Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Virus (TDSSKiller, aswMBR, & ESET Logs)


  • Please log in to reply
10 replies to this topic

#1 Vapor187

Vapor187

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 12 September 2012 - 08:42 AM

I had a Zero Access root kit that I seem to have gotten rid of however I have a Google Redirect Virus that I cant seem to get rid of after reading allot of post on this website I decided to run TDSSKiller aswMBR and ESET so I can provide you with the log to get the ball rolling on this since it would appear that this is the first thing requested.

Thank you

TDSSKiller Log


08:39:04.0800 5980 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
08:39:04.0815 5980 ============================================================
08:39:04.0815 5980 Current date / time: 2012/09/12 08:39:04.0815
08:39:04.0815 5980 SystemInfo:
08:39:04.0815 5980
08:39:04.0815 5980 OS Version: 6.1.7600 ServicePack: 0.0
08:39:04.0815 5980 Product type: Workstation
08:39:04.0815 5980 ComputerName: KIRK-LAPTOP
08:39:04.0815 5980 UserName: Kirk
08:39:04.0815 5980 Windows directory: C:\Windows
08:39:04.0815 5980 System windows directory: C:\Windows
08:39:04.0815 5980 Running under WOW64
08:39:04.0815 5980 Processor architecture: Intel x64
08:39:04.0815 5980 Number of processors: 4
08:39:04.0815 5980 Page size: 0x1000
08:39:04.0815 5980 Boot type: Normal boot
08:39:04.0815 5980 ============================================================
08:39:05.0158 5980 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:39:05.0158 5980 ============================================================
08:39:05.0158 5980 \Device\Harddisk0\DR0:
08:39:05.0158 5980 MBR partitions:
08:39:05.0158 5980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:39:05.0158 5980 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
08:39:05.0158 5980 ============================================================
08:39:05.0205 5980 C: <-> \Device\Harddisk0\DR0\Partition2
08:39:05.0205 5980 ============================================================
08:39:05.0205 5980 Initialize success
08:39:05.0205 5980 ============================================================
08:39:11.0149 1428 ============================================================
08:39:11.0149 1428 Scan started
08:39:11.0149 1428 Mode: Manual; TDLFS;
08:39:11.0149 1428 ============================================================
08:39:11.0305 1428 ================ Scan system memory ========================
08:39:11.0305 1428 System memory - ok
08:39:11.0305 1428 ================ Scan services =============================
08:39:11.0414 1428 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
08:39:11.0414 1428 !SASCORE - ok
08:39:11.0586 1428 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
08:39:11.0601 1428 1394ohci - ok
08:39:11.0632 1428 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
08:39:11.0632 1428 Accelerometer - ok
08:39:11.0757 1428 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
08:39:11.0757 1428 ACDaemon - ok
08:39:11.0788 1428 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
08:39:11.0804 1428 ACPI - ok
08:39:11.0835 1428 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
08:39:11.0835 1428 AcpiPmi - ok
08:39:11.0960 1428 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:39:11.0960 1428 AdobeFlashPlayerUpdateSvc - ok
08:39:12.0007 1428 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:39:12.0007 1428 adp94xx - ok
08:39:12.0038 1428 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:39:12.0038 1428 adpahci - ok
08:39:12.0069 1428 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:39:12.0069 1428 adpu320 - ok
08:39:12.0100 1428 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:39:12.0100 1428 AeLookupSvc - ok
08:39:12.0178 1428 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys
08:39:12.0178 1428 Afc - ok
08:39:12.0241 1428 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
08:39:12.0241 1428 AFD - ok
08:39:12.0288 1428 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
08:39:12.0288 1428 agp440 - ok
08:39:12.0319 1428 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:39:12.0319 1428 ALG - ok
08:39:12.0334 1428 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
08:39:12.0334 1428 aliide - ok
08:39:12.0381 1428 [ 951F9713EBB69866EA24E4E53D270A02 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:39:12.0381 1428 AMD External Events Utility - ok
08:39:12.0397 1428 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
08:39:12.0397 1428 amdide - ok
08:39:12.0412 1428 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:39:12.0412 1428 AmdK8 - ok
08:39:12.0584 1428 [ C4A36B9AFB5C993C0A750589BBEAC845 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:39:12.0756 1428 amdkmdag - ok
08:39:12.0802 1428 [ EE789EA97D06BEC75FCD5E69BB69A93B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:39:12.0802 1428 amdkmdap - ok
08:39:12.0818 1428 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:39:12.0818 1428 AmdPPM - ok
08:39:12.0865 1428 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:39:12.0865 1428 amdsata - ok
08:39:12.0896 1428 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:39:12.0896 1428 amdsbs - ok
08:39:12.0927 1428 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:39:12.0927 1428 amdxata - ok
08:39:12.0943 1428 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
08:39:12.0943 1428 AppID - ok
08:39:12.0974 1428 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:39:12.0974 1428 AppIDSvc - ok
08:39:12.0990 1428 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
08:39:12.0990 1428 Appinfo - ok
08:39:13.0021 1428 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
08:39:13.0021 1428 AppMgmt - ok
08:39:13.0036 1428 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:39:13.0036 1428 arc - ok
08:39:13.0036 1428 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:39:13.0036 1428 arcsas - ok
08:39:13.0068 1428 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:39:13.0068 1428 AsyncMac - ok
08:39:13.0083 1428 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
08:39:13.0083 1428 atapi - ok
08:39:13.0146 1428 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:39:13.0146 1428 AudioEndpointBuilder - ok
08:39:13.0146 1428 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:39:13.0146 1428 AudioSrv - ok
08:39:13.0192 1428 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:39:13.0192 1428 AxInstSV - ok
08:39:13.0224 1428 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:39:13.0224 1428 b06bdrv - ok
08:39:13.0270 1428 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:39:13.0270 1428 b57nd60a - ok
08:39:13.0286 1428 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:39:13.0286 1428 BDESVC - ok
08:39:13.0302 1428 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:39:13.0302 1428 Beep - ok
08:39:13.0348 1428 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
08:39:13.0364 1428 BFE - ok
08:39:13.0411 1428 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
08:39:13.0426 1428 BITS - ok
08:39:13.0426 1428 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:39:13.0426 1428 blbdrive - ok
08:39:13.0458 1428 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:39:13.0458 1428 bowser - ok
08:39:13.0489 1428 [ 3DCB409BCBD02AB0675682F8E42A410F ] bpenum C:\Windows\system32\DRIVERS\bpenum.sys
08:39:13.0489 1428 bpenum - ok
08:39:13.0520 1428 [ 6C66EEF6669B14DF4F426990A1CA5112 ] bpmp C:\Windows\system32\DRIVERS\bpmp.sys
08:39:13.0520 1428 bpmp - ok
08:39:13.0536 1428 [ 2EE68405BBADE51CBE1C973FF3A1A400 ] bpusb C:\Windows\system32\Drivers\bpusb.sys
08:39:13.0536 1428 bpusb - ok
08:39:13.0551 1428 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:39:13.0551 1428 BrFiltLo - ok
08:39:13.0551 1428 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:39:13.0551 1428 BrFiltUp - ok
08:39:13.0567 1428 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:39:13.0567 1428 BridgeMP - ok
08:39:13.0598 1428 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
08:39:13.0598 1428 Browser - ok
08:39:13.0614 1428 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:39:13.0614 1428 Brserid - ok
08:39:13.0645 1428 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:39:13.0645 1428 BrSerWdm - ok
08:39:13.0645 1428 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:39:13.0660 1428 BrUsbMdm - ok
08:39:13.0660 1428 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:39:13.0660 1428 BrUsbSer - ok
08:39:13.0676 1428 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:39:13.0692 1428 BTHMODEM - ok
08:39:13.0707 1428 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:39:13.0707 1428 bthserv - ok
08:39:13.0723 1428 catchme - ok
08:39:13.0754 1428 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:39:13.0754 1428 cdfs - ok
08:39:13.0770 1428 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:39:13.0785 1428 cdrom - ok
08:39:13.0801 1428 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
08:39:13.0801 1428 CertPropSvc - ok
08:39:13.0816 1428 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:39:13.0816 1428 circlass - ok
08:39:13.0832 1428 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:39:13.0848 1428 CLFS - ok
08:39:13.0910 1428 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:39:13.0910 1428 clr_optimization_v2.0.50727_32 - ok
08:39:13.0957 1428 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:39:13.0957 1428 clr_optimization_v2.0.50727_64 - ok
08:39:14.0050 1428 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:39:14.0050 1428 clr_optimization_v4.0.30319_32 - ok
08:39:14.0082 1428 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:39:14.0097 1428 clr_optimization_v4.0.30319_64 - ok
08:39:14.0113 1428 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:39:14.0113 1428 CmBatt - ok
08:39:14.0128 1428 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
08:39:14.0128 1428 cmdide - ok
08:39:14.0191 1428 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
08:39:14.0191 1428 CNG - ok
08:39:14.0222 1428 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:39:14.0222 1428 Compbatt - ok
08:39:14.0238 1428 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
08:39:14.0238 1428 CompositeBus - ok
08:39:14.0269 1428 COMSysApp - ok
08:39:14.0269 1428 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:39:14.0269 1428 crcdisk - ok
08:39:14.0316 1428 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:39:14.0316 1428 CryptSvc - ok
08:39:14.0347 1428 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
08:39:14.0362 1428 CSC - ok
08:39:14.0394 1428 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
08:39:14.0394 1428 CscService - ok
08:39:14.0425 1428 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:39:14.0440 1428 DcomLaunch - ok
08:39:14.0456 1428 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:39:14.0456 1428 defragsvc - ok
08:39:14.0487 1428 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:39:14.0487 1428 DfsC - ok
08:39:14.0518 1428 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
08:39:14.0518 1428 Dhcp - ok
08:39:14.0550 1428 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:39:14.0550 1428 discache - ok
08:39:14.0581 1428 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:39:14.0581 1428 Disk - ok
08:39:14.0612 1428 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:39:14.0612 1428 Dnscache - ok
08:39:14.0628 1428 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
08:39:14.0643 1428 dot3svc - ok
08:39:14.0659 1428 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
08:39:14.0659 1428 DPS - ok
08:39:14.0690 1428 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:39:14.0690 1428 drmkaud - ok
08:39:14.0721 1428 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:39:14.0737 1428 DXGKrnl - ok
08:39:14.0784 1428 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:39:14.0784 1428 EapHost - ok
