Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

bts.scour removal steps


  • Please log in to reply
13 replies to this topic

#1 Gingerbred

Gingerbred

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Carlisle, Pa
  • Local time:06:42 AM

Posted 13 September 2012 - 09:44 AM

My problem:

Trying to remove bts.scour from my computer. Looked up and followed the following script from an earlier post request that was similar...

Have done the first step and have posted the scan results below the 1st step.

My computer is Windows 7

Do i go to the 2nd step and proceed as though it is the same issue?
(2ns step, Download aswMBR Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log, Post the log results here

3rd step, Download, ESET online scanner, Install it, Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats
Export the list to desktop,copy the contents of the text file in your reply)


johnsherry


Member



Group:Members
Posts:22
Joined:05-September 12


Posted 05 September 2012 - 08:08 AM


Apparently picked up a redirect virus that is not detected by my antivirus protection as I have run scans with both. I went through the system files and could not readily identify anything there for a chance of manually removing it. I need help removing this virus from my PC.

Thanks in advance.

John

Back to top

--------------------------------------------------------------------------------



#2 narenxp


Forum Addict



Group:BC Advisor
Posts:8,516
Joined:24-October 11
Gender:Male
Location:India


Posted 05 September 2012 - 08:10 AM


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results



Then.......HERE IS WHAT MY COMPUTER (CUCOLO) had as a scan message:


