3DT\Downloads\cnet_timeleft_cn_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Laura\L3DT\Downloads\gamebooster(1).exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\Laura\L3DT\Downloads\HC2Setup(2).exe Win32/Somoto application deleted - quarantined
C:\Users\Laura\L3DT\Downloads\HC2Setup.exe Win32/Somoto application deleted - quarantined
C:\Users\Laura\L3DT\Downloads\Miro_Installer(2).exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Laura\L3DT\Downloads\Miro_Installer.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Laura\L3DT\Downloads\photopospro_setup.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Laura\L3DT\Downloads\{Sims_downloader_411b.exe a variant of Win32/ExpressFiles application cleaned by deleting - quarantined
C:\Users\Laura\L3DT\Downloads\{Sims_Store_20th_Update.7z}_downloader_411b.exe a variant of Win32/ExpressFiles application cleaned by deleting - quarantined


I look forward to your analysis and recommendations

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 02 September 2012 - 08:11 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

Edited by narenxp, 02 September 2012 - 08:11 AM.


#5 Dennis59

Dennis59
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:38 AM

Posted 02 September 2012 - 02:17 PM

The requested information follows

Malware Bytes:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.02.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Laura :: LAURADESK [administrator]

9/2/2012 10:05:00 AM
mbam-log-2012-09-02 (10-05-00).txt

Scan type: Full scan (C:\|E:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 922297
Time elapsed: 3 hour(s), 45 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Mini Toolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by Laura (administrator) on 02-09-2012 at 15:00:28
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "127.0.0.1"
"network.proxy.http_port", 50202

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

192.168.1.100 watregames.dyndns.org


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82579V Gigabit Network Connection = Local Area Connection 3 (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 2 (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : LauraDesk
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : F4-6D-04-4F-D8-A8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9d95:6fd6:ae0d:297a%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.14(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, September 02, 2012 9:29:00 AM
Lease Expires . . . . . . . . . . : Monday, September 03, 2012 9:29:00 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 318008580
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-C7-E8-94-90-E6-BA-5C-DA-FA
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F9833AE9-1AB6-405F-A512-AC08702BA904}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2861:2584:b747:d56c(Preferred)
Link-local IPv6 Address . . . . . : fe80::2861:2584:b747:d56c%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2001:4860:800a::8b
74.125.45.101
74.125.45.102
74.125.45.113
74.125.45.138
74.125.45.139
74.125.45.100


Pinging google.com [74.125.45.100] with 32 bytes of data:
Reply from 74.125.45.100: bytes=32 time=204ms TTL=49
Reply from 74.125.45.100: bytes=32 time=180ms TTL=49

Ping statistics for 74.125.45.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 180ms, Maximum = 204ms, Average = 192ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=264ms TTL=45
Reply from 98.138.253.109: bytes=32 time=247ms TTL=46

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 247ms, Maximum = 264ms, Average = 255ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...f4 6d 04 4f d8 a8 ......Intel® 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.14 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.14 276
192.168.1.14 255.255.255.255 On-link 192.168.1.14 276
192.168.1.255 255.255.255.255 On-link 192.168.1.14 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.14 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.14 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 58 ::/0 On-link
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:4137:9e76:2861:2584:b747:d56c/128
On-link
13 276 fe80::/64 On-link
19 306 fe80::/64 On-link
19 306 fe80::2861:2584:b747:d56c/128
On-link
13 276 fe80::9d95:6fd6:ae0d:297a/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
13 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 17 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 18 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 19 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/02/2012 09:01:48 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/02/2012 02:23:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/02/2012 02:23:43 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/02/2012 02:22:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/02/2012 02:21:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/01/2012 09:06:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/01/2012 09:06:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/01/2012 09:06:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/01/2012 08:59:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/01/2012 08:59:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/02/2012 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (09/02/2012 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (09/02/2012 09:29:48 AM) (Source: Service Control Manager) (User: )
Description: The Windows Media Center TV Archive Transfer Service service failed to start due to the following error:
%%1053

Error: (09/02/2012 09:29:48 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Media Center TV Archive Transfer Service service to connect.