08:39:14.0877 1428 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:39:14.0908 1428 ebdrv - ok
08:39:14.0940 1428 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
08:39:14.0940 1428 EFS - ok
08:39:15.0002 1428 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:39:15.0018 1428 ehRecvr - ok
08:39:15.0049 1428 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:39:15.0049 1428 ehSched - ok
08:39:15.0096 1428 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:39:15.0096 1428 elxstor - ok
08:39:15.0111 1428 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
08:39:15.0111 1428 ErrDev - ok
08:39:15.0158 1428 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:39:15.0158 1428 EventSystem - ok
08:39:15.0267 1428 [ 7EE9F35BC1DD0CE1A4976032F9AC5162 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
08:39:15.0283 1428 EvtEng - ok
08:39:15.0298 1428 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:39:15.0298 1428 exfat - ok
08:39:15.0314 1428 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:39:15.0314 1428 fastfat - ok
08:39:15.0330 1428 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
08:39:15.0330 1428 Fax - ok
08:39:15.0345 1428 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:39:15.0345 1428 fdc - ok
08:39:15.0361 1428 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:39:15.0361 1428 fdPHost - ok
08:39:15.0376 1428 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:39:15.0376 1428 FDResPub - ok
08:39:15.0376 1428 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:39:15.0376 1428 FileInfo - ok
08:39:15.0376 1428 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:39:15.0376 1428 Filetrace - ok
08:39:15.0408 1428 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:39:15.0408 1428 flpydisk - ok
08:39:15.0423 1428 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:39:15.0423 1428 FltMgr - ok
08:39:15.0486 1428 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
08:39:15.0501 1428 FontCache - ok
08:39:15.0532 1428 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:39:15.0532 1428 FontCache3.0.0.0 - ok
08:39:15.0548 1428 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:39:15.0548 1428 FsDepends - ok
08:39:15.0579 1428 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:39:15.0579 1428 Fs_Rec - ok
08:39:15.0626 1428 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:39:15.0626 1428 fvevol - ok
08:39:15.0657 1428 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:39:15.0673 1428 gagp30kx - ok
08:39:15.0704 1428 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
08:39:15.0704 1428 gpsvc - ok
08:39:15.0766 1428 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:39:15.0766 1428 gupdate - ok
08:39:15.0782 1428 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:39:15.0782 1428 gupdatem - ok
08:39:15.0813 1428 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:39:15.0829 1428 hcw85cir - ok
08:39:15.0860 1428 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:39:15.0876 1428 HdAudAddService - ok
08:39:15.0907 1428 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:39:15.0907 1428 HDAudBus - ok
08:39:15.0907 1428 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:39:15.0907 1428 HidBatt - ok
08:39:15.0922 1428 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:39:15.0922 1428 HidBth - ok
08:39:15.0922 1428 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:39:15.0922 1428 HidIr - ok
08:39:15.0969 1428 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:39:15.0969 1428 hidserv - ok
08:39:15.0985 1428 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:39:15.0985 1428 HidUsb - ok
08:39:16.0016 1428 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:39:16.0016 1428 hkmsvc - ok
08:39:16.0032 1428 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:39:16.0032 1428 HomeGroupListener - ok
08:39:16.0063 1428 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:39:16.0078 1428 HomeGroupProvider - ok
08:39:16.0110 1428 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
08:39:16.0110 1428 hpdskflt - ok
08:39:16.0125 1428 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
08:39:16.0125 1428 HpSAMD - ok
08:39:16.0156 1428 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
08:39:16.0156 1428 hpsrv - ok
08:39:16.0172 1428 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:39:16.0188 1428 HTTP - ok
08:39:16.0234 1428 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:39:16.0234 1428 hwpolicy - ok
08:39:16.0297 1428 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:39:16.0312 1428 i8042prt - ok
08:39:16.0359 1428 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
08:39:16.0359 1428 iaStor - ok
08:39:16.0422 1428 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
08:39:16.0422 1428 IAStorDataMgrSvc - ok
08:39:16.0468 1428 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:39:16.0468 1428 iaStorV - ok
08:39:16.0515 1428 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:39:16.0531 1428 idsvc - ok
08:39:16.0718 1428 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:39:16.0765 1428 igfx - ok
08:39:16.0812 1428 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:39:16.0812 1428 iirsp - ok
08:39:16.0890 1428 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
08:39:16.0890 1428 IKEEXT - ok
08:39:16.0952 1428 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
08:39:16.0952 1428 IntcDAud - ok
08:39:16.0952 1428 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
08:39:16.0952 1428 intelide - ok
08:39:17.0592 1428 [ 795C99DC4F574C97C03D0BB39CF099EE ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
08:39:17.0638 1428 intelkmd - ok
08:39:17.0654 1428 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:39:17.0654 1428 intelppm - ok
08:39:17.0701 1428 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:39:17.0701 1428 IPBusEnum - ok
08:39:17.0732 1428 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:39:17.0732 1428 IpFilterDriver - ok
08:39:17.0794 1428 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:39:17.0794 1428 iphlpsvc - ok
08:39:17.0810 1428 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
08:39:17.0810 1428 IPMIDRV - ok
08:39:17.0810 1428 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:39:17.0810 1428 IPNAT - ok
08:39:17.0841 1428 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:39:17.0841 1428 IRENUM - ok
08:39:17.0857 1428 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
08:39:17.0857 1428 isapnp - ok
08:39:17.0888 1428 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
08:39:17.0888 1428 iScsiPrt - ok
08:39:17.0904 1428 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:39:17.0904 1428 kbdclass - ok
08:39:17.0919 1428 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:39:17.0935 1428 kbdhid - ok
08:39:17.0935 1428 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
08:39:17.0950 1428 KeyIso - ok
08:39:17.0982 1428 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:39:17.0982 1428 KSecDD - ok
08:39:18.0028 1428 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:39:18.0028 1428 KSecPkg - ok
08:39:18.0044 1428 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:39:18.0044 1428 ksthunk - ok
08:39:18.0075 1428 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:39:18.0075 1428 KtmRm - ok
08:39:18.0106 1428 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:39:18.0122 1428 LanmanServer - ok
08:39:18.0138 1428 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:39:18.0138 1428 LanmanWorkstation - ok
08:39:18.0169 1428 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:39:18.0169 1428 lltdio - ok
08:39:18.0200 1428 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:39:18.0200 1428 lltdsvc - ok
08:39:18.0216 1428 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:39:18.0216 1428 lmhosts - ok
08:39:18.0262 1428 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:39:18.0262 1428 LSI_FC - ok
08:39:18.0262 1428 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:39:18.0262 1428 LSI_SAS - ok
08:39:18.0262 1428 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:39:18.0278 1428 LSI_SAS2 - ok
08:39:18.0278 1428 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:39:18.0278 1428 LSI_SCSI - ok
08:39:18.0294 1428 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:39:18.0294 1428 luafv - ok
08:39:18.0340 1428 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:39:18.0340 1428 MBAMProtector - ok
08:39:18.0434 1428 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:39:18.0450 1428 MBAMScheduler - ok
08:39:18.0512 1428 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:39:18.0528 1428 MBAMService - ok
08:39:18.0559 1428 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:39:18.0559 1428 Mcx2Svc - ok
08:39:18.0590 1428 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:39:18.0590 1428 megasas - ok
08:39:18.0621 1428 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:39:18.0621 1428 MegaSR - ok
08:39:18.0668 1428 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
08:39:18.0668 1428 MEIx64 - ok
08:39:18.0715 1428 Microsoft SharePoint Workspace Audit Service - ok
08:39:18.0746 1428 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:39:18.0746 1428 MMCSS - ok
08:39:18.0762 1428 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:39:18.0762 1428 Modem - ok
08:39:18.0793 1428 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:39:18.0793 1428 monitor - ok
08:39:18.0840 1428 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:39:18.0840 1428 mouclass - ok
08:39:18.0855 1428 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:39:18.0855 1428 mouhid - ok
08:39:18.0871 1428 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:39:18.0871 1428 mountmgr - ok
08:39:18.0886 1428 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
08:39:18.0886 1428 mpio - ok
08:39:18.0902 1428 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:39:18.0918 1428 mpsdrv - ok
08:39:18.0996 1428 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:39:18.0996 1428 MpsSvc - ok
08:39:19.0011 1428 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:39:19.0011 1428 MRxDAV - ok
08:39:19.0042 1428 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:39:19.0042 1428 mrxsmb - ok
08:39:19.0089 1428 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:39:19.0105 1428 mrxsmb10 - ok
08:39:19.0152 1428 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:39:19.0152 1428 mrxsmb20 - ok
08:39:19.0230 1428 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
08:39:19.0230 1428 msahci - ok
08:39:19.0261 1428 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
08:39:19.0261 1428 msdsm - ok
08:39:19.0292 1428 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:39:19.0292 1428 MSDTC - ok
08:39:19.0323 1428 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:39:19.0323 1428 Msfs - ok
08:39:19.0339 1428 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:39:19.0339 1428 mshidkmdf - ok
08:39:19.0354 1428 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
08:39:19.0354 1428 msisadrv - ok
08:39:19.0386 1428 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:39:19.0386 1428 MSiSCSI - ok
08:39:19.0401 1428 msiserver - ok
08:39:19.0432 1428 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:39:19.0432 1428 MSKSSRV - ok
08:39:19.0432 1428 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:39:19.0432 1428 MSPCLOCK - ok
08:39:19.0448 1428 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:39:19.0448 1428 MSPQM - ok
08:39:19.0464 1428 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:39:19.0464 1428 MsRPC - ok
08:39:19.0479 1428 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:39:19.0479 1428 mssmbios - ok
08:39:19.0495 1428 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:39:19.0495 1428 MSTEE - ok
08:39:19.0510 1428 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:39:19.0510 1428 MTConfig - ok