08:39:28.0840 2144 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
08:39:29.0081 2144 ============================================================
08:39:29.0081 2144 Current date / time: 2012/09/13 08:39:29.0081
08:39:29.0081 2144 SystemInfo:
08:39:29.0081 2144
08:39:29.0081 2144 OS Version: 6.1.7601 ServicePack: 1.0
08:39:29.0081 2144 Product type: Workstation
08:39:29.0081 2144 ComputerName: ASA
08:39:29.0081 2144 UserName: Cucolo
08:39:29.0081 2144 Windows directory: C:\Windows
08:39:29.0081 2144 System windows directory: C:\Windows
08:39:29.0081 2144 Running under WOW64
08:39:29.0081 2144 Processor architecture: Intel x64
08:39:29.0081 2144 Number of processors: 8
08:39:29.0081 2144 Page size: 0x1000
08:39:29.0081 2144 Boot type: Normal boot
08:39:29.0081 2144 ============================================================
08:39:30.0044 2144 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:39:35.0609 2144 Drive \Device\Harddisk5\DR5 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:39:35.0611 2144 ============================================================
08:39:35.0611 2144 \Device\Harddisk0\DR0:
08:39:35.0621 2144 MBR partitions:
08:39:35.0621 2144 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C5E800, BlocksNum 0x72AA7000
08:39:35.0621 2144 \Device\Harddisk5\DR5:
08:39:35.0622 2144 MBR partitions:
08:39:35.0622 2144 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
08:39:35.0622 2144 ============================================================
08:39:35.0636 2144 C: <-> \Device\Harddisk0\DR0\Partition1
08:39:35.0650 2144 K: <-> \Device\Harddisk5\DR5\Partition1
08:39:35.0651 2144 ============================================================
08:39:35.0651 2144 Initialize success
08:39:35.0651 2144 ============================================================
08:40:00.0315 5852 ============================================================
08:40:00.0315 5852 Scan started
08:40:00.0315 5852 Mode: Manual; TDLFS;
08:40:00.0315 5852 ============================================================
08:40:00.0482 5852 ================ Scan system memory ========================
08:40:00.0482 5852 System memory - ok
08:40:00.0482 5852 ================ Scan services =============================
08:40:00.0557 5852 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:40:00.0560 5852 1394ohci - ok
08:40:00.0585 5852 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:40:00.0589 5852 ACPI - ok
08:40:00.0599 5852 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:40:00.0600 5852 AcpiPmi - ok
08:40:00.0658 5852 [ 765FE0463E711E5A68AC7B69538ED922 ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
08:40:00.0662 5852 AdobeActiveFileMonitor8.0 - ok
08:40:00.0730 5852 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:40:00.0731 5852 AdobeARMservice - ok
08:40:00.0786 5852 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:40:00.0790 5852 AdobeFlashPlayerUpdateSvc - ok
08:40:00.0821 5852 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:40:00.0827 5852 adp94xx - ok
08:40:00.0844 5852 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:40:00.0849 5852 adpahci - ok
08:40:00.0860 5852 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:40:00.0862 5852 adpu320 - ok
08:40:00.0890 5852 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:40:00.0891 5852 AeLookupSvc - ok
08:40:00.0928 5852 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:40:00.0933 5852 AFD - ok
08:40:00.0944 5852 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:40:00.0946 5852 agp440 - ok
08:40:00.0964 5852 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:40:00.0966 5852 ALG - ok
08:40:00.0981 5852 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:40:00.0982 5852 aliide - ok
08:40:00.0989 5852 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:40:00.0990 5852 amdide - ok
08:40:00.0998 5852 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:40:00.0999 5852 AmdK8 - ok
08:40:01.0009 5852 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
08:40:01.0010 5852 AmdPPM - ok
08:40:01.0030 5852 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:40:01.0032 5852 amdsata - ok
08:40:01.0051 5852 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:40:01.0054 5852 amdsbs - ok
08:40:01.0070 5852 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:40:01.0071 5852 amdxata - ok
08:40:01.0082 5852 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:40:01.0084 5852 AppID - ok
08:40:01.0102 5852 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:40:01.0103 5852 AppIDSvc - ok
08:40:01.0129 5852 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:40:01.0130 5852 Appinfo - ok
08:40:01.0186 5852 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:40:01.0188 5852 Apple Mobile Device - ok
08:40:01.0201 5852 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
08:40:01.0203 5852 arc - ok
08:40:01.0215 5852 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:40:01.0217 5852 arcsas - ok
08:40:01.0254 5852 [ FB03A917C1294D3E6D671F24722E1BA3 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
08:40:01.0263 5852 asComSvc - ok
08:40:01.0300 5852 [ 705249A820CC541EE54BD2D091381ADF ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.11\aaHMSvc.exe
08:40:01.0309 5852 asHmComSvc - ok
08:40:01.0347 5852 [ EDAA17CE771C696655B6585F7CAD2100 ] ASInsHelp C:\Windows\SysWow64\drivers\AsInsHelp64.sys
08:40:01.0348 5852 ASInsHelp - ok
08:40:01.0355 5852 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
08:40:01.0356 5852 AsIO - ok
08:40:01.0371 5852 [ E3B9C89D2ED4A538AB2FC6EC76FA2B17 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
08:40:01.0372 5852 asmthub3 - ok
08:40:01.0400 5852 [ 88CE83BE5176020BE39194A6369AF2C2 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
08:40:01.0403 5852 asmtxhci - ok
08:40:01.0428 5852 [ 5C31DFB196CB3A488A041881634D86D2 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe
08:40:01.0435 5852 AsSysCtrlService - ok
08:40:01.0448 5852 [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
08:40:01.0449 5852 AsUpIO - ok
08:40:01.0471 5852 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:40:01.0472 5852 AsyncMac - ok
08:40:01.0483 5852 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:40:01.0483 5852 atapi - ok
08:40:01.0518 5852 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:40:01.0526 5852 AudioEndpointBuilder - ok
08:40:01.0535 5852 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:40:01.0540 5852 AudioSrv - ok
08:40:01.0549 5852 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:40:01.0551 5852 AxInstSV - ok
08:40:01.0561 5852 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:40:01.0564 5852 b06bdrv - ok
08:40:01.0583 5852 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:40:01.0586 5852 b57nd60a - ok
08:40:01.0597 5852 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:40:01.0598 5852 BDESVC - ok
08:40:01.0606 5852 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:40:01.0607 5852 Beep - ok
08:40:01.0636 5852 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:40:01.0644 5852 BFE - ok
08:40:01.0670 5852 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:40:01.0680 5852 BITS - ok
08:40:01.0691 5852 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
08:40:01.0693 5852 blbdrive - ok
08:40:01.0741 5852 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:40:01.0746 5852 Bonjour Service - ok
08:40:01.0764 5852 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:40:01.0766 5852 bowser - ok
08:40:01.0782 5852 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:40:01.0783 5852 BrFiltLo - ok
08:40:01.0793 5852 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:40:01.0794 5852 BrFiltUp - ok
08:40:01.0818 5852 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:40:01.0820 5852 Browser - ok
08:40:01.0836 5852 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:40:01.0840 5852 Brserid - ok
08:40:01.0849 5852 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:40:01.0851 5852 BrSerWdm - ok
08:40:01.0867 5852 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:40:01.0868 5852 BrUsbMdm - ok
08:40:01.0877 5852 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:40:01.0878 5852 BrUsbSer - ok
08:40:01.0885 5852 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:40:01.0886 5852 BTHMODEM - ok
08:40:01.0897 5852 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:40:01.0899 5852 bthserv - ok
08:40:01.0910 5852 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:40:01.0914 5852 cdfs - ok
08:40:01.0933 5852 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:40:01.0935 5852 cdrom - ok
08:40:01.0949 5852 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:40:01.0951 5852 CertPropSvc - ok
08:40:01.0966 5852 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
08:40:01.0968 5852 circlass - ok
08:40:01.0982 5852 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:40:01.0986 5852 CLFS - ok
08:40:02.0034 5852 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:40:02.0036 5852 clr_optimization_v2.0.50727_32 - ok
08:40:02.0071 5852 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:40:02.0076 5852 clr_optimization_v2.0.50727_64 - ok
08:40:02.0123 5852 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:40:02.0125 5852 clr_optimization_v4.0.30319_32 - ok
08:40:02.0153 5852 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:40:02.0155 5852 clr_optimization_v4.0.30319_64 - ok
08:40:02.0171 5852 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
08:40:02.0172 5852 CmBatt - ok
08:40:02.0182 5852 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:40:02.0184 5852 cmdide - ok
08:40:02.0213 5852 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:40:02.0218 5852 CNG - ok
08:40:02.0227 5852 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
08:40:02.0228 5852 Compbatt - ok
08:40:02.0236 5852 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:40:02.0237 5852 CompositeBus - ok
08:40:02.0240 5852 COMSysApp - ok
08:40:02.0254 5852 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:40:02.0256 5852 crcdisk - ok
08:40:02.0293 5852 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:40:02.0296 5852 CryptSvc - ok
08:40:02.0313 5852 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
08:40:02.0314 5852 dc3d - ok
08:40:02.0341 5852 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:40:02.0348 5852 DcomLaunch - ok
08:40:02.0364 5852 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:40:02.0368 5852 defragsvc - ok
08:40:02.0391 5852 [ 0A403702CB00432AC818523CD416BF67 ] Device Handle Service C:\Windows\SysWOW64\AsHookDevice.exe
08:40:02.0394 5852 Device Handle Service - ok
08:40:02.0400 5852 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:40:02.0402 5852 DfsC - ok
08:40:02.0416 5852 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:40:02.0420 5852 Dhcp - ok
08:40:02.0426 5852 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:40:02.0427 5852 discache - ok
08:40:02.0456 5852 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
08:40:02.0457 5852 Disk - ok
08:40:02.0474 5852 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:40:02.0477 5852 Dnscache - ok
08:40:02.0485 5852 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:40:02.0489 5852 dot3svc - ok
08:40:02.0521 5852 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
08:40:02.0523 5852 Dot4 - ok
08:40:02.0564 5852 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
08:40:02.0565 5852 Dot4Print - ok
08:40:02.0571 5852 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
08:40:02.0573 5852 dot4usb - ok
08:40:02.0584 5852 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:40:02.0587 5852 DPS - ok
08:40:02.0601 5852 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:40:02.0603 5852 drmkaud - ok
08:40:02.0626 5852 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:40:02.0633 5852 DXGKrnl - ok
08:40:02.0649 5852 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:40:02.0651 5852 EapHost - ok
08:40:02.0709 5852 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:40:02.0778 5852 ebdrv - ok
08:40:02.0805 5852 eclykrko - ok
08:40:02.0823 5852 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:40:02.0824 5852 EFS - ok
08:40:02.0860 5852 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:40:02.0877 5852 ehRecvr - ok
08:40:02.0886 5852 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:40:02.0888 5852 ehSched - ok
08:40:02.0909 5852 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:40:02.0916 5852 elxstor - ok
08:40:02.0928 5852 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:40:02.0929 5852 ErrDev - ok
08:40:02.0968 5852 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:40:02.0996 5852 EventSystem - ok
08:40:03.0029 5852 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:40:03.0062 5852 exfat - ok
08:40:03.0091 5852 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:40:03.0094 5852 fastfat - ok
08:40:03.0119 5852 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:40:03.0127 5852 Fax - ok
08:40:03.0140 5852 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
08:40:03.0141 5852 fdc - ok
08:40:03.0163 5852 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:40:03.0164 5852 fdPHost - ok
08:40:03.0173 5852 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:40:03.0174 5852 FDResPub - ok
08:40:03.0188 5852 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:40:03.0190 5852 FileInfo - ok
08:40:03.0201 5852 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:40:03.0202 5852 Filetrace - ok
08:40:03.0245 5852 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:40:03.0255 5852 FLEXnet Licensing Service - ok
08:40:03.0268 5852 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:40:03.0270 5852 flpydisk - ok
08:40:03.0286 5852 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:40:03.0289 5852 FltMgr - ok
08:40:03.0319 5852 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:40:03.0345 5852 FontCache - ok
08:40:03.0385 5852 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:40:03.0387 5852 FontCache3.0.0.0 - ok
08:40:03.0400 5852 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:40:03.0402 5852 FsDepends - ok
08:40:03.0440 5852 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
08:40:03.0441 5852 fssfltr - ok
08:40:03.0488 5852 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:40:03.0514 5852 fsssvc - ok
08:40:03.0548 5852 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:40:03.0548 5852 Fs_Rec - ok
08:40:03.0574 5852 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:40:03.0577 5852 fvevol - ok
08:40:03.0589 5852 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:40:03.0590 5852 gagp30kx - ok
08:40:03.0612 5852 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:40:03.0612 5852 GEARAspiWDM - ok
08:40:03.0632 5852 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:40:03.0641 5852 gpsvc - ok
08:40:03.0688 5852 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:40:03.0690 5852 gupdate - ok
08:40:03.0694 5852 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:40:03.0695 5852 gupdatem - ok
08:40:03.0712 5852 gxnujilb - ok
08:40:03.0729 5852 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:40:03.0731 5852 hcw85cir - ok
08:40:03.0742 5852 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:40:03.0747 5852 HdAudAddService - ok
08:40:03.0772 5852 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:40:03.0774 5852 HDAudBus - ok
08:40:03.0788 5852 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:40:03.0789 5852 HidBatt - ok
08:40:03.0807 5852 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:40:03.0809 5852 HidBth - ok
08:40:03.0825 5852 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
08:40:03.0827 5852 HidIr - ok
08:40:03.0838 5852 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:40:03.0840 5852 hidserv - ok
08:40:03.0846 5852 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:40:03.0848 5852 HidUsb - ok
08:40:03.0865 5852 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:40:03.0867 5852 hkmsvc - ok
08:40:03.0882 5852 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:40:03.0886 5852 HomeGroupListener - ok
08:40:03.0906 5852 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:40:03.0909 5852 HomeGroupProvider - ok
08:40:03.0985 5852 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