Error: (09/02/2012 09:24:18 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (09/02/2012 09:24:18 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (09/02/2012 09:04:08 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (09/02/2012 09:04:08 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (09/02/2012 09:00:32 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:58:43 AM on ?9/?2/?2012 was unexpected.

Error: (09/01/2012 08:09:28 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069


Microsoft Office Sessions:
=========================
Error: (09/02/2012 09:01:48 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Laura\Desktop\esetsmartinstaller_enu.exe

Error: (09/02/2012 02:23:47 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Laura\Desktop\esetsmartinstaller_enu.exe

Error: (09/02/2012 02:23:43 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Laura\Desktop\esetsmartinstaller_enu.exe

Error: (09/02/2012 02:22:47 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/02/2012 02:21:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe

Error: (09/01/2012 09:06:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Laura\Desktop\esetsmartinstaller_enu.exe

Error: (09/01/2012 09:06:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Laura\Desktop\esetsmartinstaller_enu.exe

Error: (09/01/2012 09:06:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Laura\Desktop\esetsmartinstaller_enu.exe

Error: (09/01/2012 08:59:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Laura\Desktop\esetsmartinstaller_enu.exe

Error: (09/01/2012 08:59:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Laura\Desktop\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

µTorrent (Version: 3.2.0)
3D Photo Browser 10.61 (Version: 10.61)
7-Zip 9.20
AC3D 6.7.15a
Acronis True Image WD Edition (Version: 13.0.14157)
Adobe AIR (Version: 3.1.0.4880)
Adobe Download Manager (Version: 1.6.2.63)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Amazon Kindle
Amazon MP3 Downloader 1.0.12 (Version: 1.0.12)
Android SDK Tools (Version: 1.16)
Animeeple 0.4.18 (Version: 0.4.18)
AnyBizSoft PDF to Word (Build 3.0.0)
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.2.0.47)
Apple Software Update (Version: 2.1.3.127)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.4.5.0)
Avira Internet Security 2012 (Version: 12.0.0.1127)
Big Fish Games: Game Manager (Version: 3.0.1.60)
BitTorrent (Version: 7.5.0)
BitTorrentControl_v12 Toolbar (Version: 6.9.0.16)
Blender (remove only)
Bluetooth Win7 Suite (64) (Version: 7.2.0.40)
Bonjour (Version: 2.0.3.0)
Brother HL-4040CN (Version: 1.00)
Brother MFL-Pro Suite MFC-465CN (Version: 1.0.2.0)
bvhacker (Version: 1.7.003)
Caeril (remove only)
CC Magic
CC3 (Version: 3.0)
CCleaner (Version: 3.22)
Chronicles of Mystery: The Scorpio Ritual
City Designer 3 (Version: 3.22)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CutePDF Writer 2.8
DDS Thumbnail Viewer (Version: 1.00.000)
Debugging Tools for Windows (x64) (Version: 6.11.1.404)
Defraggler (Version: 2.10)
Drawn: Dark Flight &reg;
Driver Sweeper 2.1.0
DSQTweaker 1.5
Duplicate Cleaner 2.1b (Version: 2.1b)
ESET Online Scanner v3
Explorer Suite III
Game Booster (Version: 2.3.0.0)
Google Earth (Version: 6.1.0.5001)
Google SketchUp 8 (Version: 3.0.4811)
Google Update Helper (Version: 1.3.21.115)
Halloween Sound Machine - Indoor (Version: 2007)
HP Data Vault 3.1 (x64) (Version: 3.1.1.34819)
HP Update (Version: 4.000.011.006)
HyperCam 2
HyperCam Toolbar
Imagelys Picture Styles 6.3
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
IrfanView (remove only) (Version: 4.32)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
JMicron JMB36X Driver (Version: 1.17.58.2)
KaraFun Player (Version: 1.20.86.771)
Kiran's Typing Tutor 1.0 (Version: 1.0)
Launchpad Enhanced (Version: 0.05.000)
LeapFrog Connect (Version: 3.2.19.13664)
LeapFrog LeapPad Explorer Plugin (Version: 3.2.22.13714)
Legacy 7.5 (Version: 7.5 )
LightScribe System Software (Version: 1.18.2.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
marvell 91xx driver (Version: 1.0.0.1051)
