Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I still have the google redirect virus.


  • Please log in to reply
7 replies to this topic

#1 Zaros

Zaros

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 03 September 2012 - 11:09 AM

I just want to get rid of it, I can't take it anymore, and last time nobody helped me on how to get rid of it. Somebody help please, and thank you.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:07 PM

Posted 03 September 2012 - 11:13 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Zaros

Zaros
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 03 September 2012 - 03:51 PM

Here's the TDSS log:

12:17:28.0623 2348 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
12:17:28.0904 2348 ============================================================
12:17:28.0904 2348 Current date / time: 2012/09/03 12:17:28.0904
12:17:28.0904 2348 SystemInfo:
12:17:28.0904 2348
12:17:28.0904 2348 OS Version: 6.1.7601 ServicePack: 1.0
12:17:28.0904 2348 Product type: Workstation
12:17:28.0904 2348 ComputerName: DANIEL-PC
12:17:28.0904 2348 UserName: Daniel
12:17:28.0904 2348 Windows directory: C:\Windows
12:17:28.0904 2348 System windows directory: C:\Windows
12:17:28.0904 2348 Running under WOW64
12:17:28.0904 2348 Processor architecture: Intel x64
12:17:28.0904 2348 Number of processors: 8
12:17:28.0904 2348 Page size: 0x1000
12:17:28.0904 2348 Boot type: Normal boot
12:17:28.0904 2348 ============================================================
12:17:29.0774 2348 Drive \Device\Harddisk0\DR0 - Size: 0x15D51500000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C882, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:17:29.0780 2348 ============================================================
12:17:29.0780 2348 \Device\Harddisk0\DR0:
12:17:29.0780 2348 MBR partitions:
12:17:29.0780 2348 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1177000
12:17:29.0780 2348 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x118B000, BlocksNum 0xAD8FF000
12:17:29.0780 2348 ============================================================
12:17:29.0807 2348 C: <-> \Device\Harddisk0\DR0\Partition2
12:17:29.0807 2348 ============================================================
12:17:29.0807 2348 Initialize success
12:17:29.0807 2348 ============================================================
12:17:32.0048 1524 ============================================================
12:17:32.0048 1524 Scan started
12:17:32.0048 1524 Mode: Manual;
12:17:32.0048 1524 ============================================================
12:17:32.0684 1524 ================ Scan system memory ========================
12:17:32.0684 1524 System memory - ok
12:17:32.0685 1524 ================ Scan services =============================
12:17:32.0815 1524 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:17:32.0817 1524 1394ohci - ok
12:17:32.0848 1524 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:17:32.0851 1524 ACPI - ok
12:17:32.0885 1524 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:17:32.0887 1524 AcpiPmi - ok
12:17:33.0011 1524 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:17:33.0085 1524 AdobeFlashPlayerUpdateSvc - ok
12:17:33.0131 1524 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:17:33.0153 1524 adp94xx - ok
12:17:33.0172 1524 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:17:33.0174 1524 adpahci - ok
12:17:33.0189 1524 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:17:33.0197 1524 adpu320 - ok
12:17:33.0212 1524 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:17:33.0213 1524 AeLookupSvc - ok
12:17:33.0240 1524 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:17:33.0244 1524 AFD - ok
12:17:33.0269 1524 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:17:33.0288 1524 agp440 - ok
12:17:33.0306 1524 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:17:33.0315 1524 ALG - ok
12:17:33.0364 1524 [ CE91B46DA6D4199655FDF330373920D7 ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe
12:17:33.0364 1524 AlienFusionService - ok
12:17:33.0372 1524 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:17:33.0373 1524 aliide - ok
12:17:33.0384 1524 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:17:33.0392 1524 amdide - ok
12:17:33.0407 1524 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:17:33.0415 1524 AmdK8 - ok
12:17:33.0437 1524 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:17:33.0446 1524 AmdPPM - ok
12:17:33.0470 1524 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:17:33.0483 1524 amdsata - ok
12:17:33.0501 1524 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:17:33.0509 1524 amdsbs - ok
12:17:33.0522 1524 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:17:33.0522 1524 amdxata - ok
12:17:33.0577 1524 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:17:33.0605 1524 AppID - ok
12:17:33.0618 1524 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:17:33.0620 1524 AppIDSvc - ok
12:17:33.0702 1524 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:17:33.0703 1524 Appinfo - ok
12:17:33.0800 1524 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:17:33.0802 1524 Apple Mobile Device - ok
12:17:33.0815 1524 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:17:33.0818 1524 arc - ok
12:17:33.0833 1524 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:17:33.0842 1524 arcsas - ok
12:17:33.0860 1524 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:17:33.0862 1524 AsyncMac - ok
12:17:33.0877 1524 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:17:33.0885 1524 atapi - ok
12:17:33.0935 1524 [ 195786ED7A26E1913A4F9799FDBC2C71 ] athr C:\Windows\system32\DRIVERS\athrx.sys
12:17:33.0945 1524 athr - ok
12:17:33.0978 1524 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:17:33.0981 1524 AudioEndpointBuilder - ok
12:17:33.0987 1524 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:17:33.0990 1524 AudioSrv - ok
12:17:34.0005 1524 [ 5B64B0D162AABDE795B3F7A7234F2FE1 ] AWOPFilterDriver C:\Windows\system32\drivers\AWOPFilterDriver.sys
12:17:34.0005 1524 AWOPFilterDriver - ok
12:17:34.0033 1524 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:17:34.0035 1524 AxInstSV - ok
12:17:34.0064 1524 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:17:34.0108 1524 b06bdrv - ok
12:17:34.0124 1524 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:17:34.0126 1524 b57nd60a - ok
12:17:34.0142 1524 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:17:34.0145 1524 BDESVC - ok
12:17:34.0164 1524 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:17:34.0172 1524 Beep - ok
12:17:34.0196 1524 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:17:34.0201 1524 BFE - ok
12:17:34.0368 1524 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120823.007\BHDrvx64.sys
12:17:34.0373 1524 BHDrvx64 - ok
12:17:34.0393 1524 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:17:34.0398 1524 BITS - ok
12:17:34.0406 1524 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:17:34.0407 1524 blbdrive - ok
12:17:34.0470 1524 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:17:34.0473 1524 Bonjour Service - ok
12:17:34.0498 1524 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:17:34.0504 1524 bowser - ok
12:17:34.0528 1524 [ CD6D4B6583F56F03F9C6971CFF159314 ] BPowMon C:\Program Files\Broadcom\BPowMon\BPowMon.exe
12:17:34.0530 1524 BPowMon - ok
12:17:34.0541 1524 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:17:34.0542 1524 BrFiltLo - ok
12:17:34.0554 1524 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:17:34.0563 1524 BrFiltUp - ok
12:17:34.0592 1524 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:17:34.0593 1524 Browser - ok
12:17:34.0605 1524 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:17:34.0608 1524 Brserid - ok
12:17:34.0631 1524 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:17:34.0639 1524 BrSerWdm - ok
12:17:34.0645 1524 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:17:34.0654 1524 BrUsbMdm - ok
12:17:34.0660 1524 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:17:34.0662 1524 BrUsbSer - ok
12:17:34.0675 1524 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:17:34.0678 1524 BTHMODEM - ok
12:17:34.0696 1524 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:17:34.0704 1524 bthserv - ok
12:17:34.0718 1524 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:17:34.0720 1524 cdfs - ok
12:17:34.0747 1524 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:17:34.0752 1524 cdrom - ok
12:17:34.0771 1524 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:17:34.0780 1524 CertPropSvc - ok
12:17:34.0789 1524 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:17:34.0797 1524 circlass - ok
12:17:34.0828 1524 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:17:34.0830 1524 CLFS - ok
12:17:34.0875 1524 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:17:34.0878 1524 clr_optimization_v2.0.50727_32 - ok
12:17:34.0936 1524 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:17:34.0938 1524 clr_optimization_v2.0.50727_64 - ok
12:17:35.0026 1524 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:17:35.0029 1524 clr_optimization_v4.0.30319_32 - ok
12:17:35.0082 1524 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:17:35.0084 1524 clr_optimization_v4.0.30319_64 - ok
12:17:35.0092 1524 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:17:35.0094 1524 CmBatt - ok
12:17:35.0115 1524 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:17:35.0118 1524 cmdide - ok
12:17:35.0157 1524 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:17:35.0160 1524 CNG - ok
12:17:35.0176 1524 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:17:35.0201 1524 Compbatt - ok
12:17:35.0218 1524 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:17:35.0219 1524 CompositeBus - ok
12:17:35.0237 1524 COMSysApp - ok