08:40:03.0988 5852 hpqcxs08 - ok
08:40:04.0000 5852 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
08:40:04.0002 5852 hpqddsvc - ok
08:40:04.0017 5852 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:40:04.0019 5852 HpSAMD - ok
08:40:04.0055 5852 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
08:40:04.0066 5852 HPSLPSVC - ok
08:40:04.0084 5852 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:40:04.0092 5852 HTTP - ok
08:40:04.0096 5852 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:40:04.0097 5852 hwpolicy - ok
08:40:04.0107 5852 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:40:04.0109 5852 i8042prt - ok
08:40:04.0136 5852 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
08:40:04.0141 5852 iaStor - ok
08:40:04.0168 5852 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:40:04.0173 5852 iaStorV - ok
08:40:04.0205 5852 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:40:04.0215 5852 idsvc - ok
08:40:04.0225 5852 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:40:04.0227 5852 iirsp - ok
08:40:04.0259 5852 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:40:04.0268 5852 IKEEXT - ok
08:40:04.0333 5852 [ DAB7318CCFA8081200D5B7B486793F74 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:40:04.0351 5852 IntcAzAudAddService - ok
08:40:04.0374 5852 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:40:04.0375 5852 intelide - ok
08:40:04.0395 5852 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:40:04.0396 5852 intelppm - ok
08:40:04.0405 5852 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:40:04.0407 5852 IPBusEnum - ok
08:40:04.0428 5852 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:40:04.0430 5852 IpFilterDriver - ok
08:40:04.0456 5852 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:40:04.0463 5852 iphlpsvc - ok
08:40:04.0474 5852 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:40:04.0476 5852 IPMIDRV - ok
08:40:04.0491 5852 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:40:04.0494 5852 IPNAT - ok
08:40:04.0554 5852 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:40:04.0564 5852 iPod Service - ok
08:40:04.0589 5852 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:40:04.0591 5852 IRENUM - ok
08:40:04.0602 5852 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:40:04.0603 5852 isapnp - ok
08:40:04.0613 5852 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:40:04.0616 5852 iScsiPrt - ok
08:40:04.0640 5852 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:40:04.0640 5852 kbdclass - ok
08:40:04.0653 5852 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:40:04.0654 5852 kbdhid - ok
08:40:04.0662 5852 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:40:04.0663 5852 KeyIso - ok
08:40:04.0677 5852 kgmkgesg - ok
08:40:04.0702 5852 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:40:04.0704 5852 KSecDD - ok
08:40:04.0737 5852 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:40:04.0739 5852 KSecPkg - ok
08:40:04.0751 5852 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:40:04.0752 5852 ksthunk - ok
08:40:04.0770 5852 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:40:04.0775 5852 KtmRm - ok
08:40:04.0787 5852 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:40:04.0792 5852 LanmanServer - ok
08:40:04.0814 5852 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:40:04.0817 5852 LanmanWorkstation - ok
08:40:04.0833 5852 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:40:04.0834 5852 lltdio - ok
08:40:04.0852 5852 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:40:04.0857 5852 lltdsvc - ok
08:40:04.0869 5852 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:40:04.0871 5852 lmhosts - ok
08:40:04.0899 5852 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:40:04.0903 5852 LMS - ok
08:40:04.0922 5852 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:40:04.0924 5852 LSI_FC - ok
08:40:04.0946 5852 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:40:04.0948 5852 LSI_SAS - ok
08:40:04.0960 5852 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:40:04.0962 5852 LSI_SAS2 - ok
08:40:04.0966 5852 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:40:04.0968 5852 LSI_SCSI - ok
08:40:04.0981 5852 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:40:04.0984 5852 luafv - ok
08:40:04.0987 5852 mbhlcbtl - ok
08:40:05.0059 5852 [ 944B3087B142CD9BF8DA6B3039FBFBA5 ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
08:40:05.0063 5852 McciCMService - ok
08:40:05.0112 5852 [ FBD57A7C443C85CC6C6169493A020FDF ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
08:40:05.0117 5852 McciCMService64 - ok
08:40:05.0130 5852 MCSTRM - ok
08:40:05.0146 5852 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:40:05.0149 5852 Mcx2Svc - ok
08:40:05.0163 5852 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
08:40:05.0165 5852 megasas - ok
08:40:05.0183 5852 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:40:05.0187 5852 MegaSR - ok
08:40:05.0198 5852 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
08:40:05.0199 5852 MEIx64 - ok
08:40:05.0207 5852 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:40:05.0210 5852 MMCSS - ok
08:40:05.0221 5852 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:40:05.0224 5852 Modem - ok
08:40:05.0240 5852 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:40:05.0240 5852 monitor - ok
08:40:05.0254 5852 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:40:05.0255 5852 mouclass - ok
08:40:05.0269 5852 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:40:05.0270 5852 mouhid - ok
08:40:05.0280 5852 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:40:05.0281 5852 mountmgr - ok
08:40:05.0331 5852 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
08:40:05.0334 5852 MpFilter - ok
08:40:05.0345 5852 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:40:05.0347 5852 mpio - ok
08:40:05.0363 5852 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:40:05.0364 5852 mpsdrv - ok
08:40:05.0385 5852 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:40:05.0394 5852 MpsSvc - ok
08:40:05.0429 5852 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
08:40:05.0430 5852 MREMP50 - ok
08:40:05.0433 5852 MREMP50a64 - ok
08:40:05.0437 5852 MREMPR5 - ok
08:40:05.0441 5852 MRENDIS5 - ok
08:40:05.0468 5852 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
08:40:05.0470 5852 MRESP50 - ok
08:40:05.0473 5852 MRESP50a64 - ok
08:40:05.0487 5852 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:40:05.0489 5852 MRxDAV - ok
08:40:05.0510 5852 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:40:05.0512 5852 mrxsmb - ok
08:40:05.0525 5852 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:40:05.0529 5852 mrxsmb10 - ok
08:40:05.0539 5852 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:40:05.0541 5852 mrxsmb20 - ok
08:40:05.0553 5852 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:40:05.0555 5852 msahci - ok
08:40:05.0568 5852 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:40:05.0570 5852 msdsm - ok
08:40:05.0582 5852 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:40:05.0585 5852 MSDTC - ok
08:40:05.0601 5852 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:40:05.0602 5852 Msfs - ok
08:40:05.0623 5852 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:40:05.0624 5852 mshidkmdf - ok
08:40:05.0634 5852 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:40:05.0635 5852 msisadrv - ok
08:40:05.0656 5852 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:40:05.0658 5852 MSiSCSI - ok
08:40:05.0662 5852 msiserver - ok
08:40:05.0680 5852 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:40:05.0681 5852 MSKSSRV - ok
08:40:05.0707 5852 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:40:05.0707 5852 MsMpSvc - ok
08:40:05.0717 5852 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:40:05.0718 5852 MSPCLOCK - ok
08:40:05.0726 5852 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:40:05.0727 5852 MSPQM - ok
08:40:05.0752 5852 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:40:05.0756 5852 MsRPC - ok
08:40:05.0764 5852 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:40:05.0765 5852 mssmbios - ok
08:40:05.0773 5852 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:40:05.0774 5852 MSTEE - ok
08:40:05.0781 5852 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:40:05.0783 5852 MTConfig - ok
08:40:05.0794 5852 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:40:05.0794 5852 Mup - ok
08:40:05.0819 5852 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:40:05.0825 5852 napagent - ok
08:40:05.0857 5852 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:40:05.0861 5852 NativeWifiP - ok
08:40:05.0906 5852 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:40:05.0916 5852 NDIS - ok
08:40:05.0931 5852 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:40:05.0933 5852 NdisCap - ok
08:40:05.0944 5852 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:40:05.0945 5852 NdisTapi - ok
08:40:05.0962 5852 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:40:05.0964 5852 Ndisuio - ok
08:40:05.0980 5852 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:40:05.0982 5852 NdisWan - ok
08:40:05.0999 5852 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:40:06.0000 5852 NDProxy - ok
08:40:06.0082 5852 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
08:40:06.0093 5852 Nero BackItUp Scheduler 4.0 - ok
08:40:06.0129 5852 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:40:06.0131 5852 Net Driver HPZ12 - ok
08:40:06.0143 5852 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:40:06.0144 5852 NetBIOS - ok
08:40:06.0157 5852 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:40:06.0160 5852 NetBT - ok
08:40:06.0169 5852 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:40:06.0170 5852 Netlogon - ok
08:40:06.0188 5852 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:40:06.0193 5852 Netman - ok
08:40:06.0208 5852 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:40:06.0214 5852 netprofm - ok
08:40:06.0232 5852 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:40:06.0234 5852 NetTcpPortSharing - ok
08:40:06.0260 5852 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:40:06.0262 5852 nfrd960 - ok
08:40:06.0297 5852 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:40:06.0299 5852 NisDrv - ok
08:40:06.0329 5852 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
08:40:06.0333 5852 NisSrv - ok
08:40:06.0353 5852 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:40:06.0357 5852 NlaSvc - ok
08:40:06.0366 5852 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:40:06.0366 5852 Npfs - ok
08:40:06.0376 5852 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:40:06.0378 5852 nsi - ok
08:40:06.0390 5852 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:40:06.0391 5852 nsiproxy - ok
08:40:06.0440 5852 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:40:06.0474 5852 Ntfs - ok
08:40:06.0494 5852 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:40:06.0495 5852 Null - ok
08:40:06.0512 5852 [ 857FB74754EBFF94EE3AD40788740916 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
08:40:06.0514 5852 NVHDA - ok
08:40:06.0699 5852 [ 85B6A1C935935FBAE92B837F3AAAA811 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:40:06.0743 5852 nvlddmkm - ok
08:40:06.0769 5852 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:40:06.0770 5852 nvraid - ok
08:40:06.0779 5852 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:40:06.0780 5852 nvstor - ok
08:40:06.0803 5852 [ FB3C5813E4E278C435C1092075F496AC ] NVSvc C:\Windows\system32\nvvsvc.exe
08:40:06.0814 5852 NVSvc - ok
08:40:06.0832 5852 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:40:06.0834 5852 nv_agp - ok
08:40:06.0843 5852 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:40:06.0845 5852 ohci1394 - ok
08:40:06.0886 5852 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:40:06.0888 5852 ose - ok
08:40:07.0003 5852 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:40:07.0075 5852 osppsvc - ok
08:40:07.0095 5852 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:40:07.0099 5852 p2pimsvc - ok
08:40:07.0116 5852 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:40:07.0121 5852 p2psvc - ok
08:40:07.0135 5852 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
08:40:07.0137 5852 Parport - ok
08:40:07.0169 5852 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:40:07.0170 5852 partmgr - ok
08:40:07.0188 5852 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:40:07.0191 5852 PcaSvc - ok
08:40:07.0205 5852 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:40:07.0207 5852 pci - ok
08:40:07.0218 5852 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:40:07.0219 5852 pciide - ok
08:40:07.0232 5852 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:40:07.0235 5852 pcmcia - ok
08:40:07.0251 5852 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:40:07.0252 5852 pcw - ok
08:40:07.0273 5852 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:40:07.0279 5852 PEAUTH - ok
08:40:07.0330 5852 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:40:07.0332 5852 PerfHost - ok
08:40:07.0349 5852 pgdnhrwb - ok
08:40:07.0378 5852 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:40:07.0403 5852 pla - ok
08:40:07.0437 5852 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:40:07.0441 5852 PlugPlay - ok
08:40:07.0459 5852 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:40:07.0461 5852 Pml Driver HPZ12 - ok
08:40:07.0470 5852 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:40:07.0471 5852 PNRPAutoReg - ok
08:40:07.0487 5852 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:40:07.0491 5852 PNRPsvc - ok
08:40:07.0524 5852 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
08:40:07.0525 5852 Point64 - ok
08:40:07.0551 5852 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:40:07.0557 5852 PolicyAgent - ok
08:40:07.0575 5852 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:40:07.0577 5852 Power - ok
08:40:07.0600 5852 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:40:07.0602 5852 PptpMiniport - ok
08:40:07.0614 5852 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
08:40:07.0615 5852 Processor - ok
08:40:07.0650 5852 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:40:07.0654 5852 ProfSvc - ok
08:40:07.0659 5852 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:40:07.0660 5852 ProtectedStorage - ok
08:40:07.0674 5852 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:40:07.0676 5852 Psched - ok
08:40:07.0703 5852 [ FBF4DB6D53585437E41A113300002A2B ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:40:07.0704 5852 PxHlpa64 - ok
08:40:07.0707 5852 qgymzhqc - ok
08:40:07.0739 5852 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:40:07.0765 5852 ql2300 - ok
08:40:07.0781 5852 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:40:07.0782 5852 ql40xx - ok
08:40:07.0796 5852 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:40:07.0799 5852 QWAVE - ok
08:40:07.0806 5852 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:40:07.0807 5852 QWAVEdrv - ok
08:40:07.0819 5852 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:40:07.0820 5852 RasAcd - ok
08:40:07.0844 5852 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:40:07.0846 5852 RasAgileVpn - ok
08:40:07.0852 5852 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:40:07.0855 5852 RasAuto - ok
08:40:07.0866 5852 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:40:07.0869 5852 Rasl2tp - ok
08:40:07.0881 5852 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:40:07.0885 5852 RasMan - ok
08:40:07.0893 5852 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:40:07.0895 5852 RasPppoe - ok
08:40:07.0911 5852 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:40:07.0912 5852 RasSstp - ok
08:40:07.0924 5852 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:40:07.0927 5852 rdbss - ok
08:40:07.0935 5852 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
08:40:07.0936 5852 rdpbus - ok
08:40:07.0942 5852 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:40:07.0943 5852 RDPCDD - ok
08:40:07.0954 5852 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:40:07.0955 5852 RDPENCDD - ok