Marvell Miniport Driver (Version: 11.10.5.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Corporation (Version: 9.0.30729.1)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft LifeCam (Version: 3.0.215.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows SDK for Windows 7 (7.0) (Version: 7.0.40715)
Microsoft Windows SDK for Windows 7 (7.0) (Version: 7.0.7600.16385.40715)
Microsoft Windows SDK for Windows 7 Common Utilities (40715) (Version: 7.0.40715)
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (40715) (Version: 7.0.40715)
Microsoft Windows SDK Intellisense and Reference Assemblies (40715) (Version: 7.0.40715)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MilkShape 3D 1.8.4 (Version: 1.8.4)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
Mozilla Maintenance Service (Version: 18.0a1)
Mozilla Thunderbird 15.0 (x86 en-US) (Version: 15.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery Trackers: The Void
MysticThumbs (Version: 1.9.8)
Nero 8 Essentials (Version: 8.3.569)
neroxml (Version: 1.0.0)
Nightly 18.0a1 (x86 en-US) (Version: 18.0a1)
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0142)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
O3D Extras (Version: 0.1.1.0)
O3D Plugin (Version: 0.1.42.3)
OpenOffice.org 3.3 (Version: 3.3.9567)
Origin (Version: 8.2.2.2413)
Paint.NET v3.5.10 (Version: 3.60.0)
Pando Media Booster (Version: 2.3.6.0)
Photo Pos Pro (Version: 1.87)
Photo Pos Pro Classic Frames Pack (Version: 1.0)
Photopos Toolbar (Remove Toolbar Only)
Photopos Toolbar (Version: 3.1.0.1)
Pidgin (Version: 2.7.11)
PlayOn (Version: 3.5.12)
PVSonyDll (Version: 1.00.0001)
Python 2.6.6 (Version: 2.6.6150)
QuickTime (Version: 7.70.80.34)
Rosetta Stone Version 3 (Version: 3.4.5.0)
Royal Envoy 2 Collector's Edition
Royal Envoy Collector's Edition
s3pe - Sims3 Package Editor (Version: 12-0317-0944)
SageThumbs 2.0.0.12 (Version: 2.0.0.12)
ShaderMap Pro 1.3.1
Sims3 Object Cloner
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
Smart Defrag 2 (Version: 2.3)
SoundMAX (Version: 6.10.2.6585)
Spybot - Search & Destroy (Version: 1.6.2)
Star Wars Galaxies (Version: 1.00.000)
swMSM (Version: 12.0.0.1)
System Requirements Lab CYRI (Version: 4.5.1.0)
System Requirements Lab for Intel (Version: 4.5.3.0)
The Sims™ 3 (Version: 1.36.45)
The Sims™ 3 Ambitions (Version: 4.10.1)
The Sims™ 3 Create a World Tool - Beta (Version: 1.18.3)
The Sims™ 3 Diesel Stuff (Version: 14.0.48)
The Sims™ 3 Fast Lane Stuff (Version: 5.8.1)
The Sims™ 3 Generations (Version: 8.0.152)
The Sims™ 3 High-End Loft Stuff (Version: 3.13.1)
The Sims™ 3 Late Night (Version: 6.5.1)
The Sims™ 3 Master Suite Stuff (Version: 11.0.84)
The Sims™ 3 Outdoor Living Stuff (Version: 7.3.2)
The Sims™ 3 Pets (Version: 10.0.96)
The Sims™ 3 Showtime (Version: 12.0.273)
The Sims™ 3 Town Life Stuff (Version: 9.0.73)
The Sims™ 3 World Adventures (Version: 2.17.2)
TimeLeft Deluxe (Version: 3.57)
Torque ShowTool Pro 1.04 (remove only)
Torsion 1.1.392
TortoiseSVN 1.6.8.19260 (64 bit) (Version: 1.6.19260)
Trent's Halloween Sound Machine 0.9.0b (Version: 0.9.0b)
TS3 Custom Launcher
TSR Launcher (Version: 1.0)
TSR Merlin (Version: 1.0.1)
TSR RigFix (Version: 1.0.10)
Ultimate Unwrap3D 2.50.13 Demo (Version: 2.50.13)
Unity (Version: )
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
uTorrentControl_v2 Toolbar (Version: 6.9.0.16)
Vanguard
VCRedistSetup (Version: 1.0.0)
Virtual Villagers: The Secret City
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Home Server Connector (Version: 6.0.3436.0)
Windows SDK Intellidocs (Version: 9.0.30729)
WinRAR archiver
WinZip 14.0 (Version: 14.0.8688)
Wondershare MobileGo for Android ( Version 2.0.1 ) (Version: 2.0.1)
x264vfw - H.264/MPEG-4 AVC codec (remove only)
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only)
Xirrus Wi-Fi Inspector (Version: 1.2.1.4)
xNormal 3.17.4
Xvid 1.2.2 final uninstall (Version: 1.2)
Zworldo (remove only)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 16360.91 MB
Available physical RAM: 11636.1 MB
Total Pagefile: 32720.01 MB
Available Pagefile: 28331.07 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.8 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.4 GB) (Free:422.54 GB) NTFS
2 Drive e: (New Volume) (Fixed) (Total:232.88 GB) (Free:5.33 GB) NTFS