12:17:35.0248 1524 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:17:35.0257 1524 crcdisk - ok
12:17:35.0292 1524 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:17:35.0294 1524 CryptSvc - ok
12:17:35.0376 1524 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:17:35.0381 1524 cvhsvc - ok
12:17:35.0424 1524 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:17:35.0428 1524 DcomLaunch - ok
12:17:35.0449 1524 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:17:35.0452 1524 defragsvc - ok
12:17:35.0476 1524 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:17:35.0480 1524 DfsC - ok
12:17:35.0505 1524 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:17:35.0507 1524 Dhcp - ok
12:17:35.0513 1524 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:17:35.0514 1524 discache - ok
12:17:35.0523 1524 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:17:35.0524 1524 Disk - ok
12:17:35.0554 1524 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:17:35.0555 1524 Dnscache - ok
12:17:35.0584 1524 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:17:35.0588 1524 dot3svc - ok
12:17:35.0607 1524 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:17:35.0608 1524 DPS - ok
12:17:35.0634 1524 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:17:35.0636 1524 drmkaud - ok
12:17:35.0728 1524 dump_wmimmc - ok
12:17:35.0771 1524 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:17:35.0775 1524 DXGKrnl - ok
12:17:35.0777 1524 EagleX64 - ok
12:17:35.0788 1524 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:17:35.0789 1524 EapHost - ok
12:17:35.0833 1524 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:17:35.0872 1524 ebdrv - ok
12:17:35.0921 1524 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:17:35.0923 1524 eeCtrl - ok
12:17:35.0955 1524 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:17:35.0957 1524 EFS - ok
12:17:36.0006 1524 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:17:36.0027 1524 ehRecvr - ok
12:17:36.0056 1524 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:17:36.0067 1524 ehSched - ok
12:17:36.0095 1524 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:17:36.0098 1524 elxstor - ok
12:17:36.0131 1524 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:17:36.0132 1524 EraserUtilRebootDrv - ok
12:17:36.0160 1524 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:17:36.0162 1524 ErrDev - ok
12:17:36.0179 1524 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:17:36.0181 1524 EventSystem - ok
12:17:36.0198 1524 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:17:36.0206 1524 exfat - ok
12:17:36.0221 1524 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:17:36.0224 1524 fastfat - ok
12:17:36.0247 1524 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:17:36.0250 1524 Fax - ok
12:17:36.0268 1524 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:17:36.0269 1524 fdc - ok
12:17:36.0280 1524 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:17:36.0281 1524 fdPHost - ok
12:17:36.0299 1524 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:17:36.0300 1524 FDResPub - ok
12:17:36.0306 1524 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:17:36.0307 1524 FileInfo - ok
12:17:36.0323 1524 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:17:36.0332 1524 Filetrace - ok
12:17:36.0380 1524 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:17:36.0433 1524 FLEXnet Licensing Service - ok
12:17:36.0460 1524 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:17:36.0477 1524 flpydisk - ok
12:17:36.0514 1524 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:17:36.0517 1524 FltMgr - ok
12:17:36.0555 1524 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:17:36.0564 1524 FontCache - ok
12:17:36.0593 1524 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:17:36.0595 1524 FontCache3.0.0.0 - ok
12:17:36.0604 1524 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:17:36.0606 1524 FsDepends - ok
12:17:36.0625 1524 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:17:36.0626 1524 Fs_Rec - ok
12:17:36.0658 1524 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:17:36.0660 1524 fvevol - ok
12:17:36.0675 1524 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:17:36.0677 1524 gagp30kx - ok
12:17:36.0717 1524 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:17:36.0718 1524 GEARAspiWDM - ok
12:17:36.0748 1524 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:17:36.0752 1524 gpsvc - ok
12:17:36.0763 1524 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:17:36.0765 1524 hcw85cir - ok
12:17:36.0801 1524 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:17:36.0802 1524 HdAudAddService - ok
12:17:36.0828 1524 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:17:36.0830 1524 HDAudBus - ok
12:17:36.0845 1524 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:17:36.0846 1524 HidBatt - ok
12:17:36.0857 1524 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:17:36.0872 1524 HidBth - ok
12:17:36.0889 1524 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:17:36.0891 1524 HidIr - ok
12:17:36.0912 1524 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:17:36.0913 1524 hidserv - ok
12:17:36.0950 1524 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:17:36.0967 1524 HidUsb - ok
12:17:37.0020 1524 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:17:37.0022 1524 hkmsvc - ok
12:17:37.0054 1524 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:17:37.0057 1524 HomeGroupListener - ok
12:17:37.0079 1524 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:17:37.0081 1524 HomeGroupProvider - ok
12:17:37.0110 1524 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:17:37.0134 1524 HpSAMD - ok
12:17:37.0164 1524 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:17:37.0168 1524 HTTP - ok
12:17:37.0176 1524 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:17:37.0176 1524 hwpolicy - ok
12:17:37.0213 1524 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:17:37.0216 1524 i8042prt - ok
12:17:37.0239 1524 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:17:37.0242 1524 iaStor - ok
12:17:37.0300 1524 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:17:37.0301 1524 IAStorDataMgrSvc - ok
12:17:37.0334 1524 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:17:37.0342 1524 iaStorV - ok
12:17:37.0386 1524 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:17:37.0391 1524 idsvc - ok
12:17:37.0467 1524 [ 82AB40147567DE48C405AFE570A2266F ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120831.001\IDSvia64.sys
12:17:37.0469 1524 IDSVia64 - ok
12:17:37.0491 1524 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:17:37.0499 1524 iirsp - ok
12:17:37.0530 1524 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:17:37.0534 1524 IKEEXT - ok
12:17:37.0592 1524 [ 697C927E0DE2ABAF1A5F455033F687CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:17:37.0601 1524 IntcAzAudAddService - ok
12:17:37.0613 1524 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:17:37.0622 1524 intelide - ok
12:17:37.0642 1524 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:17:37.0642 1524 intelppm - ok
12:17:37.0669 1524 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:17:37.0672 1524 IPBusEnum - ok
12:17:37.0691 1524 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:17:37.0700 1524 IpFilterDriver - ok
12:17:37.0719 1524 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:17:37.0724 1524 iphlpsvc - ok
12:17:37.0746 1524 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:17:37.0758 1524 IPMIDRV - ok
12:17:37.0769 1524 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:17:37.0776 1524 IPNAT - ok
12:17:37.0840 1524 [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:17:37.0844 1524 iPod Service - ok
12:17:37.0854 1524 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:17:37.0855 1524 IRENUM - ok
12:17:37.0873 1524 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:17:37.0876 1524 isapnp - ok
12:17:37.0892 1524 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:17:37.0904 1524 iScsiPrt - ok
12:17:37.0944 1524 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
12:17:37.0946 1524 k57nd60a - ok
12:17:37.0957 1524 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:17:37.0957 1524 kbdclass - ok
12:17:37.0988 1524 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:17:37.0989 1524 kbdhid - ok
12:17:37.0992 1524 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:17:37.0992 1524 KeyIso - ok
12:17:38.0022 1524 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:17:38.0023 1524 KSecDD - ok
12:17:38.0034 1524 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:17:38.0037 1524 KSecPkg - ok
12:17:38.0055 1524 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:17:38.0056 1524 ksthunk - ok
12:17:38.0080 1524 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:17:38.0093 1524 KtmRm - ok
12:17:38.0120 1524 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:17:38.0122 1524 LanmanServer - ok
12:17:38.0137 1524 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:17:38.0139 1524 LanmanWorkstation - ok
12:17:38.0169 1524 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:17:38.0171 1524 lltdio - ok
12:17:38.0192 1524 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:17:38.0199 1524 lltdsvc - ok
12:17:38.0210 1524 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:17:38.0210 1524 lmhosts - ok
12:17:38.0235 1524 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:17:38.0244 1524 LSI_FC - ok
12:17:38.0262 1524 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:17:38.0264 1524 LSI_SAS - ok
12:17:38.0276 1524 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:17:38.0279 1524 LSI_SAS2 - ok
12:17:38.0320 1524 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:17:38.0323 1524 LSI_SCSI - ok
12:17:38.0338 1524 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:17:38.0340 1524 luafv - ok