08:40:07.0966 5852 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:40:07.0967 5852 RDPREFMP - ok
08:40:07.0998 5852 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:40:08.0001 5852 RDPWD - ok
08:40:08.0017 5852 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:40:08.0019 5852 rdyboost - ok
08:40:08.0041 5852 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:40:08.0043 5852 RemoteAccess - ok
08:40:08.0065 5852 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:40:08.0068 5852 RemoteRegistry - ok
08:40:08.0078 5852 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:40:08.0081 5852 RpcEptMapper - ok
08:40:08.0093 5852 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:40:08.0133 5852 RpcLocator - ok
08:40:08.0160 5852 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:40:08.0165 5852 RpcSs - ok
08:40:08.0173 5852 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:40:08.0174 5852 rspndr - ok
08:40:08.0203 5852 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:40:08.0205 5852 RTL8167 - ok
08:40:08.0228 5852 [ E16B7C030A05EF649B18FAB0A93D871F ] RtNdPt60 C:\Windows\system32\DRIVERS\RtNdPt60.sys
08:40:08.0229 5852 RtNdPt60 - ok
08:40:08.0243 5852 [ 1DE78F5008120CD79B34C12394DCD493 ] RTTEAMPT C:\Windows\system32\DRIVERS\RtTeam60.sys
08:40:08.0244 5852 RTTEAMPT - ok
08:40:08.0255 5852 [ B1018AA1B5735F5FA89FD4DADF4BEA7A ] RTVLANPT C:\Windows\system32\DRIVERS\RtVlan60.sys
08:40:08.0256 5852 RTVLANPT - ok
08:40:08.0267 5852 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:40:08.0267 5852 SamSs - ok
08:40:08.0281 5852 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:40:08.0283 5852 sbp2port - ok
08:40:08.0294 5852 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:40:08.0297 5852 SCardSvr - ok
08:40:08.0307 5852 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:40:08.0308 5852 scfilter - ok
08:40:08.0331 5852 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:40:08.0355 5852 Schedule - ok
08:40:08.0367 5852 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:40:08.0367 5852 SCPolicySvc - ok
08:40:08.0380 5852 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:40:08.0382 5852 SDRSVC - ok
08:40:08.0392 5852 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:40:08.0393 5852 secdrv - ok
08:40:08.0396 5852 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:40:08.0397 5852 seclogon - ok
08:40:08.0417 5852 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:40:08.0419 5852 SENS - ok
08:40:08.0430 5852 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:40:08.0432 5852 SensrSvc - ok
08:40:08.0438 5852 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
08:40:08.0439 5852 Serenum - ok
08:40:08.0460 5852 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
08:40:08.0462 5852 Serial - ok
08:40:08.0496 5852 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:40:08.0498 5852 sermouse - ok
08:40:08.0520 5852 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:40:08.0522 5852 SessionEnv - ok
08:40:08.0530 5852 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:40:08.0531 5852 sffdisk - ok
08:40:08.0538 5852 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:40:08.0538 5852 sffp_mmc - ok
08:40:08.0550 5852 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:40:08.0551 5852 sffp_sd - ok
08:40:08.0558 5852 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:40:08.0559 5852 sfloppy - ok
08:40:08.0577 5852 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:40:08.0581 5852 SharedAccess - ok
08:40:08.0591 5852 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:40:08.0595 5852 ShellHWDetection - ok
08:40:08.0605 5852 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:40:08.0606 5852 SiSRaid2 - ok
08:40:08.0615 5852 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:40:08.0616 5852 SiSRaid4 - ok
08:40:08.0664 5852 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:40:08.0666 5852 SkypeUpdate - ok
08:40:08.0683 5852 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:40:08.0685 5852 Smb - ok
08:40:08.0708 5852 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:40:08.0711 5852 SNMPTRAP - ok
08:40:08.0720 5852 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:40:08.0720 5852 spldr - ok
08:40:08.0752 5852 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:40:08.0760 5852 Spooler - ok
08:40:08.0825 5852 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:40:08.0884 5852 sppsvc - ok
08:40:08.0898 5852 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:40:08.0900 5852 sppuinotify - ok
08:40:08.0921 5852 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:40:08.0926 5852 srv - ok
08:40:08.0934 5852 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:40:08.0939 5852 srv2 - ok
08:40:08.0954 5852 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:40:08.0957 5852 srvnet - ok
08:40:08.0971 5852 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:40:08.0975 5852 SSDPSRV - ok
08:40:08.0985 5852 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:40:08.0988 5852 SstpSvc - ok
08:40:09.0002 5852 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:40:09.0004 5852 stexstor - ok
08:40:09.0032 5852 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:40:09.0040 5852 stisvc - ok
08:40:09.0053 5852 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:40:09.0053 5852 swenum - ok
08:40:09.0070 5852 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:40:09.0075 5852 swprv - ok
08:40:09.0104 5852 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:40:09.0130 5852 SysMain - ok
08:40:09.0140 5852 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:40:09.0142 5852 TabletInputService - ok
08:40:09.0155 5852 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:40:09.0158 5852 TapiSrv - ok
08:40:09.0168 5852 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:40:09.0169 5852 TBS - ok
08:40:09.0217 5852 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:40:09.0251 5852 Tcpip - ok
08:40:09.0300 5852 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:40:09.0313 5852 TCPIP6 - ok
08:40:09.0345 5852 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:40:09.0346 5852 tcpipreg - ok
08:40:09.0360 5852 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:40:09.0361 5852 TDPIPE - ok
08:40:09.0375 5852 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:40:09.0376 5852 TDTCP - ok
08:40:09.0388 5852 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:40:09.0390 5852 tdx - ok
08:40:09.0400 5852 [ 1DE78F5008120CD79B34C12394DCD493 ] TEAM C:\Windows\system32\DRIVERS\RtTeam60.sys
08:40:09.0400 5852 TEAM - ok
08:40:09.0412 5852 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:40:09.0412 5852 TermDD - ok
08:40:09.0436 5852 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:40:09.0445 5852 TermService - ok
08:40:09.0457 5852 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:40:09.0459 5852 Themes - ok
08:40:09.0469 5852 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:40:09.0470 5852 THREADORDER - ok
08:40:09.0483 5852 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:40:09.0485 5852 TrkWks - ok
08:40:09.0523 5852 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:40:09.0526 5852 TrustedInstaller - ok
08:40:09.0537 5852 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:40:09.0539 5852 tssecsrv - ok
08:40:09.0556 5852 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:40:09.0558 5852 TsUsbFlt - ok
08:40:09.0567 5852 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
08:40:09.0568 5852 TsUsbGD - ok
08:40:09.0597 5852 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:40:09.0599 5852 tunnel - ok
08:40:09.0618 5852 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:40:09.0619 5852 uagp35 - ok
08:40:09.0636 5852 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:40:09.0640 5852 udfs - ok
08:40:09.0649 5852 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:40:09.0651 5852 UI0Detect - ok
08:40:09.0659 5852 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:40:09.0661 5852 uliagpkx - ok
08:40:09.0670 5852 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:40:09.0671 5852 umbus - ok
08:40:09.0686 5852 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
08:40:09.0687 5852 UmPass - ok
08:40:09.0759 5852 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:40:09.0795 5852 UNS - ok
08:40:09.0811 5852 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:40:09.0815 5852 upnphost - ok
08:40:09.0852 5852 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:40:09.0854 5852 USBAAPL64 - ok
08:40:09.0877 5852 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
08:40:09.0879 5852 usbaudio - ok
08:40:09.0898 5852 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:40:09.0900 5852 usbccgp - ok
08:40:09.0915 5852 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:40:09.0917 5852 usbcir - ok
08:40:09.0934 5852 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:40:09.0936 5852 usbehci - ok
08:40:09.0949 5852 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:40:09.0953 5852 usbhub - ok
08:40:09.0968 5852 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:40:09.0969 5852 usbohci - ok
08:40:09.0984 5852 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:40:09.0985 5852 usbprint - ok
08:40:10.0004 5852 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:40:10.0006 5852 usbscan - ok
08:40:10.0017 5852 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:40:10.0019 5852 USBSTOR - ok
08:40:10.0032 5852 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:40:10.0033 5852 usbuhci - ok
08:40:10.0064 5852 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:40:10.0067 5852 usbvideo - ok
08:40:10.0079 5852 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:40:10.0081 5852 UxSms - ok
08:40:10.0090 5852 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:40:10.0091 5852 VaultSvc - ok
08:40:10.0095 5852 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:40:10.0095 5852 vdrvroot - ok
08:40:10.0112 5852 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:40:10.0118 5852 vds - ok
08:40:10.0127 5852 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:40:10.0128 5852 vga - ok
08:40:10.0139 5852 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:40:10.0140 5852 VgaSave - ok
08:40:10.0155 5852 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:40:10.0158 5852 vhdmp - ok
08:40:10.0167 5852 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:40:10.0168 5852 viaide - ok
08:40:10.0178 5852 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:40:10.0180 5852 volmgr - ok
08:40:10.0189 5852 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:40:10.0192 5852 volmgrx - ok
08:40:10.0208 5852 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:40:10.0210 5852 volsnap - ok
08:40:10.0227 5852 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:40:10.0228 5852 vsmraid - ok
08:40:10.0263 5852 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:40:10.0297 5852 VSS - ok
08:40:10.0308 5852 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
08:40:10.0310 5852 vwifibus - ok
08:40:10.0322 5852 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:40:10.0327 5852 W32Time - ok
08:40:10.0339 5852 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:40:10.0341 5852 WacomPen - ok
08:40:10.0352 5852 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:40:10.0354 5852 WANARP - ok
08:40:10.0358 5852 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:40:10.0359 5852 Wanarpv6 - ok
08:40:10.0406 5852 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:40:10.0432 5852 WatAdminSvc - ok
08:40:10.0468 5852 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:40:10.0494 5852 wbengine - ok
08:40:10.0504 5852 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:40:10.0508 5852 WbioSrvc - ok
08:40:10.0518 5852 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:40:10.0522 5852 wcncsvc - ok
08:40:10.0529 5852 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:40:10.0531 5852 WcsPlugInService - ok
08:40:10.0538 5852 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
08:40:10.0539 5852 Wd - ok
08:40:10.0562 5852 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:40:10.0567 5852 Wdf01000 - ok
08:40:10.0569 5852 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:40:10.0570 5852 WdiServiceHost - ok
08:40:10.0573 5852 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:40:10.0574 5852 WdiSystemHost - ok
08:40:10.0588 5852 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:40:10.0591 5852 WebClient - ok
08:40:10.0603 5852 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:40:10.0605 5852 Wecsvc - ok
08:40:10.0612 5852 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:40:10.0614 5852 wercplsupport - ok
08:40:10.0637 5852 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:40:10.0639 5852 WerSvc - ok
08:40:10.0643 5852 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:40:10.0643 5852 WfpLwf - ok
08:40:10.0658 5852 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:40:10.0659 5852 WIMMount - ok
08:40:10.0672 5852 WinDefend - ok
08:40:10.0675 5852 WinHttpAutoProxySvc - ok
08:40:10.0703 5852 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:40:10.0706 5852 Winmgmt - ok
08:40:10.0746 5852 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:40:10.0780 5852 WinRM - ok
08:40:10.0812 5852 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:40:10.0814 5852 WinUsb - ok
08:40:10.0839 5852 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:40:10.0850 5852 Wlansvc - ok
08:40:10.0891 5852 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:40:10.0892 5852 wlcrasvc - ok
08:40:10.0949 5852 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:40:10.0979 5852 wlidsvc - ok
08:40:11.0033 5852 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:40:11.0033 5852 WmiAcpi - ok
08:40:11.0052 5852 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:40:11.0054 5852 wmiApSrv - ok
08:40:11.0078 5852 WMPNetworkSvc - ok
08:40:11.0087 5852 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:40:11.0088 5852 WPCSvc - ok
08:40:11.0095 5852 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:40:11.0097 5852 WPDBusEnum - ok
08:40:11.0106 5852 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:40:11.0108 5852 ws2ifsl - ok
08:40:11.0115 5852 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
08:40:11.0117 5852 wscsvc - ok
08:40:11.0119 5852 WSearch - ok
08:40:11.0175 5852 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:40:11.0208 5852 wuauserv - ok
08:40:11.0218 5852 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:40:11.0220 5852 WudfPf - ok
08:40:11.0230 5852 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:40:11.0232 5852 WUDFRd - ok
08:40:11.0238 5852 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:40:11.0240 5852 wudfsvc - ok
08:40:11.0253 5852 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:40:11.0256 5852 WwanSvc - ok
08:40:11.0263 5852 ================ Scan global ===============================
08:40:11.0275 5852 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:40:11.0292 5852 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:40:11.0300 5852 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:40:11.0311 5852 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:40:11.0324 5852 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:40:11.0329 5852 [Global] - ok
08:40:11.0330 5852 ================ Scan MBR ==================================
08:40:11.0343 5852 [ 4976D4A7A40B83FC7F06EE4BDD84EB9B ] \Device\Harddisk0\DR0
08:40:11.0608 5852 \Device\Harddisk0\DR0 - ok
08:40:11.0612 5852 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
08:40:11.0760 5852 \Device\Harddisk5\DR5 - ok
08:40:11.0761 5852 ================ Scan VBR ==================================
08:40:11.0773 5852 [ 475F17184654521062EF32A3CF19BDFE ] \Device\Harddisk0\DR0\Partition1
08:40:11.0775 5852 \Device\Harddisk0\DR0\Partition1 - ok
08:40:11.0778 5852 [ 325D49829BD8CE87E83DA37E88233CF9 ] \Device\Harddisk5\DR5\Partition1
08:40:11.0781 5852 \Device\Harddisk5\DR5\Partition1 - ok
08:40:11.0781 5852 ============================================================
08:40:11.0782 5852 Scan finished
08:40:11.0782 5852 ============================================================
08:40:11.0791 2648 Detected object count: 0
08:40:11.0791 2648 Actual detected object count: 0