08:39:19.0510 1428 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:39:19.0510 1428 Mup - ok
08:39:19.0542 1428 [ 0CF5580F27918FFD2E165ECAFA734103 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
08:39:19.0542 1428 MyWiFiDHCPDNS - ok
08:39:19.0573 1428 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
08:39:19.0588 1428 napagent - ok
08:39:19.0620 1428 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:39:19.0620 1428 NativeWifiP - ok
08:39:19.0635 1428 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
08:39:19.0651 1428 NDIS - ok
08:39:19.0651 1428 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:39:19.0651 1428 NdisCap - ok
08:39:19.0666 1428 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:39:19.0666 1428 NdisTapi - ok
08:39:19.0682 1428 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:39:19.0682 1428 Ndisuio - ok
08:39:19.0698 1428 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:39:19.0698 1428 NdisWan - ok
08:39:19.0713 1428 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:39:19.0713 1428 NDProxy - ok
08:39:19.0729 1428 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:39:19.0729 1428 NetBIOS - ok
08:39:19.0744 1428 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:39:19.0744 1428 NetBT - ok
08:39:19.0760 1428 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
08:39:19.0760 1428 Netlogon - ok
08:39:19.0791 1428 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:39:19.0807 1428 Netman - ok
08:39:19.0807 1428 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:39:19.0822 1428 netprofm - ok
08:39:19.0885 1428 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:39:19.0885 1428 NetTcpPortSharing - ok
08:39:20.0384 1428 [ B9C587BDAA61A689883439D5AE6FE7F3 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
08:39:20.0415 1428 NETwNs64 - ok
08:39:20.0478 1428 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:39:20.0478 1428 nfrd960 - ok
08:39:20.0524 1428 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:39:20.0524 1428 NlaSvc - ok
08:39:20.0571 1428 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:39:20.0571 1428 Npfs - ok
08:39:20.0571 1428 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:39:20.0587 1428 nsi - ok
08:39:20.0602 1428 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:39:20.0602 1428 nsiproxy - ok
08:39:20.0665 1428 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:39:20.0665 1428 Ntfs - ok
08:39:20.0680 1428 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:39:20.0680 1428 Null - ok
08:39:20.0727 1428 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
08:39:20.0727 1428 nusb3hub - ok
08:39:20.0743 1428 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
08:39:20.0743 1428 nusb3xhc - ok
08:39:20.0774 1428 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:39:20.0774 1428 nvraid - ok
08:39:20.0805 1428 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:39:20.0805 1428 nvstor - ok
08:39:20.0821 1428 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
08:39:20.0821 1428 nv_agp - ok
08:39:20.0836 1428 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
08:39:20.0836 1428 ohci1394 - ok
08:39:20.0899 1428 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:39:20.0899 1428 ose - ok
08:39:21.0008 1428 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:39:21.0055 1428 osppsvc - ok
08:39:21.0070 1428 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:39:21.0070 1428 p2pimsvc - ok
08:39:21.0102 1428 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:39:21.0102 1428 p2psvc - ok
08:39:21.0117 1428 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:39:21.0117 1428 Parport - ok
08:39:21.0148 1428 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:39:21.0148 1428 partmgr - ok
08:39:21.0164 1428 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:39:21.0180 1428 PcaSvc - ok
08:39:21.0195 1428 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
08:39:21.0195 1428 pci - ok
08:39:21.0195 1428 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
08:39:21.0195 1428 pciide - ok
08:39:21.0211 1428 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:39:21.0211 1428 pcmcia - ok
08:39:21.0226 1428 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:39:21.0226 1428 pcw - ok
08:39:21.0242 1428 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:39:21.0242 1428 PEAUTH - ok
08:39:21.0273 1428 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
08:39:21.0273 1428 PeerDistSvc - ok
08:39:21.0367 1428 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:39:21.0367 1428 PerfHost - ok
08:39:21.0445 1428 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
08:39:21.0460 1428 pla - ok
08:39:21.0523 1428 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:39:21.0523 1428 PlugPlay - ok
08:39:21.0538 1428 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:39:21.0538 1428 PNRPAutoReg - ok
08:39:21.0570 1428 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:39:21.0570 1428 PNRPsvc - ok
08:39:21.0601 1428 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:39:21.0616 1428 PolicyAgent - ok
08:39:21.0663 1428 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:39:21.0663 1428 Power - ok
08:39:21.0694 1428 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:39:21.0694 1428 PptpMiniport - ok
08:39:21.0710 1428 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:39:21.0710 1428 Processor - ok
08:39:21.0741 1428 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
08:39:21.0757 1428 ProfSvc - ok
08:39:21.0772 1428 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:39:21.0772 1428 ProtectedStorage - ok
08:39:21.0804 1428 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:39:21.0819 1428 Psched - ok
08:39:21.0866 1428 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:39:21.0882 1428 ql2300 - ok
08:39:21.0882 1428 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:39:21.0897 1428 ql40xx - ok
08:39:21.0928 1428 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:39:21.0944 1428 QWAVE - ok
08:39:21.0991 1428 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:39:21.0991 1428 QWAVEdrv - ok
08:39:21.0991 1428 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:39:21.0991 1428 RasAcd - ok
08:39:22.0022 1428 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:39:22.0022 1428 RasAgileVpn - ok
08:39:22.0038 1428 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:39:22.0038 1428 RasAuto - ok
08:39:22.0053 1428 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:39:22.0053 1428 Rasl2tp - ok
08:39:22.0069 1428 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
08:39:22.0084 1428 RasMan - ok
08:39:22.0084 1428 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:39:22.0084 1428 RasPppoe - ok
08:39:22.0100 1428 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:39:22.0100 1428 RasSstp - ok
08:39:22.0116 1428 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:39:22.0116 1428 rdbss - ok
08:39:22.0131 1428 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:39:22.0131 1428 rdpbus - ok
08:39:22.0147 1428 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:39:22.0147 1428 RDPCDD - ok
08:39:22.0162 1428 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
08:39:22.0162 1428 RDPDR - ok
08:39:22.0178 1428 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:39:22.0178 1428 RDPENCDD - ok
08:39:22.0178 1428 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:39:22.0178 1428 RDPREFMP - ok
08:39:22.0209 1428 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:39:22.0209 1428 RDPWD - ok
08:39:22.0225 1428 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:39:22.0225 1428 rdyboost - ok
08:39:22.0287 1428 [ AA9FD849C028CCB441A78061B57DB734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
08:39:22.0303 1428 RegSrvc - ok
08:39:22.0334 1428 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:39:22.0334 1428 RemoteAccess - ok
08:39:22.0381 1428 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:39:22.0381 1428 RemoteRegistry - ok
08:39:22.0396 1428 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:39:22.0396 1428 RpcEptMapper - ok
08:39:22.0428 1428 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:39:22.0428 1428 RpcLocator - ok
08:39:22.0443 1428 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
08:39:22.0459 1428 RpcSs - ok
08:39:22.0490 1428 [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
08:39:22.0490 1428 RSPCIESTOR - ok
08:39:22.0521 1428 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:39:22.0521 1428 rspndr - ok
08:39:22.0552 1428 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:39:22.0552 1428 RTL8167 - ok
08:39:22.0568 1428 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
08:39:22.0568 1428 s3cap - ok
08:39:22.0584 1428 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
08:39:22.0584 1428 SamSs - ok
08:39:22.0677 1428 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
08:39:22.0677 1428 SASDIFSV - ok
08:39:22.0708 1428 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
08:39:22.0724 1428 SASKUTIL - ok
08:39:22.0740 1428 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
08:39:22.0740 1428 sbp2port - ok
08:39:22.0771 1428 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:39:22.0771 1428 SCardSvr - ok
08:39:22.0786 1428 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:39:22.0786 1428 scfilter - ok
08:39:22.0974 1428 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
08:39:22.0989 1428 Schedule - ok
08:39:23.0036 1428 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:39:23.0052 1428 SCPolicySvc - ok
08:39:23.0067 1428 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:39:23.0067 1428 SDRSVC - ok
08:39:23.0114 1428 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:39:23.0114 1428 secdrv - ok
08:39:23.0130 1428 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
08:39:23.0145 1428 seclogon - ok
08:39:23.0161 1428 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
08:39:23.0161 1428 SENS - ok
08:39:23.0176 1428 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:39:23.0176 1428 SensrSvc - ok
08:39:23.0192 1428 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:39:23.0192 1428 Serenum - ok
08:39:23.0223 1428 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:39:23.0223 1428 Serial - ok
08:39:23.0239 1428 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:39:23.0239 1428 sermouse - ok
08:39:23.0254 1428 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
08:39:23.0254 1428 SessionEnv - ok
08:39:23.0270 1428 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
08:39:23.0270 1428 sffdisk - ok
08:39:23.0270 1428 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
08:39:23.0270 1428 sffp_mmc - ok
08:39:23.0286 1428 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
08:39:23.0286 1428 sffp_sd - ok
08:39:23.0286 1428 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:39:23.0286 1428 sfloppy - ok
08:39:23.0332 1428 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:39:23.0332 1428 SharedAccess - ok
08:39:23.0364 1428 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:39:23.0379 1428 ShellHWDetection - ok
08:39:23.0379 1428 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:39:23.0379 1428 SiSRaid2 - ok
08:39:23.0395 1428 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:39:23.0395 1428 SiSRaid4 - ok
08:39:23.0410 1428 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:39:23.0410 1428 Smb - ok
08:39:23.0442 1428 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:39:23.0442 1428 SNMPTRAP - ok
08:39:23.0442 1428 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:39:23.0442 1428 spldr - ok
08:39:23.0504 1428 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
08:39:23.0520 1428 Spooler - ok
08:39:23.0691 1428 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
08:39:23.0722 1428 sppsvc - ok