12:17:38.0374 1524 [ 07389F6925E490D2DB7882110E99921C ] lvpepf64 C:\Windows\system32\DRIVERS\lv302a64.sys
12:17:38.0374 1524 lvpepf64 - ok
12:17:38.0400 1524 [ 7F0BA3A6E8996F15693C6B7D81DA049E ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
12:17:38.0404 1524 LVRS64 - ok
12:17:38.0438 1524 [ 5C3FF68267A5D242EE79EE01B993D6CE ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
12:17:38.0438 1524 LVUSBS64 - ok
12:17:38.0468 1524 lxdn_device - ok
12:17:38.0517 1524 [ D33E2B74CF8B3A652BF0A9FBD068E87A ] ManyCam C:\Windows\system32\DRIVERS\ManyCam_x64.sys
12:17:38.0518 1524 ManyCam - ok
12:17:38.0561 1524 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:17:38.0572 1524 Mcx2Svc - ok
12:17:38.0587 1524 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:17:38.0589 1524 megasas - ok
12:17:38.0606 1524 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:17:38.0611 1524 MegaSR - ok
12:17:38.0631 1524 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:17:38.0632 1524 MMCSS - ok
12:17:38.0644 1524 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:17:38.0646 1524 Modem - ok
12:17:38.0673 1524 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:17:38.0673 1524 monitor - ok
12:17:38.0718 1524 [ FC44AD48746FFA5FD640EF1260AB5EC2 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
12:17:38.0734 1524 MotioninJoyXFilter - ok
12:17:38.0752 1524 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:17:38.0753 1524 mouclass - ok
12:17:38.0762 1524 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:17:38.0763 1524 mouhid - ok
12:17:38.0784 1524 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:17:38.0785 1524 mountmgr - ok
12:17:38.0810 1524 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:17:38.0820 1524 mpio - ok
12:17:38.0830 1524 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:17:38.0833 1524 mpsdrv - ok
12:17:38.0865 1524 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:17:38.0871 1524 MpsSvc - ok
12:17:38.0895 1524 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:17:38.0898 1524 MRxDAV - ok
12:17:38.0924 1524 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:17:38.0927 1524 mrxsmb - ok
12:17:38.0958 1524 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:17:38.0960 1524 mrxsmb10 - ok
12:17:38.0973 1524 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:17:38.0975 1524 mrxsmb20 - ok
12:17:38.0998 1524 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:17:39.0023 1524 msahci - ok
12:17:39.0043 1524 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:17:39.0060 1524 msdsm - ok
12:17:39.0080 1524 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:17:39.0084 1524 MSDTC - ok
12:17:39.0099 1524 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:17:39.0100 1524 Msfs - ok
12:17:39.0114 1524 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:17:39.0123 1524 mshidkmdf - ok
12:17:39.0130 1524 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:17:39.0131 1524 msisadrv - ok
12:17:39.0155 1524 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:17:39.0158 1524 MSiSCSI - ok
12:17:39.0160 1524 msiserver - ok
12:17:39.0177 1524 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:17:39.0179 1524 MSKSSRV - ok
12:17:39.0189 1524 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:17:39.0190 1524 MSPCLOCK - ok
12:17:39.0196 1524 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:17:39.0198 1524 MSPQM - ok
12:17:39.0235 1524 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:17:39.0237 1524 MsRPC - ok
12:17:39.0251 1524 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:17:39.0252 1524 mssmbios - ok
12:17:39.0258 1524 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:17:39.0260 1524 MSTEE - ok
12:17:39.0267 1524 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:17:39.0274 1524 MTConfig - ok
12:17:39.0295 1524 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:17:39.0296 1524 Mup - ok
12:17:39.0350 1524 [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
12:17:39.0351 1524 N360 - ok
12:17:39.0367 1524 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:17:39.0370 1524 napagent - ok
12:17:39.0398 1524 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:17:39.0400 1524 NativeWifiP - ok
12:17:39.0461 1524 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120902.007\ENG64.SYS
12:17:39.0462 1524 NAVENG - ok
12:17:39.0507 1524 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120902.007\EX64.SYS
12:17:39.0515 1524 NAVEX15 - ok
12:17:39.0549 1524 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
12:17:39.0553 1524 NDIS - ok
12:17:39.0565 1524 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:17:39.0567 1524 NdisCap - ok
12:17:39.0578 1524 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:17:39.0579 1524 NdisTapi - ok
12:17:39.0597 1524 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:17:39.0601 1524 Ndisuio - ok
12:17:39.0616 1524 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:17:39.0618 1524 NdisWan - ok
12:17:39.0646 1524 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:17:39.0648 1524 NDProxy - ok
12:17:39.0661 1524 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:17:39.0663 1524 NetBIOS - ok
12:17:39.0676 1524 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:17:39.0678 1524 NetBT - ok
12:17:39.0680 1524 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:17:39.0681 1524 Netlogon - ok
12:17:39.0715 1524 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:17:39.0718 1524 Netman - ok
12:17:39.0729 1524 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:17:39.0733 1524 netprofm - ok
12:17:39.0747 1524 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:17:39.0789 1524 NetTcpPortSharing - ok
12:17:39.0797 1524 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:17:39.0806 1524 nfrd960 - ok
12:17:39.0833 1524 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:17:39.0835 1524 NlaSvc - ok
12:17:39.0843 1524 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:17:39.0844 1524 Npfs - ok
12:17:39.0874 1524 npggsvc - ok
12:17:39.0884 1524 NPPTNT2 - ok
12:17:39.0900 1524 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:17:39.0901 1524 nsi - ok
12:17:39.0908 1524 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:17:39.0909 1524 nsiproxy - ok
12:17:39.0953 1524 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:17:39.0968 1524 Ntfs - ok
12:17:39.0981 1524 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:17:39.0990 1524 Null - ok
12:17:40.0020 1524 [ ED9380F201C8126425C09BED96DBE1E5 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:17:40.0026 1524 NVHDA - ok
12:17:40.0175 1524 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:17:40.0228 1524 nvlddmkm - ok
12:17:40.0281 1524 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:17:40.0283 1524 nvraid - ok
12:17:40.0310 1524 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:17:40.0313 1524 nvstor - ok
12:17:40.0352 1524 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] NVSvc C:\Windows\system32\nvvsvc.exe
12:17:40.0356 1524 NVSvc - ok
12:17:40.0408 1524 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:17:40.0426 1524 nvUpdatusService - ok
12:17:40.0461 1524 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:17:40.0470 1524 nv_agp - ok
12:17:40.0499 1524 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:17:40.0511 1524 ohci1394 - ok
12:17:40.0540 1524 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:17:40.0553 1524 ose - ok
12:17:40.0628 1524 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:17:40.0671 1524 osppsvc - ok
12:17:40.0704 1524 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:17:40.0707 1524 p2pimsvc - ok
12:17:40.0731 1524 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:17:40.0733 1524 p2psvc - ok
12:17:40.0751 1524 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:17:40.0754 1524 Parport - ok
12:17:40.0782 1524 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:17:40.0783 1524 partmgr - ok
12:17:40.0798 1524 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:17:40.0800 1524 PcaSvc - ok
12:17:40.0814 1524 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:17:40.0815 1524 pci - ok
12:17:40.0831 1524 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:17:40.0839 1524 pciide - ok
12:17:40.0859 1524 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:17:40.0864 1524 pcmcia - ok
12:17:40.0872 1524 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:17:40.0872 1524 pcw - ok
12:17:40.0892 1524 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:17:40.0896 1524 PEAUTH - ok
12:17:40.0967 1524 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:17:40.0976 1524 PerfHost - ok
12:17:41.0024 1524 [ 087A343DFC337F37723DD7912DE6B6CD ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V64.SYS
12:17:41.0035 1524 PID_PEPI - ok
12:17:41.0078 1524 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:17:41.0089 1524 pla - ok
12:17:41.0126 1524 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:17:41.0128 1524 PlugPlay - ok
12:17:41.0137 1524 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:17:41.0145 1524 PNRPAutoReg - ok
12:17:41.0150 1524 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:17:41.0152 1524 PNRPsvc - ok
12:17:41.0184 1524 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:17:41.0188 1524 PolicyAgent - ok
12:17:41.0205 1524 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:17:41.0207 1524 Power - ok
12:17:41.0248 1524 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:17:41.0250 1524 PptpMiniport - ok
12:17:41.0260 1524 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:17:41.0262 1524 Processor - ok
12:17:41.0286 1524 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:17:41.0288 1524 ProfSvc - ok
12:17:41.0299 1524 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:17:41.0300 1524 ProtectedStorage - ok