Edited by hamluis, 13 September 2012 - 10:10 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:42 AM

Posted 13 September 2012 - 10:05 AM

Will wait for other two logs

#3 Gingerbred

Gingerbred
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Carlisle, Pa
  • Local time:06:42 AM

Posted 13 September 2012 - 01:23 PM

2)
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-13 10:46:37
-----------------------------
10:46:37.207 OS Version: Windows x64 6.1.7601 Service Pack 1
10:46:37.207 Number of processors: 8 586 0x2A07
10:46:37.208 ComputerName: ASA UserName:
10:46:38.783 Initialize success
10:50:54.315 AVAST engine defs: 12091300
11:07:14.667 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:07:14.670 Disk 0 Vendor: ST31000524AS JC45 Size: 953869MB BusType: 3
11:07:14.673 Disk 5 \Device\Harddisk5\DR5 -> \Device\00000086
11:07:14.676 Disk 5 Vendor: Size: 953869MB BusType: 0
11:07:14.693 Disk 0 MBR read successfully
11:07:14.697 Disk 0 MBR scan
11:07:14.704 Disk 0 unknown MBR code
11:07:14.709 Disk 0 Partition 1 00 1B Hidd FAT32 NTFS 14524 MB offset 2048
11:07:14.757 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 939342 MB offset 29747200
11:07:14.794 Disk 0 scanning C:\Windows\system32\drivers
11:07:26.098 Service scanning
11:07:46.233 Modules scanning
11:07:46.243 Disk 0 trace - called modules:
11:07:46.260 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
11:07:46.470 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800774b790]
11:07:46.477 3 CLASSPNP.SYS[fffff8800198843f] -> nt!IofCallDriver -> [0xfffffa80071a0520]
11:07:46.483 5 ACPI.sys[fffff88000ed27a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80071a2060]
11:07:55.596 AVAST engine scan C:\Windows
11:07:57.695 Disk 0 MBR has been saved successfully to "C:\Users\Cucolo\Desktop\MBR.dat"
11:07:57.700 The log file has been saved successfully to "C:\Users\Cucolo\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-13 10:46:37
-----------------------------
10:46:37.207 OS Version: Windows x64 6.1.7601 Service Pack 1
10:46:37.207 Number of processors: 8 586 0x2A07
10:46:37.208 ComputerName: ASA UserName:
10:46:38.783 Initialize success
10:50:54.315 AVAST engine defs: 12091300
11:07:14.667 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:07:14.670 Disk 0 Vendor: ST31000524AS JC45 Size: 953869MB BusType: 3
11:07:14.673 Disk 5 \Device\Harddisk5\DR5 -> \Device\00000086
11:07:14.676 Disk 5 Vendor: Size: 953869MB BusType: 0
11:07:14.693 Disk 0 MBR read successfully
11:07:14.697 Disk 0 MBR scan
11:07:14.704 Disk 0 unknown MBR code
11:07:14.709 Disk 0 Partition 1 00 1B Hidd FAT32 NTFS 14524 MB offset 2048
11:07:14.757 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 939342 MB offset 29747200
11:07:14.794 Disk 0 scanning C:\Windows\system32\drivers
11:07:26.098 Service scanning
11:07:46.233 Modules scanning
11:07:46.243 Disk 0 trace - called modules:
11:07:46.260 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
11:07:46.470 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800774b790]
11:07:46.477 3 CLASSPNP.SYS[fffff8800198843f] -> nt!IofCallDriver -> [0xfffffa80071a0520]
11:07:46.483 5 ACPI.sys[fffff88000ed27a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80071a2060]
11:07:55.596 AVAST engine scan C:\Windows
11:07:57.695 Disk 0 MBR has been saved successfully to "C:\Users\Cucolo\Desktop\MBR.dat"
11:07:57.700 The log file has been saved successfully to "C:\Users\Cucolo\Desktop\aswMBR.txt"
11:07:58.238 AVAST engine scan C:\Windows\system32
11:10:27.019 AVAST engine scan C:\Windows\system32\drivers
11:10:39.582 AVAST engine scan C:\Users\Cucolo
11:12:19.071 Disk 0 MBR has been saved successfully to "C:\Users\Cucolo\Desktop\MBR.dat"
11:12:19.076 The log file has been saved successfully to "C:\Users\Cucolo\Desktop\aswMBR.txt"


3)
C:\Users\Cucolo\AppData\Local\Temp\APN_PW\ApnToolbarInstaller.exe Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\Cucolo\AppData\Local\Temp\OCSDC1E.tmp\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined
K:\RecoveredData\AudioConverterSetup.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
K:\RecoveredData\cnet_free_word_doc_txt_to_image_jpg_jpeg_bmp_tiff_png_converter_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:42 AM

Posted 13 September 2012 - 09:31 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Gingerbred

Gingerbred
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Carlisle, Pa
  • Local time:06:42 AM