08:39:23.0738 1428 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:39:23.0738 1428 sppuinotify - ok
08:39:23.0800 1428 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:39:23.0800 1428 srv - ok
08:39:23.0941 1428 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:39:23.0941 1428 srv2 - ok
08:39:23.0972 1428 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:39:23.0972 1428 srvnet - ok
08:39:24.0003 1428 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:39:24.0003 1428 SSDPSRV - ok
08:39:24.0019 1428 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:39:24.0019 1428 SstpSvc - ok
08:39:24.0034 1428 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:39:24.0034 1428 stexstor - ok
08:39:24.0081 1428 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
08:39:24.0081 1428 stisvc - ok
08:39:24.0097 1428 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
08:39:24.0112 1428 storflt - ok
08:39:24.0128 1428 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
08:39:24.0128 1428 StorSvc - ok
08:39:24.0128 1428 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
08:39:24.0128 1428 storvsc - ok
08:39:24.0144 1428 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:39:24.0144 1428 swenum - ok
08:39:24.0175 1428 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:39:24.0175 1428 swprv - ok
08:39:24.0222 1428 [ 33E6A285DAA5134D8EA2247914C86C09 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:39:24.0237 1428 SynTP - ok
08:39:24.0268 1428 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
08:39:24.0300 1428 SysMain - ok
08:39:24.0331 1428 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:39:24.0331 1428 TabletInputService - ok
08:39:24.0362 1428 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
08:39:24.0362 1428 TapiSrv - ok
08:39:24.0378 1428 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:39:24.0378 1428 TBS - ok
08:39:24.0424 1428 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:39:24.0440 1428 Tcpip - ok
08:39:24.0487 1428 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:39:24.0502 1428 TCPIP6 - ok
08:39:24.0518 1428 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:39:24.0518 1428 tcpipreg - ok
08:39:24.0534 1428 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:39:24.0534 1428 TDPIPE - ok
08:39:24.0565 1428 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:39:24.0565 1428 TDTCP - ok
08:39:24.0580 1428 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:39:24.0580 1428 tdx - ok
08:39:24.0596 1428 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:39:24.0596 1428 TermDD - ok
08:39:24.0612 1428 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
08:39:24.0627 1428 TermService - ok
08:39:24.0627 1428 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:39:24.0643 1428 Themes - ok
08:39:24.0658 1428 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:39:24.0658 1428 THREADORDER - ok
08:39:24.0674 1428 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:39:24.0674 1428 TrkWks - ok
08:39:24.0721 1428 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:39:24.0721 1428 TrustedInstaller - ok
08:39:24.0736 1428 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:39:24.0736 1428 tssecsrv - ok
08:39:24.0752 1428 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:39:24.0752 1428 tunnel - ok
08:39:24.0768 1428 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:39:24.0768 1428 uagp35 - ok
08:39:24.0783 1428 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:39:24.0799 1428 udfs - ok
08:39:24.0799 1428 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:39:24.0814 1428 UI0Detect - ok
08:39:24.0814 1428 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
08:39:24.0814 1428 uliagpkx - ok
08:39:24.0846 1428 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:39:24.0846 1428 umbus - ok
08:39:24.0846 1428 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:39:24.0846 1428 UmPass - ok
08:39:24.0861 1428 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
08:39:24.0861 1428 UmRdpService - ok
08:39:24.0877 1428 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:39:24.0877 1428 upnphost - ok
08:39:24.0924 1428 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:39:24.0924 1428 usbccgp - ok
08:39:24.0939 1428 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
08:39:24.0939 1428 usbcir - ok
08:39:24.0939 1428 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:39:24.0939 1428 usbehci - ok
08:39:24.0955 1428 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:39:24.0955 1428 usbhub - ok
08:39:24.0986 1428 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:39:24.0986 1428 usbohci - ok
08:39:25.0002 1428 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:39:25.0002 1428 usbprint - ok
08:39:25.0033 1428 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:39:25.0033 1428 USBSTOR - ok
08:39:25.0048 1428 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:39:25.0048 1428 usbuhci - ok
08:39:25.0095 1428 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:39:25.0095 1428 usbvideo - ok
08:39:25.0126 1428 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:39:25.0142 1428 UxSms - ok
08:39:25.0142 1428 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
08:39:25.0158 1428 VaultSvc - ok
08:39:25.0173 1428 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
08:39:25.0173 1428 vdrvroot - ok
08:39:25.0204 1428 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
08:39:25.0204 1428 vds - ok
08:39:25.0220 1428 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:39:25.0220 1428 vga - ok
08:39:25.0236 1428 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:39:25.0236 1428 VgaSave - ok
08:39:25.0251 1428 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
08:39:25.0251 1428 vhdmp - ok
08:39:25.0267 1428 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
08:39:25.0267 1428 viaide - ok
08:39:25.0282 1428 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
08:39:25.0282 1428 vmbus - ok
08:39:25.0282 1428 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
08:39:25.0282 1428 VMBusHID - ok
08:39:25.0298 1428 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
08:39:25.0298 1428 volmgr - ok
08:39:25.0314 1428 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:39:25.0314 1428 volmgrx - ok
08:39:25.0314 1428 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
08:39:25.0314 1428 volsnap - ok
08:39:25.0345 1428 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:39:25.0345 1428 vsmraid - ok
08:39:25.0407 1428 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
08:39:25.0423 1428 VSS - ok
08:39:25.0438 1428 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:39:25.0438 1428 vwifibus - ok
08:39:25.0454 1428 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:39:25.0454 1428 vwififlt - ok
08:39:25.0470 1428 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
08:39:25.0470 1428 vwifimp - ok
08:39:25.0485 1428 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:39:25.0485 1428 W32Time - ok
08:39:25.0485 1428 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:39:25.0485 1428 WacomPen - ok
08:39:25.0501 1428 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:39:25.0516 1428 WANARP - ok
08:39:25.0516 1428 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:39:25.0516 1428 Wanarpv6 - ok
08:39:25.0579 1428 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:39:25.0579 1428 WatAdminSvc - ok
08:39:25.0626 1428 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
08:39:25.0641 1428 wbengine - ok
08:39:25.0657 1428 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:39:25.0657 1428 WbioSrvc - ok
08:39:25.0688 1428 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:39:25.0688 1428 wcncsvc - ok
08:39:25.0704 1428 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:39:25.0704 1428 WcsPlugInService - ok
08:39:25.0719 1428 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:39:25.0719 1428 Wd - ok
08:39:25.0750 1428 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:39:25.0750 1428 Wdf01000 - ok
08:39:25.0750 1428 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:39:25.0750 1428 WdiServiceHost - ok
08:39:25.0750 1428 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:39:25.0766 1428 WdiSystemHost - ok
08:39:25.0797 1428 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
08:39:25.0797 1428 WebClient - ok
08:39:25.0813 1428 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:39:25.0813 1428 Wecsvc - ok
08:39:25.0828 1428 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:39:25.0828 1428 wercplsupport - ok
08:39:25.0844 1428 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:39:25.0844 1428 WerSvc - ok
08:39:25.0860 1428 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:39:25.0860 1428 WfpLwf - ok
08:39:25.0875 1428 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:39:25.0875 1428 WIMMount - ok
08:39:25.0906 1428 WinDefend - ok
08:39:25.0906 1428 WinHttpAutoProxySvc - ok
08:39:25.0984 1428 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:39:25.0984 1428 Winmgmt - ok
08:39:26.0062 1428 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
08:39:26.0078 1428 WinRM - ok
08:39:26.0125 1428 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
08:39:26.0125 1428 WinUsb - ok
08:39:26.0172 1428 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:39:26.0187 1428 Wlansvc - ok
08:39:26.0218 1428 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
08:39:26.0218 1428 WmiAcpi - ok
08:39:26.0234 1428 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:39:26.0234 1428 wmiApSrv - ok
08:39:26.0265 1428 WMPNetworkSvc - ok
08:39:26.0281 1428 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:39:26.0281 1428 WPCSvc - ok
08:39:26.0296 1428 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:39:26.0296 1428 WPDBusEnum - ok
08:39:26.0312 1428 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:39:26.0312 1428 ws2ifsl - ok
08:39:26.0359 1428 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
08:39:26.0374 1428 wscsvc - ok
08:39:26.0374 1428 WSearch - ok
08:39:26.0452 1428 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:39:26.0468 1428 wuauserv - ok
08:39:26.0484 1428 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:39:26.0484 1428 WudfPf - ok
08:39:26.0499 1428 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:39:26.0499 1428 WUDFRd - ok
08:39:26.0515 1428 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:39:26.0515 1428 wudfsvc - ok
08:39:26.0530 1428 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:39:26.0530 1428 WwanSvc - ok
08:39:26.0546 1428 ================ Scan global ===============================
08:39:26.0577 1428 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:39:26.0608 1428 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
08:39:26.0640 1428 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
08:39:26.0655 1428 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:39:26.0686 1428 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:39:26.0686 1428 [Global] - ok
08:39:26.0686 1428 ================ Scan MBR ==================================
08:39:26.0686 1428 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:39:26.0998 1428 \Device\Harddisk0\DR0 - ok
08:39:26.0998 1428 ================ Scan VBR ==================================
08:39:26.0998 1428 [ C0D5092E178D85B0F7C84759E121C65A ] \Device\Harddisk0\DR0\Partition1
08:39:26.0998 1428 \Device\Harddisk0\DR0\Partition1 - ok
08:39:27.0045 1428 [ 33F9C6525133F8E9F6408E619A8065F2 ] \Device\Harddisk0\DR0\Partition2
08:39:27.0045 1428 \Device\Harddisk0\DR0\Partition2 - ok
08:39:27.0045 1428 ============================================================
08:39:27.0045 1428 Scan finished
08:39:27.0045 1428 ============================================================
08:39:27.0061 5204 Detected object count: 0
08:39:27.0061 5204 Actual detected object count: 0
08:41:10.0687 4608 Deinitialize success