12:17:41.0332 1524 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:17:41.0333 1524 Psched - ok
12:17:41.0378 1524 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:17:41.0379 1524 PxHlpa64 - ok
12:17:41.0407 1524 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:17:41.0415 1524 ql2300 - ok
12:17:41.0427 1524 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:17:41.0435 1524 ql40xx - ok
12:17:41.0447 1524 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:17:41.0450 1524 QWAVE - ok
12:17:41.0464 1524 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:17:41.0464 1524 QWAVEdrv - ok
12:17:41.0476 1524 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:17:41.0477 1524 RasAcd - ok
12:17:41.0486 1524 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:17:41.0487 1524 RasAgileVpn - ok
12:17:41.0501 1524 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:17:41.0504 1524 RasAuto - ok
12:17:41.0524 1524 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:17:41.0529 1524 Rasl2tp - ok
12:17:41.0548 1524 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:17:41.0551 1524 RasMan - ok
12:17:41.0567 1524 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:17:41.0570 1524 RasPppoe - ok
12:17:41.0592 1524 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:17:41.0601 1524 RasSstp - ok
12:17:41.0626 1524 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:17:41.0629 1524 rdbss - ok
12:17:41.0641 1524 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:17:41.0643 1524 rdpbus - ok
12:17:41.0655 1524 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:17:41.0656 1524 RDPCDD - ok
12:17:41.0666 1524 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:17:41.0666 1524 RDPENCDD - ok
12:17:41.0681 1524 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:17:41.0681 1524 RDPREFMP - ok
12:17:41.0707 1524 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:17:41.0710 1524 RDPWD - ok
12:17:41.0724 1524 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:17:41.0726 1524 rdyboost - ok
12:17:41.0746 1524 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:17:41.0749 1524 RemoteAccess - ok
12:17:41.0763 1524 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:17:41.0790 1524 RemoteRegistry - ok
12:17:41.0883 1524 [ BDDC447AB46625A54619808575D5CB46 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
12:17:41.0888 1524 RoxMediaDB12OEM - ok
12:17:41.0918 1524 [ CE203243ADF512540249DF9C264F12DD ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
12:17:41.0920 1524 RoxWatch12 - ok
12:17:41.0933 1524 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:17:41.0934 1524 RpcEptMapper - ok
12:17:41.0956 1524 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:17:41.0964 1524 RpcLocator - ok
12:17:42.0000 1524 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:17:42.0003 1524 RpcSs - ok
12:17:42.0014 1524 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:17:42.0023 1524 rspndr - ok
12:17:42.0025 1524 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:17:42.0026 1524 SamSs - ok
12:17:42.0045 1524 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:17:42.0053 1524 sbp2port - ok
12:17:42.0068 1524 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:17:42.0074 1524 SCardSvr - ok
12:17:42.0090 1524 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:17:42.0092 1524 scfilter - ok
12:17:42.0116 1524 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:17:42.0121 1524 Schedule - ok
12:17:42.0131 1524 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:17:42.0131 1524 SCPolicySvc - ok
12:17:42.0155 1524 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:17:42.0162 1524 SDRSVC - ok
12:17:42.0177 1524 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:17:42.0179 1524 secdrv - ok
12:17:42.0203 1524 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:17:42.0205 1524 seclogon - ok
12:17:42.0218 1524 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:17:42.0219 1524 SENS - ok
12:17:42.0233 1524 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:17:42.0235 1524 SensrSvc - ok
12:17:42.0249 1524 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:17:42.0250 1524 Serenum - ok
12:17:42.0260 1524 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:17:42.0262 1524 Serial - ok
12:17:42.0280 1524 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:17:42.0289 1524 sermouse - ok
12:17:42.0312 1524 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:17:42.0316 1524 SessionEnv - ok
12:17:42.0334 1524 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:17:42.0336 1524 sffdisk - ok
12:17:42.0355 1524 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:17:42.0363 1524 sffp_mmc - ok
12:17:42.0371 1524 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:17:42.0379 1524 sffp_sd - ok
12:17:42.0396 1524 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:17:42.0405 1524 sfloppy - ok
12:17:42.0443 1524 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
12:17:42.0446 1524 Sftfs - ok
12:17:42.0494 1524 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:17:42.0497 1524 sftlist - ok
12:17:42.0527 1524 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:17:42.0529 1524 Sftplay - ok
12:17:42.0560 1524 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:17:42.0560 1524 Sftredir - ok
12:17:42.0606 1524 [ 38F88F0DF46C4D42125EF721ABD7F6B9 ] SftService C:\Program Files (x86)\AlienRespawn\sftservice.EXE
12:17:42.0610 1524 SftService - ok
12:17:42.0616 1524 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
12:17:42.0617 1524 Sftvol - ok
12:17:42.0631 1524 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:17:42.0633 1524 sftvsa - ok
12:17:42.0653 1524 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:17:42.0674 1524 SharedAccess - ok
12:17:42.0722 1524 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:17:42.0724 1524 ShellHWDetection - ok
12:17:42.0757 1524 [ 0F498DEE92FD73DD999BAE4D506367F5 ] SI3132 C:\Windows\system32\DRIVERS\SI3132.sys
12:17:42.0758 1524 SI3132 - ok
12:17:42.0761 1524 [ 127CE10E01F53F2EDACA7FE42E5631EA ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys
12:17:42.0762 1524 SiFilter - ok
12:17:42.0769 1524 [ B742C37002B8EBEF6E230DF9B4B28546 ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys
12:17:42.0770 1524 SiRemFil - ok
12:17:42.0788 1524 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:17:42.0790 1524 SiSRaid2 - ok
12:17:42.0810 1524 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:17:42.0812 1524 SiSRaid4 - ok
12:17:42.0906 1524 [ B78408BA56FA554E96128D4934AB7561 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:17:42.0908 1524 SkypeUpdate - ok
12:17:42.0918 1524 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:17:42.0925 1524 Smb - ok
12:17:42.0951 1524 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:17:42.0953 1524 SNMPTRAP - ok
12:17:42.0960 1524 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:17:42.0960 1524 spldr - ok
12:17:42.0992 1524 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:17:42.0997 1524 Spooler - ok
12:17:43.0049 1524 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:17:43.0074 1524 sppsvc - ok
12:17:43.0090 1524 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:17:43.0118 1524 sppuinotify - ok
12:17:43.0173 1524 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
12:17:43.0177 1524 SRTSP - ok
12:17:43.0188 1524 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
12:17:43.0189 1524 SRTSPX - ok
12:17:43.0211 1524 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:17:43.0215 1524 srv - ok
12:17:43.0244 1524 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:17:43.0247 1524 srv2 - ok
12:17:43.0260 1524 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:17:43.0267 1524 srvnet - ok
12:17:43.0284 1524 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:17:43.0286 1524 SSDPSRV - ok
12:17:43.0300 1524 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:17:43.0308 1524 SstpSvc - ok
12:17:43.0324 1524 Steam Client Service - ok
12:17:43.0403 1524 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:17:43.0405 1524 Stereo Service - ok
12:17:43.0418 1524 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:17:43.0423 1524 stexstor - ok
12:17:43.0469 1524 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:17:43.0472 1524 stisvc - ok
12:17:43.0505 1524 [ 9E182DD94496550A22A392CC1A8E0F52 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:17:43.0635 1524 stllssvr - ok
12:17:43.0647 1524 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:17:43.0648 1524 swenum - ok
12:17:43.0666 1524 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:17:43.0670 1524 swprv - ok
12:17:43.0683 1524 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
12:17:43.0685 1524 SymDS - ok
12:17:43.0703 1524 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
12:17:43.0707 1524 SymEFA - ok
12:17:43.0723 1524 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
12:17:43.0724 1524 SymEvent - ok
12:17:43.0746 1524 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
12:17:43.0747 1524 SymIRON - ok
12:17:43.0759 1524 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS
12:17:43.0761 1524 SymNetS - ok
12:17:43.0800 1524 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:17:43.0808 1524 SysMain - ok
12:17:43.0842 1524 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:17:43.0845 1524 TabletInputService - ok
12:17:43.0869 1524 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:17:43.0873 1524 TapiSrv - ok
12:17:43.0896 1524 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:17:43.0898 1524 TBS - ok
12:17:43.0963 1524 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:17:43.0991 1524 Tcpip - ok
12:17:44.0025 1524 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:17:44.0033 1524 TCPIP6 - ok
12:17:44.0063 1524 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:17:44.0072 1524 tcpipreg - ok