Posted 15 September 2012 - 09:05 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Cucolo (administrator) on 15-09-2012 at 10:04:11
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Asa
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 14-DA-E9-57-F5-59
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::19f6:8104:907b:a41b%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.30(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, September 15, 2012 9:46:20 AM
Lease Expires . . . . . . . . . . : Sunday, September 16, 2012 9:46:20 AM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 185916137
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-DA-D7-53-14-DA-E9-57-F5-59
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:439:cfc:bc15:4560(Preferred)
Link-local IPv6 Address . . . . . : fe80::439:cfc:bc15:4560%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslrouter.westell.com
Address: 10.0.0.1

Name: google.com
Addresses: 2607:f8b0:4004:803::1002
74.125.228.101
74.125.228.102
74.125.228.103
74.125.228.104
74.125.228.105
74.125.228.110
74.125.228.96
74.125.228.97
74.125.228.98
74.125.228.99
74.125.228.100


Pinging google.com [74.125.228.100] with 32 bytes of data:
Reply from 74.125.228.100: bytes=32 time=31ms TTL=56
Reply from 74.125.228.100: bytes=32 time=32ms TTL=56

Ping statistics for 74.125.228.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 32ms, Average = 31ms
Server: dslrouter.westell.com
Address: 10.0.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=691ms TTL=48
Reply from 98.139.183.24: bytes=32 time=678ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 678ms, Maximum = 691ms, Average = 684ms
Server: dslrouter.westell.com
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
11...14 da e9 57 f5 59 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.30 20
10.0.0.0 255.255.255.0 On-link 10.0.0.30 276
10.0.0.30 255.255.255.255 On-link 10.0.0.30 276
10.0.0.255 255.255.255.255 On-link 10.0.0.30 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.30 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.30 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:6ab8:439:cfc:bc15:4560/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::439:cfc:bc15:4560/128
On-link
11 276 fe80::19f6:8104:907b:a41b/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/15/2012 09:47:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2012 07:20:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15008

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15008

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13994

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13994

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/14/2012 03:44:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12995

Error: (09/14/2012 03:44:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12995


System errors:
=============
Error: (09/15/2012 09:46:32 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (09/15/2012 08:56:48 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/13/2012 00:27:14 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/13/2012 00:12:54 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/13/2012 10:28:45 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/13/2012 03:20:07 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (09/12/2012 03:05:14 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/12/2012 00:01:00 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/12/2012 08:19:39 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/12/2012 07:21:42 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}


Microsoft Office Sessions:
=========================
Error: (09/15/2012 09:47:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2012 07:20:12 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15008

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15008

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13994

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13994

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/14/2012 03:44:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12995

Error: (09/14/2012 03:44:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12995


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 1.2.0)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20
Acrobat.com (Version: 1.6.65)
Adobe Acrobat X Standard - English, Français, Deutsch (Version: 10.1.4)
Adobe After Effects CS6 (Version: 11)
Adobe AIR (Version: 3.4.0.2540)
Adobe Download Assistant (Version: 1.2.2)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Help Manager (Version: 4.0.244)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.04)
Adobe Premiere Elements 8.0 (Version: 8.0)
Adobe Premiere Elements 8.0 (Version: 8.0.1)
Adobe Reader 9.5.2 MUI (Version: 9.5.2)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Advertising Center (Version: 0.0.0.1)
AI Manager (Version: 1.09.06)
AI Suite II (Version: 1.01.12)
AIO_CDA_ProductContext (Version: 130.0.365.000)
AIO_CDA_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.365.000)
Akamai NetSession Interface
Amazon Add to Wish List IE Extension 1.2 (Version: 1.2)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Amazon MP3 Uploader (Version: 1.0.8)
Antique Road Trip 2: Homecoming (Version: 32.0.0.0)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ASUS Backup Wizard (Version: 1.00.10)
AsusVibe2.0 (Version: 2.0.2.562)
Audacity 1.3.13 (Unicode)
Avery Wizard 4.0 (Version: 4.0.103)
Best Buy pc app (Version: 3.2.0.0)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
C3100 (Version: 130.0.365.000)
c3100_Help (Version: 82.0.256.000)
CenturyLink Help
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
Copy (Version: 130.0.428.000)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
Dream Day Wedding: Viva Las Vegas (Version: 32.0.0.0)
ESET Online Scanner v3
Fax (Version: 130.0.418.000)
FFmpeg for Audacity on Windows
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Google Drive (Version: 1.3.3209.2688)
Google Update Helper (Version: 1.3.21.123)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
iCloud (Version: 1.1.0.40)
ImagXpress (Version: 7.0.74.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 10.6.3.25)
J2SE Runtime Environment 5.0 Update 7 (Version: 1.5.0.70)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
LAME v3.98.3 for Audacity
Little Shop - City Lights (Version: 32.0.0.0)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 130.0.374.000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mirror Mysteries (Version: 32.0.0.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Nero 9 Essentials
Nero BurnRights (Version: 3.4.7.100)
Nero BurnRights Help (Version: 3.4.4.100)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.4.7.100)
Nero CoverDesigner Help (Version: 4.4.9.100)
Nero DiscSpeed (Version: 5.4.7.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.4.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.6.2.101)
Nero InfoTool (Version: 6.4.7.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.8.1)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.11.208)
Nero StartSmart Help (Version: 9.4.1.100)
Nero StartSmart OEM (Version: 9.4.10.100)
NeroExpress (Version: 9.4.10.505)
neroxml (Version: 1.0.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
NVIDIA Control Panel 267.08 (Version: 267.08)
NVIDIA Graphics Driver 267.08 (Version: 267.08)
NVIDIA HD Audio Driver 1.1.13.1 (Version: 1.1.13.1)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PC Optimizer Pro (Version: 6.1.7.4)
Quicken 2011 (Version: 20.1.8.6)
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver (Version: 7.31.1025.2010)
Realtek Ethernet Diagnostic Utility (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6235)
Rhapsody Player Engine (Version: 1.0.604)
RingCentral Call Controller
Scan (Version: 13.0.0.0)
Secrets of Great Art (Version: 32.0.0.0)
Shop-N-Spree (Version: 32.0.0.0)
Shop for HP Supplies (Version: 13.0)
Skype Click to Call (Version: 5.8.8855)
Skype™ 5.10 (Version: 5.10.116)
SmartSound Quicktracks for Premiere Elements 8.0 (Version: 3.11.3090)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Stamps.com
Stamps.com (Version: 9.5.4.2264)
Stamps.com Application Support for Microsoft Word 2000-2010 (Version: 8.7.0.1506)
Stamps.com support for Microsoft Word 2000-2010
Status (Version: 130.0.469.000)
swMSM (Version: 12.0.0.1)
The Surprising Adventures of Munchausen
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
WeatherBug (Version: 7.0.0.7)
WebReg (Version: 130.0.132.017)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (Version: 15.4.5722.2)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
XIII: Lost Identity (Version: 32.0.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 8173.22 MB
Available physical RAM: 5444.65 MB
Total Pagefile: 16344.63 MB
Available Pagefile: 13479.79 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.63 MB

========================= Partitions: =====================================

1 Drive c: (WIN7) (Fixed) (Total:917.33 GB) (Free:759.29 GB) NTFS
2 Drive d: (110412_1441) (CDROM) (Total:1.8 GB) (Free:0 GB) UDF
7 Drive k: (FreeAgent GoFlex Drive) (Fixed) (Total:931.51 GB) (Free:782.16 GB) NTFS

========================= Users: ========================================

User accounts for \\ASA

Administrator Cucolo Guest


**** End of log ****

#6 Gingerbred

Gingerbred
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Carlisle, Pa
  • Local time:06:42 AM

Posted 15 September 2012 - 09:12 AM

# AdwCleaner v2.001 - Logfile created 09/15/2012 at 10:07:43
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Cucolo - ASA
# Boot Mode : Normal
# Running from : C:\Users\Cucolo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S61W1FML\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Cucolo\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1082 octets] - [15/09/2012 10:07:25]
AdwCleaner[S1].txt - [1455 octets] - [15/09/2012 10:07:43]

########## EOF - C:\AdwCleaner[S1].txt - [1515 octets] ##########

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:42 AM

Posted 15 September 2012 - 09:23 AM

Malwarebytes log?

Farbar service scanner log?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#8 Gingerbred

Gingerbred
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Carlisle, Pa
  • Local time:06:42 AM

Posted 15 September 2012 - 03:08 PM

Rkill log

Rkill 2.3.15 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/15/2012 04:07:29 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Cucolo\Desktop\rkill\rkill-09-15-2012-04-07-31.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/15/2012 04:07:38 PM
Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)

#9 Gingerbred

Gingerbred
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Carlisle, Pa
  • Local time:06:42 AM