aswMBR Log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-12 08:44:58
-----------------------------
08:44:58.276 OS Version: Windows x64 6.1.7600
08:44:58.276 Number of processors: 4 586 0x2A07
08:44:58.276 ComputerName: KIRK-LAPTOP UserName: Kirk
08:44:59.212 Initialize success
08:46:05.025 AVAST engine defs: 12091200
08:46:36.241 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:46:36.256 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
08:46:36.272 Disk 0 MBR read successfully
08:46:36.272 Disk 0 MBR scan
08:46:36.287 Disk 0 Windows 7 default MBR code
08:46:36.319 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:46:36.334 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
08:46:36.443 Disk 0 scanning C:\Windows\system32\drivers
08:46:56.646 Service scanning
08:47:18.644 Modules scanning
08:47:18.659 Disk 0 trace - called modules:
08:47:18.690 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
08:47:18.690 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800802a060]
08:47:18.706 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> [0xfffffa8007e52b10]
08:47:18.706 5 hpdskflt.sys[fffff880017f3189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007d49050]
08:47:21.748 AVAST engine scan C:\Windows
08:47:24.306 AVAST engine scan C:\Windows\system32
08:49:40.556 AVAST engine scan C:\Windows\system32\drivers
08:49:47.576 AVAST engine scan C:\Users\Kirk
08:50:31.115 AVAST engine scan C:\ProgramData
08:51:15.248 Scan finished successfully
08:58:48.795 Disk 0 MBR has been saved successfully to "C:\Users\Kirk\Desktop\MBR.dat"
08:58:48.795 The log file has been saved successfully to "C:\Users\Kirk\Desktop\aswMBR.txt"