12:17:44.0083 1524 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:17:44.0085 1524 TDPIPE - ok
12:17:44.0112 1524 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:17:44.0125 1524 TDTCP - ok
12:17:44.0144 1524 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:17:44.0146 1524 tdx - ok
12:17:44.0173 1524 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:17:44.0173 1524 TermDD - ok
12:17:44.0197 1524 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:17:44.0203 1524 TermService - ok
12:17:44.0216 1524 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:17:44.0217 1524 Themes - ok
12:17:44.0242 1524 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:17:44.0242 1524 THREADORDER - ok
12:17:44.0254 1524 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:17:44.0256 1524 TrkWks - ok
12:17:44.0290 1524 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:17:44.0298 1524 TrustedInstaller - ok
12:17:44.0323 1524 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:17:44.0325 1524 tssecsrv - ok
12:17:44.0338 1524 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:17:44.0340 1524 TsUsbFlt - ok
12:17:44.0370 1524 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:17:44.0378 1524 tunnel - ok
12:17:44.0384 1524 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:17:44.0393 1524 uagp35 - ok
12:17:44.0410 1524 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:17:44.0413 1524 udfs - ok
12:17:44.0426 1524 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:17:44.0431 1524 UI0Detect - ok
12:17:44.0459 1524 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:17:44.0461 1524 uliagpkx - ok
12:17:44.0482 1524 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:17:44.0484 1524 umbus - ok
12:17:44.0498 1524 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:17:44.0506 1524 UmPass - ok
12:17:44.0538 1524 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:17:44.0541 1524 upnphost - ok
12:17:44.0565 1524 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:17:44.0579 1524 USBAAPL64 - ok
12:17:44.0603 1524 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:17:44.0604 1524 usbaudio - ok
12:17:44.0631 1524 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:17:44.0639 1524 usbccgp - ok
12:17:44.0657 1524 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:17:44.0665 1524 usbcir - ok
12:17:44.0682 1524 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:17:44.0682 1524 usbehci - ok
12:17:44.0712 1524 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:17:44.0714 1524 usbhub - ok
12:17:44.0727 1524 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:17:44.0735 1524 usbohci - ok
12:17:44.0753 1524 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:17:44.0754 1524 usbprint - ok
12:17:44.0757 1524 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:17:44.0758 1524 usbscan - ok
12:17:44.0770 1524 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:17:44.0781 1524 USBSTOR - ok
12:17:44.0787 1524 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:17:44.0789 1524 usbuhci - ok
12:17:44.0801 1524 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:17:44.0802 1524 UxSms - ok
12:17:44.0813 1524 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:17:44.0813 1524 VaultSvc - ok
12:17:44.0816 1524 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:17:44.0816 1524 vdrvroot - ok
12:17:44.0833 1524 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:17:44.0837 1524 vds - ok
12:17:44.0847 1524 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:17:44.0856 1524 vga - ok
12:17:44.0864 1524 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:17:44.0866 1524 VgaSave - ok
12:17:44.0889 1524 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:17:44.0896 1524 vhdmp - ok
12:17:44.0909 1524 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:17:44.0910 1524 viaide - ok
12:17:44.0922 1524 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:17:44.0923 1524 volmgr - ok
12:17:44.0945 1524 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:17:44.0947 1524 volmgrx - ok
12:17:44.0974 1524 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:17:44.0976 1524 volsnap - ok
12:17:45.0008 1524 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:17:45.0015 1524 vsmraid - ok
12:17:45.0060 1524 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:17:45.0086 1524 VSS - ok
12:17:45.0107 1524 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:17:45.0115 1524 vwifibus - ok
12:17:45.0143 1524 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:17:45.0144 1524 vwififlt - ok
12:17:45.0163 1524 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:17:45.0164 1524 vwifimp - ok
12:17:45.0177 1524 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:17:45.0182 1524 W32Time - ok
12:17:45.0194 1524 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:17:45.0195 1524 WacomPen - ok
12:17:45.0218 1524 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:17:45.0227 1524 WANARP - ok
12:17:45.0229 1524 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:17:45.0229 1524 Wanarpv6 - ok
12:17:45.0280 1524 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:17:45.0287 1524 WatAdminSvc - ok
12:17:45.0358 1524 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:17:45.0370 1524 wbengine - ok
12:17:45.0399 1524 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:17:45.0402 1524 WbioSrvc - ok
12:17:45.0422 1524 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:17:45.0425 1524 wcncsvc - ok
12:17:45.0440 1524 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:17:45.0442 1524 WcsPlugInService - ok
12:17:45.0449 1524 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:17:45.0451 1524 Wd - ok
12:17:45.0475 1524 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:17:45.0479 1524 Wdf01000 - ok
12:17:45.0490 1524 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:17:45.0492 1524 WdiServiceHost - ok
12:17:45.0495 1524 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:17:45.0496 1524 WdiSystemHost - ok
12:17:45.0521 1524 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:17:45.0527 1524 WebClient - ok
12:17:45.0563 1524 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:17:45.0568 1524 Wecsvc - ok
12:17:45.0580 1524 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:17:45.0582 1524 wercplsupport - ok
12:17:45.0605 1524 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:17:45.0606 1524 WerSvc - ok
12:17:45.0618 1524 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:17:45.0619 1524 WfpLwf - ok
12:17:45.0660 1524 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
12:17:45.0663 1524 WimFltr - ok
12:17:45.0673 1524 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:17:45.0674 1524 WIMMount - ok
12:17:45.0686 1524 WinDefend - ok
12:17:45.0689 1524 WinHttpAutoProxySvc - ok
12:17:45.0745 1524 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:17:45.0747 1524 Winmgmt - ok
12:17:45.0787 1524 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:17:45.0805 1524 WinRM - ok
12:17:45.0862 1524 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:17:45.0879 1524 WinUsb - ok
12:17:45.0917 1524 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:17:45.0922 1524 Wlansvc - ok
12:17:45.0942 1524 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:17:45.0943 1524 WmiAcpi - ok
12:17:45.0976 1524 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:17:45.0979 1524 wmiApSrv - ok
12:17:46.0000 1524 WMPNetworkSvc - ok
12:17:46.0022 1524 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:17:46.0039 1524 WPCSvc - ok
12:17:46.0061 1524 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:17:46.0062 1524 WPDBusEnum - ok
12:17:46.0089 1524 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:17:46.0097 1524 ws2ifsl - ok
12:17:46.0114 1524 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:17:46.0123 1524 wscsvc - ok
12:17:46.0125 1524 WSearch - ok
12:17:46.0178 1524 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:17:46.0213 1524 wuauserv - ok
12:17:46.0255 1524 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:17:46.0265 1524 WudfPf - ok
12:17:46.0293 1524 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:17:46.0300 1524 WUDFRd - ok
12:17:46.0322 1524 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:17:46.0324 1524 wudfsvc - ok
12:17:46.0350 1524 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:17:46.0357 1524 WwanSvc - ok
12:17:46.0379 1524 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
12:17:46.0420 1524 xusb21 - ok
12:17:46.0452 1524 ================ Scan global ===============================
12:17:46.0464 1524 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:17:46.0504 1524 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:17:46.0509 1524 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:17:46.0526 1524 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:17:46.0548 1524 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:17:46.0552 1524 [Global] - ok
12:17:46.0552 1524 ================ Scan MBR ==================================
12:17:46.0566 1524 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
12:17:46.0758 1524 \Device\Harddisk0\DR0 - ok
12:17:46.0758 1524 ================ Scan VBR ==================================
12:17:46.0760 1524 [ 1E9CC710A0BF9A7C7F9A9875B031051C ] \Device\Harddisk0\DR0\Partition1
12:17:46.0760 1524 \Device\Harddisk0\DR0\Partition1 - ok
12:17:46.0772 1524 [ CB5F409225BF27DBCF69A35A5413311C ] \Device\Harddisk0\DR0\Partition2
12:17:46.0781 1524 \Device\Harddisk0\DR0\Partition2 - ok
12:17:46.0781 1524 ============================================================
12:17:46.0781 1524 Scan finished
12:17:46.0781 1524 ============================================================
12:17:46.0789 0216 Detected object count: 0
12:17:46.0789 0216 Actual detected object count: 0