Posted 15 September 2012 - 03:13 PM

Autoruns text log

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "CLink_McciTrayApp" "mcci+McciTrayApp" "Alcatel-Lucent" "c:\program files\clink\mccitrayapp.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acrobat Assistant 8.0" "AcroTray" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrotray.exe"
+ "Adobe Acrobat Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrobat_sl.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "hpqSRMon" "HpqSRmon" "Hewlett-Packard" "c:\program files (x86)\hp\digital imaging\bin\hpqsrmon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "RunAIShell" "Helper AP for Windows ShellExec for NT" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\ai manager\asshellapplication.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "AsusVibeLauncher.lnk" "AsusVibe Application" "" "c:\program files (x86)\asus\asusvibe\asusvibelauncher.exe"
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe"
"C:\Users\Cucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "DealFinder.lnk" "" "" "File not found: C:\Program Files (x86)\AA\DealFinder\DealFinder\DealFinder.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe" "Microsoft SmartScreen Filter" "Microsoft Corporation" "c:\users\cucolo\appdata\local\akamai\adobe\sjkepqdgq.dll"
+ "Adobe Acrobat Synchronizer" "Adobe Collaboration Synchronizer 10.1" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 10.0\acrobat\adobecollabsync.exe"
+ "Akamai NetSession Interface" "Akamai NetSession Client" "Akamai Technologies, Inc." "c:\users\cucolo\appdata\local\akamai\netsession_win.exe"
+ "CAHeadless" "Elements Auto Analyzer" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\elementsautoanalyzer.exe"
+ "GoogleDriveSync" "Google Drive" "Google" "c:\program files (x86)\google\drive\googledrivesync.exe"
+ "iCloudServices" "iCloud" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\icloudservices.exe"+ "MobileDocuments" "ubd.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\ubd.exe"
+ "RCHotKey" "RC Hot Key Launcher" "RingCentral, Inc." "c:\program files (x86)\ringcentral\ringcentral call controller\rchotkey.exe"
+ "RCUI" "RingCentral Call Controller" "RingCentral, Inc." "c:\program files (x86)\ringcentral\ringcentral call controller\rcui.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "Cover Designer" "Cover Designer" "Nero AG" "c:\program files (x86)\nero\nero 9\nero coverdesigner\coveredextension.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "GDriveBlacklistedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSharedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncingOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Conversion Toolbar Helper" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "SmartSelect Class" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "SSVHelper Class" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Adobe PDF" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Wish List" "" "" "c:\program files (x86)\amazon\add to wish list ie extension\run.htm"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\AdobeAAMUpdater-1.0-Asa-Cucolo" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\ASUS\AsBackupWizard_Run" "Helper tool for run ASUS Backup Wizard" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\asbackupwizard\asrunbkwizardhelper.exe"
+ "\ASUS\ASUS AI Suite II Execute" "ASUS Routine Controller" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\ai suite ii\asroutinecontroller.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PC Optimizer Pro64 startups" "" "" "File not found: C:\Program Files\PC Optimizer Pro\StartApps.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-1477801136-1877767719-2381627301-1001" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-1477801136-1877767719-2381627301-1001" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\RunAsStdUser Task" "" "" "File not found: C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
+ "\{0D0EAE97-B94B-4F32-99B0-5BB19EDE95C3}" "Apple Outlook DAV Config" "Apple Inc." "c:\program files\common files\apple\internet services\appleoutlookdavconfig64.exe"
+ "\{1494CB45-C024-4474-B252-179A7F2EA240}" "" "" "File not found: C:\Program Files (x86)\Real\RealPlayer\realplay.exe"
+ "\{15322B40-5026-4BC8-906C-66C3B8C00240}" "Apple Outlook DAV Config" "Apple Inc." "c:\program files\common files\apple\internet services\appleoutlookdavconfig64.exe"
+ "\{2B6C6356-5304-4E50-A9F3-3FA91996AF9B}" "" "" "File not found: C:\Program Files (x86)\Real\RealPlayer\realplay.exe"
+ "\{A8C1E10E-3AC4-403C-ABEF-C2B9BD6BD224}" "" "" "File not found: C:\Program Files (x86)\Real\RealPlayer\realplay.exe"
+ "\{AF4B5BC4-9A3D-4C9A-853D-69397AC6927D}" "" "" "File not found: C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
+ "\{B0E14BAA-B3A2-4EBD-82A8-C9808B5AD4FA}" "" "" "File not found: C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
+ "\{CBF17AF3-D693-4CF5-8E85-3FC572E097F5}" "" "" "File not found: C:\Program Files (x86)\Real\RealPlayer\realplay.exe"
+ "\{D88AC54F-96E9-4C95-BE64-47A8E269A894}" "" "" "File not found: C:\Program Files (x86)\Chapter and Verse\Chapter and Verse.exe"
+ "\{D918F0C9-10A2-45BF-82A8-DF5F2C8A4C95}" "" "" "File not found: C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
+ "\{FF22FA4B-BE2A-4F62-B99E-2E9A375BEDF8}" "" "" "File not found: C:\Program Files (x86)\AA\DealFinder\DealFinder\DealFinder.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeActiveFileMonitor8.0" "Tracks files that are managed by Elements Organizer" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements organizer 8.0\photoshopelementsfileagent.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "asComSvc" "" "" "c:\program files (x86)\asus\axsp\1.00.13\atkexcomsvc.exe"
+ "asHmComSvc" "" "" "c:\program files (x86)\asus\aahm\1.00.11\aahmsvc.exe"
+ "AsSysCtrlService" "" "" "c:\program files (x86)\asus\assysctrlservice\1.00.10\assysctrlservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "Device Handle Service" "Device Handle" "ASUSTeK Computer Inc." "c:\windows\syswow64\ashookdevice.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"
+ "HPSLPSVC" "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McciCMService" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files (x86)\common files\motive\mccicmservice.exe"
+ "McciCMService64" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "Nero BackItUp Scheduler 4.0" "Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "NVSvc" "NVIDIA Driver Helper Service, Version 267.08" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "ASInsHelp" "" "" "c:\windows\syswow64\drivers\asinshelp64.sys"
+ "AsIO" "" "" "c:\windows\syswow64\drivers\asio.sys"
+ "asmthub3" "ASMedia USB3 Hub Driver" "ASMedia Technology Inc" "c:\windows\system32\drivers\asmthub3.sys"
+ "asmtxhci" "ASMEDIA XHCI Host Controller Driver" "ASMedia Technology Inc" "c:\windows\system32\drivers\asmtxhci.sys"
+ "AsUpIO" "" "" "c:\windows\syswow64\drivers\asupio.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "eclykrko" "" "" "File not found: C:\Windows\system32\drivers\eclykrko.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "gxnujilb" "" "" "File not found: C:\Windows\system32\drivers\gxnujilb.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "kgmkgesg" "" "" "File not found: C:\Windows\system32\drivers\kgmkgesg.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mbhlcbtl" "" "" "File not found: C:\Windows\system32\drivers\mbhlcbtl.sys"
+ "MCSTRM" "" "" "File not found: C:\Windows\System32\Drivers\MCSTRM.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mremp50.sys"
+ "MREMP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS"
+ "MREMPR5" "" "" "File not found: C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS"
+ "MRENDIS5" "" "" "File not found: C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS"
+ "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mresp50.sys"
+ "MRESP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 267.08 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "pgdnhrwb" "" "" "File not found: C:\Windows\system32\drivers\pgdnhrwb.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "qgymzhqc" "" "" "File not found: C:\Windows\system32\drivers\qgymzhqc.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "RtNdPt60" "Realtek NDIS Protocol Driver" "Realtek " "c:\windows\system32\drivers\rtndpt60.sys"
+ "RTTEAMPT" "Realtek Teaming Protocol Driver (NDIS 6.2)" "Realtek Corporation" "c:\windows\system32\drivers\rtteam60.sys"
+ "RTVLANPT" "Realtek Vlan Protocol Driver (NDIS 6.2)" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\rtvlan60.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "TEAM" "Realtek Virtual Miniport Driver for Teaming (NDIS 6.2)" "Realtek Corporation" "c:\windows\system32\drivers\rtteam60.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "MainConcept (Adobe2) AMR Decoder" "AMR Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2amrd.ax"
+ "MainConcept (Adobe2) AMR Encoder" "AMR Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2amre.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) MP4 Demultiplexer" "MPEG-4 Demultiplexer Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2mp4demux.ax"
+ "MainConcept (Adobe2) MP4 Multiplexer" "MPEG-4 Multiplexer Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2mp4mux.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
+ "MainConcept (Adobe2) MPEG-4 Video Encoder" "MPEG-4 Video Encoder Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2m4ve.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "MainConcept (Adobe2) AAC Decoder" "AAC audio decoder filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2daac.ax"
+ "MainConcept (Adobe2) AAC Encoder" "AAC audio encoder filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2eaac.ax"
+ "MainConcept (Adobe2) AMR Decoder" "AMR Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2amrd.ax"
+ "MainConcept (Adobe2) AMR Encoder" "AMR Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2amre.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Decoder" "AVC/H.264 Video Decoder" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2avcvd.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) Dolby Digital Audio Decoder" "Dolby Digital Audio Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2ddad.ax"
+ "MainConcept (Adobe2) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) Layer II Audio Decoder" "Layer II Audio Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2l2ad.ax"
+ "MainConcept (Adobe2) Layer II Audio Encoder" "Layer-II Audio Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2l2ae.ax"
+ "MainConcept (Adobe2) MP4 Demultiplexer" "MPEG-4 Demultiplexer Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2mp4demux.ax"
+ "MainConcept (Adobe2) MP4 Multiplexer" "MPEG-4 Multiplexer Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2mp4mux.ax"
+ "MainConcept (Adobe2) MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\common files\adobe\dva\com\rel1\ad2mcdsmpeg.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
+ "MainConcept (Adobe2) MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\common files\adobe\dva\com\rel1\ad2mcdsmpeg.ax"
+ "MainConcept (Adobe2) MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2m2vd.ax"
+ "MainConcept (Adobe2) MPEG-2 Video Encoder" "MPEG-2 Video Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2m2ve.ax"
+ "MainConcept (Adobe2) MPEG-4 Video Decoder" "MPEG-4 Video Decoder Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2m4vd.ax"
+ "MainConcept (Adobe2) MPEG-4 Video Encoder" "MPEG-4 Video Encoder Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2m4ve.ax"
+ "MainConcept (Adobe2) Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SmartSound SDS Reader" "SDS Media File Reader Filter" "SmartSound Software Inc." "c:\program files (x86)\smartsound software\quicktracks\sdsreader.dll"
+ "SmartSound Soundtrack" "Quicktracks Soundtrack source filter" "SmartSound Software Inc." "c:\program files (x86)\smartsound software\quicktracks\directqx.dll"
+ "Track1Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements organizer 8.0\track1filter.dll"
+ "Track2Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements organizer 8.0\track2filter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "{D517CC93-7066-4D06-A2AF-2F4298738C2A}" "" "" "File not found: C:\Program Files (x86)\Adobe\Adobe Premiere Elements 8.0\plug-ins\en_US\DvFileWriter.prm"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Adobe PDF Port Monitor" "Adobe PDF Port Monitor DLL" "Adobe Systems Inc" "c:\windows\system32\adobepdf.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:42 AM

Posted 15 September 2012 - 03:37 PM

Malwarebytes and farbar service scanner log?