ESET Log

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=b6437c656bf8c9438e38a0067dc6b858
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-11 08:24:15
# local_time=2012-09-11 04:24:15 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5893 16776573 100 94 0 98936489 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=142005
# found=2
# cleaned=2
# scan_time=2016
C:\Program Files (x86)\Windows Movie Maker\toolbar\solidyoutube-hybrid.exe Win32/Somoto application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Kirk\Downloads\old\windows-movie-maker.exe Win32/Somoto application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=b6437c656bf8c9438e38a0067dc6b858
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-12 01:34:56
# local_time=2012-09-12 09:34:56 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5893 16776573 100 94 0 98998295 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=145137
# found=0
# cleaned=0
# scan_time=2051

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:43 AM

Posted 12 September 2012 - 08:53 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#3 Vapor187

Vapor187
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 12 September 2012 - 01:15 PM

Ok Here they are

ADW Cleaner Log
# AdwCleaner v2.001 - Logfile created 09/12/2012 at 13:58:52
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Professional (64 bits)
# User : Kirk - KIRK-LAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Kirk\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [1088 octets] - [11/09/2012 14:45:40]
AdwCleaner[S2].txt - [568 octets] - [12/09/2012 13:58:52]

########## EOF - C:\AdwCleaner[S2].txt - [627 octets] ##########


FSS Log
Ran by Kirk (administrator) on 12-09-2012 at 13:57:37
Running from "C:\Users\Kirk\Downloads"
Microsoft Windows 7 Professional (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-14 17:40] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-13 20:22] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-17 20:59] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


MBAM Log
Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.12.05

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Kirk :: KIRK-LAPTOP [administrator]

Protection: Enabled

9/12/2012 1:29:24 PM
mbam-log-2012-09-12 (13-29-24).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 339308
Time elapsed: 25 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Mini Toolbox Log