Here's the aswmbr log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-03 12:20:07
-----------------------------
12:20:07.395 OS Version: Windows x64 6.1.7601 Service Pack 1
12:20:07.395 Number of processors: 8 586 0x1A05
12:20:07.396 ComputerName: DANIEL-PC UserName: Daniel
12:20:08.497 Initialize success
12:22:38.836 AVAST engine defs: 12090300
12:24:00.136 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:24:00.138 Disk 0 Vendor: Intel___ 1.0. Size: 1430805MB BusType: 8
12:24:00.149 Disk 0 MBR read successfully
12:24:00.151 Disk 0 MBR scan
12:24:00.154 Disk 0 Windows VISTA default MBR code
12:24:00.156 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
12:24:00.164 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 8942 MB offset 81920
12:24:00.180 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 1421822 MB offset 18395136
12:24:00.226 Disk 0 scanning C:\Windows\system32\drivers
12:24:11.163 Service scanning
12:24:28.814 Modules scanning
12:24:28.819 Disk 0 trace - called modules:
12:24:28.837 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
12:24:29.163 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800cf6a790]
12:24:29.167 3 CLASSPNP.SYS[fffff88001d8f43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800ab60050]
12:24:30.526 AVAST engine scan C:\Windows
12:24:32.332 AVAST engine scan C:\Windows\system32
12:28:01.563 AVAST engine scan C:\Windows\system32\drivers
12:28:15.469 AVAST engine scan C:\Users\Daniel
12:28:15.861 File: C:\Users\Daniel\AppData\Local\Adobe\4A Games\mvqjl.dll **INFECTED** Win32:Malware-gen
12:28:57.204 Disk 0 MBR has been saved successfully to "C:\Users\Daniel\Documents\MBR.dat"
12:28:57.209 The log file has been saved successfully to "C:\Users\Daniel\Documents\aswMBR log.txt"
12:45:34.485 AVAST engine scan C:\ProgramData
12:46:33.956 File: C:\ProgramData\Microsoft\Windows\DRM\7F03.tmp.dat **INFECTED** Win32:Alureon-AVM [Trj]
12:48:34.416 Scan finished successfully
12:57:28.235 Disk 0 MBR has been saved successfully to "C:\Users\Daniel\Documents\MBR.dat"
12:57:28.239 The log file has been saved successfully to "C:\Users\Daniel\Documents\aswMBR log.txt"