========================= Users: ========================================

User accounts for \\LAURADESK

Administrator Guest Laura
UpdatusUser


**** End of log ****


FSS

Farbar Service Scanner Version: 06-08-2012
Ran by Laura (administrator) on 02-09-2012 at 15:02:47
Running from "C:\Users\Laura\L3DT\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Adware Cleaner

# AdwCleaner v2.000 - Logfile created 09/02/2012 at 15:05:29
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Laura - LAURADESK
# Boot Mode : Normal
# Running from : C:\Users\Laura\L3DT\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\BitTorrentControl_v12
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\HyperCam Toolbar
Folder Found : C:\Program Files (x86)\uTorrentControl_v2
Folder Found : C:\Users\Laura\AppData\Local\Conduit
Folder Found : C:\Users\Laura\AppData\LocalLow\BitTorrentControl_v12
Folder Found : C:\Users\Laura\AppData\LocalLow\Conduit
Folder Found : C:\Users\Laura\AppData\LocalLow\Toolbar4
Folder Found : C:\Users\Laura\AppData\LocalLow\uTorrentControl_v2
Folder Found : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\94bdb7t4.default\CT3220468
Folder Found : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\94bdb7t4.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Folder Found : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\94bdb7t4.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Folder Found : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\94bdb7t4.default\Smartbar

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Somoto Toolbar
Key Found : HKLM\Software\BitTorrentControl_v12
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Found : HKLM\Software\uTorrentControl_v2
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0770F30A-C1CC-4501-A32D-CEB37C62127C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12A68BA2-9261-4F66-B738-AE5EFA1CFCCD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B3C4286-883F-4F1A-B8B4-6FB95D2B6A8E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD48BDEA-6EF2-40D6-9A7D-84CF08EC510F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentControl_v12 Toolbar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v11.0 (en-US)

Profile name : default
File : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\94bdb7t4.default\prefs.js