#11 Gingerbred

Gingerbred
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Carlisle, Pa
  • Local time:06:42 AM

Posted 15 September 2012 - 03:58 PM

Malware bytes and farbar should be above, but just in case, repasting below...

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.15.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cucolo :: ASA [administrator]

Protection: Enabled

9/15/2012 8:53:31 AM
mbam-log-2012-09-15 (08-53-31).txt

Scan type: Full scan (C:\|D:\|F:\|G:\|H:\|I:\|K:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 407558
Time elapsed: 50 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Cucolo\AppData\Local\Temp\0.6624582800130904 (Trojan.BHO) -> Quarantined and deleted successfully.

(end)







MiniToolBox by Farbar Version: 23-07-2012
Ran by Cucolo (administrator) on 15-09-2012 at 10:04:11
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Asa
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 14-DA-E9-57-F5-59
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::19f6:8104:907b:a41b%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.30(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, September 15, 2012 9:46:20 AM
Lease Expires . . . . . . . . . . : Sunday, September 16, 2012 9:46:20 AM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 185916137
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-DA-D7-53-14-DA-E9-57-F5-59
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:439:cfc:bc15:4560(Preferred)
Link-local IPv6 Address . . . . . : fe80::439:cfc:bc15:4560%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslrouter.westell.com
Address: 10.0.0.1

Name: google.com
Addresses: 2607:f8b0:4004:803::1002
74.125.228.101
74.125.228.102
74.125.228.103
74.125.228.104
74.125.228.105
74.125.228.110
74.125.228.96
74.125.228.97
74.125.228.98
74.125.228.99
74.125.228.100


Pinging google.com [74.125.228.100] with 32 bytes of data:
Reply from 74.125.228.100: bytes=32 time=31ms TTL=56
Reply from 74.125.228.100: bytes=32 time=32ms TTL=56

Ping statistics for 74.125.228.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 32ms, Average = 31ms
Server: dslrouter.westell.com
Address: 10.0.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=691ms TTL=48
Reply from 98.139.183.24: bytes=32 time=678ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 678ms, Maximum = 691ms, Average = 684ms
Server: dslrouter.westell.com
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
11...14 da e9 57 f5 59 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.30 20
10.0.0.0 255.255.255.0 On-link 10.0.0.30 276
10.0.0.30 255.255.255.255 On-link 10.0.0.30 276
10.0.0.255 255.255.255.255 On-link 10.0.0.30 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.30 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.30 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:6ab8:439:cfc:bc15:4560/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::439:cfc:bc15:4560/128
On-link
11 276 fe80::19f6:8104:907b:a41b/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/15/2012 09:47:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2012 07:20:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15008

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15008

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13994

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13994

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/14/2012 03:44:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12995

Error: (09/14/2012 03:44:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12995


System errors:
=============
Error: (09/15/2012 09:46:32 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (09/15/2012 08:56:48 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/13/2012 00:27:14 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/13/2012 00:12:54 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/13/2012 10:28:45 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/13/2012 03:20:07 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (09/12/2012 03:05:14 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/12/2012 00:01:00 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/12/2012 08:19:39 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (09/12/2012 07:21:42 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}


Microsoft Office Sessions:
=========================
Error: (09/15/2012 09:47:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2012 07:20:12 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15008

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15008

Error: (09/14/2012 03:44:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13994

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13994

Error: (09/14/2012 03:44:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/14/2012 03:44:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12995

Error: (09/14/2012 03:44:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12995


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 1.2.0)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20
Acrobat.com (Version: 1.6.65)
Adobe Acrobat X Standard - English, Français, Deutsch (Version: 10.1.4)
Adobe After Effects CS6 (Version: 11)
Adobe AIR (Version: 3.4.0.2540)
Adobe Download Assistant (Version: 1.2.2)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Help Manager (Version: 4.0.244)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.04)
Adobe Premiere Elements 8.0 (Version: 8.0)
Adobe Premiere Elements 8.0 (Version: 8.0.1)
Adobe Reader 9.5.2 MUI (Version: 9.5.2)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Advertising Center (Version: 0.0.0.1)
AI Manager (Version: 1.09.06)
AI Suite II (Version: 1.01.12)
AIO_CDA_ProductContext (Version: 130.0.365.000)
AIO_CDA_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.365.000)
Akamai NetSession Interface
Amazon Add to Wish List IE Extension 1.2 (Version: 1.2)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Amazon MP3 Uploader (Version: 1.0.8)
Antique Road Trip 2: Homecoming (Version: 32.0.0.0)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ASUS Backup Wizard (Version: 1.00.10)
AsusVibe2.0 (Version: 2.0.2.562)
Audacity 1.3.13 (Unicode)
Avery Wizard 4.0 (Version: 4.0.103)
Best Buy pc app (Version: 3.2.0.0)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
C3100 (Version: 130.0.365.000)
c3100_Help (Version: 82.0.256.000)
CenturyLink Help
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
Copy (Version: 130.0.428.000)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
Dream Day Wedding: Viva Las Vegas (Version: 32.0.0.0)
ESET Online Scanner v3
Fax (Version: 130.0.418.000)
FFmpeg for Audacity on Windows
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Google Drive (Version: 1.3.3209.2688)
Google Update Helper (Version: 1.3.21.123)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
iCloud (Version: 1.1.0.40)
ImagXpress (Version: 7.0.74.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 10.6.3.25)
J2SE Runtime Environment 5.0 Update 7 (Version: 1.5.0.70)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
LAME v3.98.3 for Audacity
Little Shop - City Lights (Version: 32.0.0.0)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 130.0.374.000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mirror Mysteries (Version: 32.0.0.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Nero 9 Essentials
Nero BurnRights (Version: 3.4.7.100)
Nero BurnRights Help (Version: 3.4.4.100)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.4.7.100)
Nero CoverDesigner Help (Version: 4.4.9.100)
Nero DiscSpeed (Version: 5.4.7.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.4.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.6.2.101)
Nero InfoTool (Version: 6.4.7.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.8.1)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.11.208)
Nero StartSmart Help (Version: 9.4.1.100)
Nero StartSmart OEM (Version: 9.4.10.100)
NeroExpress (Version: 9.4.10.505)
neroxml (Version: 1.0.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
NVIDIA Control Panel 267.08 (Version: 267.08)
NVIDIA Graphics Driver 267.08 (Version: 267.08)
NVIDIA HD Audio Driver 1.1.13.1 (Version: 1.1.13.1)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PC Optimizer Pro (Version: 6.1.7.4)
Quicken 2011 (Version: 20.1.8.6)
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver (Version: 7.31.1025.2010)
Realtek Ethernet Diagnostic Utility (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6235)
Rhapsody Player Engine (Version: 1.0.604)
RingCentral Call Controller
Scan (Version: 13.0.0.0)
Secrets of Great Art (Version: 32.0.0.0)
Shop-N-Spree (Version: 32.0.0.0)
Shop for HP Supplies (Version: 13.0)
Skype Click to Call (Version: 5.8.8855)
Skype™ 5.10 (Version: 5.10.116)
SmartSound Quicktracks for Premiere Elements 8.0 (Version: 3.11.3090)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Stamps.com
Stamps.com (Version: 9.5.4.2264)
Stamps.com Application Support for Microsoft Word 2000-2010 (Version: 8.7.0.1506)
Stamps.com support for Microsoft Word 2000-2010
Status (Version: 130.0.469.000)
swMSM (Version: 12.0.0.1)
The Surprising Adventures of Munchausen
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
WeatherBug (Version: 7.0.0.7)
WebReg (Version: 130.0.132.017)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (Version: 15.4.5722.2)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
XIII: Lost Identity (Version: 32.0.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 8173.22 MB
Available physical RAM: 5444.65 MB
Total Pagefile: 16344.63 MB
Available Pagefile: 13479.79 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.63 MB

========================= Partitions: =====================================

1 Drive c: (WIN7) (Fixed) (Total:917.33 GB) (Free:759.29 GB) NTFS
2 Drive d: (110412_1441) (CDROM) (Total:1.8 GB) (Free:0 GB) UDF
7 Drive k: (FreeAgent GoFlex Drive) (Fixed) (Total:931.51 GB) (Free:782.16 GB) NTFS

========================= Users: ========================================

User accounts for \\ASA

Administrator Cucolo Guest


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:42 AM

Posted 15 September 2012 - 04:04 PM

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Launch Autoruns and uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe" "Microsoft SmartScreen Filter" "Microsoft Corporation" "c:\users\cucolo\appdata\local\akamai\adobe\sjkepqdgq.dll"

Restart the PC and delete this file

c:\users\cucolo\appdata\local\akamai\adobe\sjkepqdgq.dll

Let me know if you still have redirects

#13 Gingerbred

Gingerbred
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Carlisle, Pa
  • Local time:06:42 AM

Posted 15 September 2012 - 04:40 PM

I think it's gone!!!! THANK YOU SOOO MUCH!!!! :clapping:

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:42 AM

Posted 15 September 2012 - 04:48 PM

Follow my previous instructions.I still require FSS log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users