Here's the eset log:

C:\ProgramData\Microsoft\Windows\DRM\7F03.tmp.dat a variant of Win32/Kryptik.AKON trojan cleaned by deleting - quarantined
C:\Users\Daniel\AppData\Local\Adobe\4A Games\mvqjl.dll a variant of Win32/Kryptik.AKPW trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Daniel\AppData\Local\Temp\NOD81F9.tmp a variant of Win32/Kryptik.AKPW trojan cleaned by deleting (after the next restart) - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:07 PM

Posted 03 September 2012 - 04:11 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Zaros

Zaros
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 04 September 2012 - 02:19 PM

Toolbox log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Daniel (administrator) on 04-09-2012 at 15:16:54
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)
DW1525 (802.11n) WLAN PCIe Card = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Daniel-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : C2-46-19-63-4D-4A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1525 (802.11n) WLAN PCIe Card
Physical Address. . . . . . . . . : C4-46-19-63-4D-4A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4dbd:4ff1:5976:d751%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, September 04, 2012 2:42:47 PM
Lease Expires . . . . . . . . . . : Wednesday, September 05, 2012 2:42:52 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 314852889
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-B7-AC-E6-F0-4D-A2-DB-27-38
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : F0-4D-A2-DB-27-38
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::78ec:6514:8c64:bc4d%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, September 04, 2012 2:41:26 PM
Lease Expires . . . . . . . . . . : Wednesday, September 05, 2012 2:41:26 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 250629538
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-B7-AC-E6-F0-4D-A2-DB-27-38
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{890F12DB-18CD-4B59-B8B2-05EDDCC00E24}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C440B4CB-C4DF-4277-A14A-507DDAD08964}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:8a5:17b6:bf86:6c2(Preferred)
Link-local IPv6 Address . . . . . : fe80::8a5:17b6:bf86:6c2%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:800::1007
74.125.226.200
74.125.226.198
74.125.226.193
74.125.226.206
74.125.226.192
74.125.226.195
74.125.226.197
74.125.226.201
74.125.226.199
74.125.226.196
74.125.226.194


Pinging google.com [74.125.226.194] with 32 bytes of data:
Reply from 74.125.226.194: bytes=32 time=22ms TTL=55
Reply from 74.125.226.194: bytes=32 time=16ms TTL=55

Ping statistics for 74.125.226.194:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 22ms, Average = 19ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=872ms TTL=51
Reply from 72.30.38.140: bytes=32 time=170ms TTL=51

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 170ms, Maximum = 872ms, Average = 521ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
13...c2 46 19 63 4d 4a ......Microsoft Virtual WiFi Miniport Adapter
11...c4 46 19 63 4d 4a ......DW1525 (802.11n) WLAN PCIe Card
10...f0 4d a2 db 27 38 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.9 20
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.9 276
192.168.1.0 255.255.255.0 On-link 192.168.1.4 281
192.168.1.4 255.255.255.255 On-link 192.168.1.4 281
192.168.1.9 255.255.255.255 On-link 192.168.1.9 276
192.168.1.255 255.255.255.255 On-link 192.168.1.9 276
192.168.1.255 255.255.255.255 On-link 192.168.1.4 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.9 276
224.0.0.0 240.0.0.0 On-link 192.168.1.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.9 276
255.255.255.255 255.255.255.255 On-link 192.168.1.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:9d38:953c:8a5:17b6:bf86:6c2/128
On-link
10 276 fe80::/64 On-link
11 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::8a5:17b6:bf86:6c2/128
On-link
11 281 fe80::4dbd:4ff1:5976:d751/128
On-link
10 276 fe80::78ec:6514:8c64:bc4d/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
10 276 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/03/2012 02:22:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16448, time stamp: 0x4fecf1b7
Faulting module name: jvm.dll, version: 20.4.0.2, time stamp: 0x4e89b323
Exception code: 0xc0000005
Fault offset: 0x0005e4e2
Faulting process id: 0x1974
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (09/03/2012 00:30:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/03/2012 00:30:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/03/2012 00:30:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/03/2012 00:30:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/03/2012 00:30:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/01/2012 01:28:38 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {5790a8d5-37de-4246-aa29-b773640cffba}

Error: (08/26/2012 10:39:59 AM) (Source: Application Hang) (User: )
Description: The program Guild Wars 2.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1884

Start Time: 01cd838333c7e098

Termination Time: 184

Application Path: C:\Users\Daniel\Desktop\Guild Wars 2.exe

Report Id:

Error: (08/24/2012 09:43:31 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16448, time stamp: 0x4fecf1b7
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x1850
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (08/24/2012 04:04:46 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16448, time stamp: 0x4fecf1b7
Faulting module name: jvm.dll, version: 20.4.0.2, time stamp: 0x4e89b323
Exception code: 0xc0000005
Fault offset: 0x0005e4e2
Faulting process id: 0xa5c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3


System errors:
=============
Error: (09/04/2012 02:41:47 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (09/03/2012 08:54:28 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (09/03/2012 08:54:28 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (09/03/2012 07:17:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (09/03/2012 07:15:59 PM) (Source: Service Control Manager) (User: )
Description: The Alienware Fusion Service service failed to start due to the following error:
%%1053

Error: (09/03/2012 07:15:59 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Alienware Fusion Service service to connect.