Found : user_pref("CT3220468.129813684259252248.APP_WIN_FEATURES", "resizable=0,saveresizedsize=0,titlebar=0[...]
Found : user_pref("CT3220468.BT_Stats", "{\"last_log\":1345182923,\"uuid\":961625474110476,\"seq_id\":1,\"ss[...]
Found : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT3220468.FirstTime", "true");
Found : user_pref("CT3220468.FirstTimeFF3", "true");
Found : user_pref("CT3220468.UserID", "UN33961437881780887");
Found : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT3220468.autoDisableScopes", 10);
Found : user_pref("CT3220468.cbcountry_001", "US");
Found : user_pref("CT3220468.cbfirsttime", "Fri Aug 17 2012 01:55:23 GMT-0400 (Eastern Daylight Time)");
Found : user_pref("CT3220468.defaultSearch", "FALSE");
Found : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT3220468.enableAlerts", "always");
Found : user_pref("CT3220468.enableSearchFromAddressBar", "FALSE");
Found : user_pref("CT3220468.firstTimeDialogOpened", "true");
Found : user_pref("CT3220468.fixPageNotFoundError", "true");
Found : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT3220468.fixUrls", true);
Found : user_pref("CT3220468.installId", "fft66B1.tmp.exe");
Found : user_pref("CT3220468.installType", "XPE");
Found : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3220468.isNewTabEnabled", true);
Found : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Found : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Found : user_pref("CT3220468.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FR[...]
Found : user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Found : user_pref("CT3220468.openThankYouPage", "true");
Found : user_pref("CT3220468.openUninstallPage", "FALSE");
Found : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Found : user_pref("CT3220468.search.searchCount", "0");
Found : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT3220468.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Found : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1345182922398");
Found : user_pref("CT3220468.serviceLayer_services_appTracking_lastUpdate", "1345182922881");
Found : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1345182921733");
Found : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1345182921564");
Found : user_pref("CT3220468.serviceLayer_services_login_10.10.20.14_lastUpdate", "1345211723789");
Found : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1345182922729");
Found : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1345175718269");
Found : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1345185658936");
Found : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1345182922847");
Found : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1345211722094");
Found : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1345185659497");
Found : user_pref("CT3220468.settingsINI", true);
Found : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Found : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Found : user_pref("CT3220468.smartbar.Uninstall", "0");
Found : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Found : user_pref("CT3220468.toolbarBornServerTime", "17-8-2012");
Found : user_pref("CT3220468.toolbarCurrentServerTime", "17-8-2012");
Found : user_pref("CT3220468.toolbarDisabled", "true");
Found : user_pref("CT3220468.url_history0001", "hxxp://talkingpointsmemo.com/:::clickhandler:::1345213854248[...]
Found : user_pref("CT3225826.autoDisableScopes", -1);
Found : user_pref("browser.search.selectedEngine", "Search The Web");

*************************

AdwCleaner[R1].txt - [14442 octets] - [02/09/2012 15:05:29]

########## EOF - C:\AdwCleaner[R1].txt - [14503 octets] ##########



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 02 September 2012 - 10:04 PM

Download

adware cleaner

Launch it click on Delete

post the generated log


Previously you clicked on SEARCH.Do not click on search,click on DELETE option and post the new log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 Dennis59

Dennis59
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:38 AM

Posted 02 September 2012 - 11:09 PM

Sorry, posted the wrong log. Here is the correct one.

# AdwCleaner v2.000 - Logfile created 09/02/2012 at 15:09:00
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Laura - LAURADESK
# Boot Mode : Normal
# Running from : C:\Users\Laura\L3DT\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\BitTorrentControl_v12
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\HyperCam Toolbar
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v2
Folder Deleted : C:\Users\Laura\AppData\Local\Conduit
Folder Deleted : C:\Users\Laura\AppData\LocalLow\BitTorrentControl_v12
Folder Deleted : C:\Users\Laura\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Laura\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Laura\AppData\LocalLow\uTorrentControl_v2
Folder Deleted : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\94bdb7t4.default\CT3220468
Folder Deleted : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\94bdb7t4.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Folder Deleted : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\94bdb7t4.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Folder Deleted : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\94bdb7t4.default\Smartbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKLM\Software\BitTorrentControl_v12
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0770F30A-C1CC-4501-A32D-CEB37C62127C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12A68BA2-9261-4F66-B738-AE5EFA1CFCCD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B3C4286-883F-4F1A-B8B4-6FB95D2B6A8E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD48BDEA-6EF2-40D6-9A7D-84CF08EC510F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentControl_v12 Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v11.0 (en-US)

Profile name : default
File : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\94bdb7t4.default\prefs.js