MiniToolBox by Farbar Version: 23-07-2012
Ran by Kirk (administrator) on 12-09-2012 at 13:56:22
Microsoft Windows 7 Professional (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 6150 = Wireless Network Connection (Connected)
Intel® Centrino® WiMAX 6150 = Local Area Connection 2 (Media disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 4 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 5 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Kirk-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 5:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #4
Physical Address. . . . . . . . . : 40-25-C2-48-5F-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #3
Physical Address. . . . . . . . . : 40-25-C2-48-5F-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 6150
Physical Address. . . . . . . . . : 40-25-C2-48-5F-48
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::25ab:53f1:c0a4:5b96%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.125(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, September 11, 2012 4:29:31 PM
Lease Expires . . . . . . . . . . : Thursday, September 13, 2012 1:50:24 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 406857154
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-FB-C3-78-40-25-C2-48-5F-48
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6150
Physical Address. . . . . . . . . : 64-D4-DA-5A-CE-33
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : columbus.rr.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 10-1F-74-11-94-53
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:3467:110d:3f57:fe82(Preferred)
Link-local IPv6 Address . . . . . : fe80::3467:110d:3f57:fe82%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C68231DB-6387-417B-9CF2-9572AD789FDA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Cisco03409
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:800::1001
173.194.43.40
173.194.43.37
173.194.43.32
173.194.43.41
173.194.43.36
173.194.43.34
173.194.43.39
173.194.43.35
173.194.43.46
173.194.43.38
173.194.43.33


Pinging google.com [173.194.43.33] with 32 bytes of data:
Reply from 173.194.43.33: bytes=32 time=47ms TTL=54
Reply from 173.194.43.33: bytes=32 time=48ms TTL=54

Ping statistics for 173.194.43.33:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 47ms, Maximum = 48ms, Average = 47ms
Server: Cisco03409
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=84ms TTL=51
Reply from 98.138.253.109: bytes=32 time=60ms TTL=51

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 60ms, Maximum = 84ms, Average = 72ms
Server: Cisco03409
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 5ms, Average = 4ms
===========================================================================
Interface List
17...40 25 c2 48 5f 49 ......Microsoft Virtual WiFi Miniport Adapter #4
16...40 25 c2 48 5f 49 ......Microsoft Virtual WiFi Miniport Adapter #3
15...40 25 c2 48 5f 48 ......Intel® Centrino® Wireless-N 6150
14...64 d4 da 5a ce 33 ......Intel® Centrino® WiMAX 6150
13...10 1f 74 11 94 53 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.125 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.125 281
192.168.1.125 255.255.255.255 On-link 192.168.1.125 281
192.168.1.255 255.255.255.255 On-link 192.168.1.125 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.125 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.125 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 58 ::/0 On-link
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:9d38:6ab8:3467:110d:3f57:fe82/128
On-link
15 281 fe80::/64 On-link
19 306 fe80::/64 On-link
15 281 fe80::25ab:53f1:c0a4:5b96/128
On-link
19 306 fe80::3467:110d:3f57:fe82/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 04 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 26 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 27 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/12/2012 09:58:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/12/2012 09:58:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/12/2012 09:58:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/12/2012 09:58:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/12/2012 09:58:14 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/12/2012 09:58:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/12/2012 09:57:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/12/2012 09:37:54 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/12/2012 09:37:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/12/2012 09:07:05 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16448, time stamp: 0x4fecf1b7
Faulting module name: ws2_32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb4a
Exception code: 0xc0000005
Fault offset: 0x00006f59
Faulting process id: 0x17e4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3


System errors:
=============
Error: (09/11/2012 03:12:23 PM) (Source: Service Control Manager) (User: )
Description: The ArcSoft Connect Daemon service terminated unexpectedly. It has done this 1 time(s).

Error: (09/11/2012 02:00:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\IWMSSvc.dll
Error Code: 21

Error: (09/11/2012 02:00:29 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/11/2012 02:00:29 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/11/2012 02:00:26 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/11/2012 02:00:18 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
discache
SASDIFSV
SASKUTIL
spldr
Wanarpv6

Error: (09/11/2012 02:00:19 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/11/2012 02:00:13 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/11/2012 01:14:04 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (09/11/2012 01:12:12 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.


Microsoft Office Sessions:
=========================
Error: (09/12/2012 09:58:18 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\Users\Kirk\downloads\esetsmartinstaller_enu.exe

Error: (09/12/2012 09:58:17 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\Users\Kirk\Desktop\esetsmartinstaller_enu.exe

Error: (09/12/2012 09:58:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\Users\Kirk\downloads\esetsmartinstaller_enu.exe

Error: (09/12/2012 09:58:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\Users\Kirk\Desktop\esetsmartinstaller_enu.exe

Error: (09/12/2012 09:58:14 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\Users\Kirk\downloads\esetsmartinstaller_enu.exe

Error: (09/12/2012 09:58:12 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\Users\Kirk\downloads\esetsmartinstaller_enu.exe

Error: (09/12/2012 09:57:13 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/12/2012 09:37:54 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/12/2012 09:37:13 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kirk\Downloads\esetsmartinstaller_enu.exe

Error: (09/12/2012 09:07:05 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164484fecf1b7ws2_32.dll6.1.7600.163854a5bdb4ac000000500006f5917e401cd90e780d8b935C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\syswow64\ws2_32.dllbfc1db19-fcda-11e1-9588-101f74119453


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader 9.5.1 (Version: 9.5.1)
ArcSoft MediaImpression for Kodak (Version: 2.0.24.1127)
ATI Catalyst Install Manager (Version: 3.0.816.0)
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Editor 6
AVS Video Recorder 2.4
AVS4YOU Software Navigator 1.4
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0412.2341.40734)
Catalyst Control Center Graphics Previews Common (Version: 2011.0412.2341.40734)
Catalyst Control Center InstallProxy (Version: 2011.0412.2341.40734)
Catalyst Control Center Localization All (Version: 2011.0412.2341.40734)
Catalyst Control Center Profiles Mobile (Version: 2011.0412.2341.40734)
ccc-utility64 (Version: 2011.0412.2341.40734)
CCC Help Chinese Standard (Version: 2011.0412.2340.40734)
CCC Help Chinese Traditional (Version: 2011.0412.2340.40734)
CCC Help Czech (Version: 2011.0412.2340.40734)
CCC Help Danish (Version: 2011.0412.2340.40734)
CCC Help Dutch (Version: 2011.0412.2340.40734)
CCC Help English (Version: 2011.0412.2340.40734)
CCC Help Finnish (Version: 2011.0412.2340.40734)
CCC Help French (Version: 2011.0412.2340.40734)
CCC Help German (Version: 2011.0412.2340.40734)
CCC Help Greek (Version: 2011.0412.2340.40734)
CCC Help Hungarian (Version: 2011.0412.2340.40734)
CCC Help Italian (Version: 2011.0412.2340.40734)
CCC Help Japanese (Version: 2011.0412.2340.40734)
CCC Help Korean (Version: 2011.0412.2340.40734)
CCC Help Norwegian (Version: 2011.0412.2340.40734)
CCC Help Polish (Version: 2011.0412.2340.40734)
CCC Help Portuguese (Version: 2011.0412.2340.40734)
CCC Help Russian (Version: 2011.0412.2340.40734)
CCC Help Spanish (Version: 2011.0412.2340.40734)
CCC Help Swedish (Version: 2011.0412.2340.40734)
CCC Help Thai (Version: 2011.0412.2340.40734)
CCC Help Turkish (Version: 2011.0412.2340.40734)
CCleaner (Version: 3.22)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ESET Online Scanner v3
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
Intel PROSet Wireless
Intel® Display Audio Driver (Version: 6.14.00.3074)
Intel® PROSet/Wireless WiFi Software (Version: 14.0.2000)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
Intel® PROSet/Wireless WiMAX Software (Version: 6.02.1000)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 27 (Version: 6.0.270)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PX Profile Update (Version: 1.00.1.)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
StockMarketEye
SUPERAntiSpyware (Version: 5.0.1150)
Synaptics Pointing Device Driver (Version: 15.2.4.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Validity WBF DDK (Version: 4.3.205.0)
Windows Movie Maker 6.1
XnView 1.98.2 (Version: 1.98.2)