Error: (09/03/2012 07:13:50 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/30/2012 03:50:59 PM) (Source: Service Control Manager) (User: )
Description: The Alienware Fusion Service service failed to start due to the following error:
%%1053

Error: (08/30/2012 03:50:59 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Alienware Fusion Service service to connect.

Error: (08/29/2012 08:10:31 PM) (Source: Service Control Manager) (User: )
Description: The Alienware Fusion Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (09/03/2012 02:22:36 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164484fecf1b7jvm.dll20.4.0.24e89b323c00000050005e4e2197401cd89ed6efe0229C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\PROGRA~2\Java\jre6\bin\client\jvm.dll557aed7b-f5f4-11e1-bafb-f04da2db2738

Error: (09/03/2012 00:30:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Downloads\Virus Help 3 esetsmartinstaller_enu Download.exe

Error: (09/03/2012 00:30:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Downloads\Virus Help 3 esetsmartinstaller_enu Download.exe

Error: (09/03/2012 00:30:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Downloads\Virus Help 3 esetsmartinstaller_enu Download.exe

Error: (09/03/2012 00:30:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Downloads\Virus Help 3 esetsmartinstaller_enu Download.exe

Error: (09/03/2012 00:30:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Downloads\Virus Help 2 esetsmartinstaller_enu Download.exe

Error: (09/01/2012 01:28:38 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {5790a8d5-37de-4246-aa29-b773640cffba}

Error: (08/26/2012 10:39:59 AM) (Source: Application Hang)(User: )
Description: Guild Wars 2.exe1.0.0.1188401cd838333c7e098184C:\Users\Daniel\Desktop\Guild Wars 2.exe

Error: (08/24/2012 09:43:31 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164484fecf1b7ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c3185001cd822c5011a686C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll45c2f015-ee56-11e1-bfa3-f04da2db2738

Error: (08/24/2012 04:04:46 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164484fecf1b7jvm.dll20.4.0.24e89b323c00000050005e4e2a5c01cd819ca4bfd66fC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\PROGRA~2\Java\jre6\bin\client\jvm.dll5dcfe994-edc2-11e1-9eae-f04da2db2738


=========================== Installed Programs ============================

µTorrent (Version: 2.2.1)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Reader 9.5.2 (Version: 9.5.2)
AlienRespawn - Support Software
AlienRespawn (Version: 9.4.51)
Amnesia: The Dark Descent Demo
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Bandisoft MPEG-1 Decoder
Bonjour (Version: 3.0.0.10)
Broadcom Management Programs (Version: 12.53.01)
Command Center (Version: 2.5.52.0)
Curse Client (Version: 5.1.1.430)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell InHome Service Agreement (Version: 2.0.0)
DirectX 9 Runtime (Version: 1.00.0000)
DW 1525 Driver Installation (Version: 7.0)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
HyperCam 2
Intel® Control Center (Version: 1.2.1.1007)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
iTunes (Version: 10.6.0.40)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 22 (64-bit) (Version: 6.0.220)
Java™ 6 Update 29 (Version: 6.0.290)
League of Legends (Version: 1.3)
Lexmark 2600 Series
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Metro 2033
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MotioninJoy ds3 driver version 0.6.0003 (Version: 0.5.0001)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nexon Game Manager
Norton Security Suite (Version: 5.2.2.3)
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 296.10 (Version: 296.10)
NVIDIA 3D Vision Driver 296.10 (Version: 296.10)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
ooVoo (Version: 3.0.4039)
Pando Media Booster (Version: 2.6.0.2)
PhotoShowExpress (Version: 2.0.028)
QuickTime (Version: 7.71.80.42)
RBVirtualFolder64Inst (Version: 1.00.0000)
REACTOR (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6039)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Burn (Version: 1.8.57.4)
Roxio Creator Starter (Version: 1.0.311)
Roxio Creator Starter (Version: 12.1.40.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
San Andreas Mod Installer (Version: 1.1)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.9 (Version: 5.9.123)
Snes9K version 0.09z2 (Version: 0.09z2)
Soldier Front (Version: 1.00.787)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Steam (Version: 1.0.0.0)
System Requirements Lab
Team Fortress 2
THX TruStudio PC (Version: 1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Ventrilo Client (Version: 3.0.7)
Vindictus
WinRAR 4.01 (64-bit) (Version: 4.01.0)
World of Warcraft (Version: 4.3.2.15211)
Yahoo! BrowserPlus 2.9.8

========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 12278.89 MB
Available physical RAM: 8918.23 MB
Total Pagefile: 24555.98 MB
Available Pagefile: 20568.73 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.89 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:1388.5 GB) (Free:1189.79 GB) NTFS

========================= Users: ========================================

User accounts for \\DANIEL-PC

Administrator Daniel Guest
UpdatusUser


**** End of log ****


FSS log:

Farbar Service Scanner Version: 06-08-2012
Ran by Daniel (administrator) on 04-09-2012 at 15:18:12
Running from "C:\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Adware log:

# AdwCleaner v2.000 - Logfile created 09/03/2012 at 20:52:30
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Daniel - DANIEL-PC
# Boot Mode : Normal
# Running from : C:\Downloads\Virus Help 7 adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Daniel\AppData\LocalLow\Toolbar4

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-21-1708543081-3362348590-3640458676-1004\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

*************************

AdwCleaner[S1].txt - [4833 octets] - [03/09/2012 20:52:30]

########## EOF - C:\AdwCleaner[S1].txt - [4893 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:07 PM

Posted 04 September 2012 - 02:58 PM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Any current issues

#7 Zaros

Zaros
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 04 September 2012 - 03:04 PM

Rkill 2.3.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/04/2012 04:04:11 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Users\Daniel\AppData\Local\Apps\2.0\Y1HX7YQX.953\QTX6J1B4.NA9\curs..tion_9e9e83ddf3ed3ead_0005.0001_32b1384f20fde9ac\CurseClient.exe (PID: 4128) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Daniel\Desktop\rkill\rkill-09-04-2012-04-04-17.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/04/2012 04:04:25 PM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:07 PM

Posted 04 September 2012 - 03:13 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users