Deleted : user_pref("CT3220468.129813684259252248.APP_WIN_FEATURES", "resizable=0,saveresizedsize=0,titlebar=0[...]
Deleted : user_pref("CT3220468.BT_Stats", "{\"last_log\":1345182923,\"uuid\":961625474110476,\"seq_id\":1,\"ss[...]
Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3220468.FirstTime", "true");
Deleted : user_pref("CT3220468.FirstTimeFF3", "true");
Deleted : user_pref("CT3220468.UserID", "UN33961437881780887");
Deleted : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3220468.autoDisableScopes", 10);
Deleted : user_pref("CT3220468.cbcountry_001", "US");
Deleted : user_pref("CT3220468.cbfirsttime", "Fri Aug 17 2012 01:55:23 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT3220468.defaultSearch", "FALSE");
Deleted : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3220468.enableAlerts", "always");
Deleted : user_pref("CT3220468.enableSearchFromAddressBar", "FALSE");
Deleted : user_pref("CT3220468.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3220468.fixPageNotFoundError", "true");
Deleted : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3220468.fixUrls", true);
Deleted : user_pref("CT3220468.installId", "fft66B1.tmp.exe");
Deleted : user_pref("CT3220468.installType", "XPE");
Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.isNewTabEnabled", true);
Deleted : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FR[...]
Deleted : user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.openThankYouPage", "true");
Deleted : user_pref("CT3220468.openUninstallPage", "FALSE");
Deleted : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Deleted : user_pref("CT3220468.search.searchCount", "0");
Deleted : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3220468.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1345182922398");
Deleted : user_pref("CT3220468.serviceLayer_services_appTracking_lastUpdate", "1345182922881");
Deleted : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1345182921733");
Deleted : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1345182921564");
Deleted : user_pref("CT3220468.serviceLayer_services_login_10.10.20.14_lastUpdate", "1345211723789");
Deleted : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1345182922729");
Deleted : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1345175718269");
Deleted : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1345185658936");
Deleted : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1345182922847");
Deleted : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1345211722094");
Deleted : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1345185659497");
Deleted : user_pref("CT3220468.settingsINI", true);
Deleted : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Deleted : user_pref("CT3220468.smartbar.Uninstall", "0");
Deleted : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Deleted : user_pref("CT3220468.toolbarBornServerTime", "17-8-2012");
Deleted : user_pref("CT3220468.toolbarCurrentServerTime", "17-8-2012");
Deleted : user_pref("CT3220468.toolbarDisabled", "true");
Deleted : user_pref("CT3220468.url_history0001", "hxxp://talkingpointsmemo.com/:::clickhandler:::1345213854248[...]
Deleted : user_pref("CT3225826.autoDisableScopes", -1);
Deleted : user_pref("browser.search.selectedEngine", "Search The Web");

*************************

AdwCleaner[R1].txt - [14557 octets] - [02/09/2012 15:05:29]
AdwCleaner[S2].txt - [15180 octets] - [02/09/2012 15:09:00]

########## EOF - C:\AdwCleaner[S2].txt - [15241 octets] ##########



Here is running again with delete.

# AdwCleaner v2.000 - Logfile created 09/02/2012 at 23:55:59
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Laura - LAURADESK
# Boot Mode : Normal
# Running from : C:\Users\Laura\L3DT\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v11.0 (en-US)

Profile name : default
File : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\94bdb7t4.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [14557 octets] - [02/09/2012 15:05:29]
AdwCleaner[S2].txt - [15295 octets] - [02/09/2012 15:09:00]
AdwCleaner[S3].txt - [793 octets] - [02/09/2012 23:55:59]

########## EOF - C:\AdwCleaner[S3].txt - [852 octets] ##########



Here is a log after running the RKill program.

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/03/2012 12:06:04 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.com "@" has been changed to ComFile!
* HKLM\Software\Classes\.com "@" was reset to comfile!


Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Background Intelligent Transfer Service (BITS) is not Running.
Startup Type set to: Manual

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* gpsvc => %windir%\system32\svchost.exe -k GPSvcGroup [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/03/2012 12:06:49 AM
Execution time: 0 hours(s), 0 minute(s), and 44 seconds(s)



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 02 September 2012 - 11:23 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 Dennis59

Dennis59
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:38 AM

Posted 02 September 2012 - 11:30 PM

Narenxp, thank you for your help! We couldn't have done it without you.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 02 September 2012 - 11:41 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users