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 8139.86 MB
Available physical RAM: 5418.42 MB
Total Pagefile: 16277.86 MB
Available Pagefile: 13215.38 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.28 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:297.99 GB) (Free:245.63 GB) NTFS

========================= Users: ========================================

User accounts for \\KIRK-LAPTOP

Administrator Guest Kirk


**** End of log ****

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:43 AM

Posted 12 September 2012 - 10:18 PM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#5 Vapor187

Vapor187
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 13 September 2012 - 07:30 AM

Alright the first time I ran RKill I got a BSOD computer rebooted and was able to run it with out issue

RKill Log
Rkill 2.3.14 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/13/2012 08:23:28 AM in x64 mode.
Windows Version: Windows 7 Professional

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/13/2012 08:23:41 AM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)


AutoRuns Log
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelWireless" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "IntelWirelessWiMAX" "Intel® PROSet/Wireless WiMAX Connection Utility" "Intel® Corporation" "c:\program files\intel\wimax\bin\wimaxcu.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "ArcSoft Connection Service" "ArcSoft Connect Daemon" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\connection service\bin\acdaemon.exe"
+ "ArcSoft MediaImpression Monitor" "ArcMonitor" "ArcSoft, Inc." "c:\program files (x86)\kodak\mediaimpression\arcmonitor.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "NUSB3MON" "USB 3.0 Monitor" "Renesas Electronics Corporation" "c:\program files (x86)\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "Afc" "Arcsoft® ASPI Shell" "Arcsoft, Inc." "c:\windows\syswow64\drivers\afc.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "bpenum" "Intel® WiMax Link 5050 Series Enumerator" "Intel Corporation" "c:\windows\system32\drivers\bpenum.sys"
+ "bpmp" "Intel® WiMax Link 5050 Series Driver" "Intel Corporation" "c:\windows\system32\drivers\bpmp.sys"
+ "bpusb" "Intel® WiMax Link 5050 Series Function Driver" "Intel Corporation" "c:\windows\system32\drivers\bpusb.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
X "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "intelkmd" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdpmd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSPCIESTOR" "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtspstor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ArcGetDataSample" "ArcGetDataSample" "arcsoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\arcgetdatasample.ax"
+ "ArcPutDataSample" "ArcGetDataSample" "ArcSoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\arcputdatasample.ax"
+ "ArcSoft AAC Encoder" "AACEncoder" "ArcSoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\aacencoder.ax"
+ "ArcSoft Audio Decoder HD" "ArcSoft Audio Decoder" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\asaudiohd.ax"
+ "ArcSoft Avi Writer Filter" "ArcSoft AVI Writer Filter" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\uaviwriter.ax"
+ "ArcSoft Filter Bridge" "" "" "c:\program files (x86)\common files\arcsoft\mpeg engine\filterbridge.ax"
+ "Arcsoft LPCM Decoder" "LPCM Decoder" "ArcSoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\lpcmdec.ax"
+ "ArcSoft MJPEG Decoder Filter" "ArcSoft MJPEG Decoder" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\asmjpegdecoder.ax"
+ "Arcsoft MJPEG Encoder Filter" "ArcSoft MJPEG Encoder" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\asmjpegencoder.ax"
+ "ArcSoft MP4 Splitter" "ArcSoft MP4 Splitter Filter" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\mp4splitter.ax"
+ "ArcSoft MP4Muxer" "ArcSoft MP4 Muxer Filter " "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\mp4muxer.ax"
+ "ArcSoft MPEG Audio Decoder" "ArcSoft Audio Decoder" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\mpgaudio.ax"
+ "ArcSoft Mpeg Encoder Filter" "" "ArcSoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\arcmpegcodec.ax"
+ "ArcSoft Mpeg Mplex Filter" "MplexFilter" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\arcmplexfilter.ax"
+ "Arcsoft Mpeg Mplex Filter" "MplexFilter" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\mplexfilter.ax"
+ "ArcSoft MPEG Splitter" "MPGSplitter Filter" "ArcSoft, Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\arcspl.ax"
+ "ArcSoft Mux Filter" "ArcSoft Mux Filter" "ArcSoft, Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\arcmuxfilter.ax"
+ "Arcsoft Mux Filter" "IAXMux library" "Arcsoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\asmuxfilter.ax"
+ "ArcSoft Realtime Capture Encoder Filter" "Arc Real time Capture Encoder Filter" "Arcsoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\arccaptureencoder.ax"
+ "ArcSoft Source Buffer Filter" "Device Source Buffer Filter" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\srcbuffer.ax"
+ "ArcSoft TS Stream" "ArcSoft Mpeg Demux" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\arcdemux.ax"
+ "ArcSoft Video Decoder" "ArcSoft Video Decoder Check" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\asvid.ax"
+ "ArcSoft Video Encoder Pro" "ArcSoft Video Encoder Filter Pro" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\asvencoderpro.ax"
+ "ArcSoft WMV/ASF Splitter" "ArcWmvSpl" "ArcSoft, Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\arcwmvspl.ax"
+ "ATI Media Center Audio Encoder" "ATI Media Center Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\atimcenc.dll"
+ "ATI Media Center Multiplexer" "ATI Media Center Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\atimcenc.dll"
+ "ATI Media Center Video Encoder" "ATI Media Center Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\atimcenc.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\atimpenc.dll"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\atimpenc.dll"
+ "AVS Video Out" "AVSVideoOutFilter DirectShow Filter" "Online Media Technologies Ltd" "c:\program files (x86)\common files\avsmedia\activex\avsvideooutfilter3.ax"
+ "AVSMediaGrabber" "AVSMediaGrabber4 DirectShow Filter" "Online Media Technologies Ltd." "c:\program files (x86)\common files\avsmedia\activex\avsmediagrabber4.ax"
+ "Dump" "File Dump Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\common files\arcsoft\mpeg engine\arcdump.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
+ "RSVP TCP Service Provider" "" "" "File not found: C:\Windows\system32\rsvpsp.dll"
+ "RSVP UDP Service Provider" "" "" "File not found: C:\Windows\system32\rsvpsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "NWLink IPX/SPX/NetBIOS Compatible Transport Protocol" "" "" "File not found: C:\Windows\System32\nwprovau.dll"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:43 AM

Posted 13 September 2012 - 10:00 AM

Do you still have redirects? which browser?

#7 Vapor187

Vapor187
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 13 September 2012 - 10:08 AM

Yes

IE

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:43 AM

Posted 13 September 2012 - 10:14 AM

Press WIndows+R key and type

inetcpl.cpl

The Internet Options dialog box appears.

Click the Advanced tab.

Checkmark Delete personal settings option

Under Reset Internet Explorer settings, click Reset.

Now see if you still have redirects

Edited by narenxp, 13 September 2012 - 10:14 AM.


#9 Vapor187

Vapor187
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 13 September 2012 - 10:33 AM

Still Redirecting

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:43 AM

Posted 13 September 2012 - 11:04 AM

Can you post the malwarebytes log?

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:43 AM

Posted 13 September 2012 - 11:07 AM

Not needed,you already posted it

We need to take a deeper look

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users