Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus


  • Please log in to reply
12 replies to this topic

#1 hamiltonwhitney

hamiltonwhitney

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 15 September 2012 - 03:54 PM

Hi there, I've got a redirect virus that I can't seem to get rid of no matter what I do. I've run Security Essentials, Malware Bytes, Spybot, Adaware, TDSkiller, Kaspersky, and Combofix (under the supervision of an IT professional). A few trojans have been found - by MBAM and MS SE I think, and wiped in the process but the redirects still persist even with the scans coming back clean. Right now it's livable as the redirects occur randomly and not with every search. Because I don't use this PC that often I have been putting off getting this taken care of even though it's been going on for some months. I'm running Windows 7, 64bit. Thanks in advance for your help!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 15 September 2012 - 04:06 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 hamiltonwhitney

hamiltonwhitney
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 16 September 2012 - 12:37 AM

I did not realize that I didn't have it set to notify me immediately of thread replies so I only just now saw your response. I should be able to go through your instructions tomorrow morning. Thanks.

#4 hamiltonwhitney

hamiltonwhitney
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 16 September 2012 - 03:53 PM

Here are the reports. Also, I don't know if it makes a difference, but it is Windows 7, Home Premium to be specific.

TDSSKiller Report:

13:51:30.0502 10272 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:51:30.0737 10272 ============================================================
13:51:30.0737 10272 Current date / time: 2012/09/16 13:51:30.0737
13:51:30.0737 10272 SystemInfo:
13:51:30.0737 10272
13:51:30.0737 10272 OS Version: 6.1.7601 ServicePack: 1.0
13:51:30.0737 10272 Product type: Workstation
13:51:30.0737 10272 ComputerName: RANDOM
13:51:30.0737 10272 UserName: Hamilton and Lauren
13:51:30.0737 10272 Windows directory: C:\Windows
13:51:30.0737 10272 System windows directory: C:\Windows
13:51:30.0737 10272 Running under WOW64
13:51:30.0737 10272 Processor architecture: Intel x64
13:51:30.0737 10272 Number of processors: 4
13:51:30.0737 10272 Page size: 0x1000
13:51:30.0737 10272 Boot type: Normal boot
13:51:30.0738 10272 ============================================================
13:51:31.0986 10272 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x17A85, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
13:51:31.0992 10272 Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:51:31.0996 10272 ============================================================
13:51:31.0996 10272 \Device\Harddisk0\DR0:
13:51:31.0996 10272 MBR partitions:
13:51:31.0996 10272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:51:31.0996 10272 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57513000
13:51:31.0996 10272 \Device\Harddisk1\DR1:
13:51:31.0997 10272 MBR partitions:
13:51:31.0997 10272 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x950A5C1
13:51:31.0997 10272 ============================================================
13:51:32.0007 10272 C: <-> \Device\Harddisk0\DR0\Partition2
13:51:32.0008 10272 E: <-> \Device\Harddisk1\DR1\Partition1
13:51:32.0008 10272 ============================================================
13:51:32.0008 10272 Initialize success
13:51:32.0008 10272 ============================================================
13:51:41.0070 8288 ============================================================
13:51:41.0070 8288 Scan started
13:51:41.0070 8288 Mode: Manual; TDLFS;
13:51:41.0070 8288 ============================================================
13:51:41.0473 8288 ================ Scan system memory ========================
13:51:41.0473 8288 System memory - ok
13:51:41.0473 8288 ================ Scan services =============================
13:51:41.0560 8288 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:51:41.0563 8288 1394ohci - ok
13:51:41.0598 8288 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:51:41.0601 8288 ACPI - ok
13:51:41.0642 8288 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:51:41.0642 8288 AcpiPmi - ok
13:51:41.0756 8288 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:51:41.0758 8288 AdobeFlashPlayerUpdateSvc - ok
13:51:41.0789 8288 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:51:41.0794 8288 adp94xx - ok
13:51:41.0811 8288 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:51:41.0815 8288 adpahci - ok
13:51:41.0836 8288 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:51:41.0838 8288 adpu320 - ok
13:51:41.0878 8288 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:51:41.0879 8288 AeLookupSvc - ok
13:51:41.0927 8288 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:51:41.0932 8288 AFD - ok
13:51:41.0973 8288 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:51:41.0974 8288 agp440 - ok
13:51:41.0991 8288 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:51:41.0992 8288 ALG - ok
13:51:42.0013 8288 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:51:42.0013 8288 aliide - ok
13:51:42.0023 8288 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:51:42.0024 8288 amdide - ok
13:51:42.0040 8288 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:51:42.0041 8288 AmdK8 - ok
13:51:42.0054 8288 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:51:42.0069 8288 AmdPPM - ok
13:51:42.0108 8288 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:51:42.0109 8288 amdsata - ok
13:51:42.0133 8288 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:51:42.0135 8288 amdsbs - ok
13:51:42.0148 8288 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:51:42.0148 8288 amdxata - ok
13:51:42.0190 8288 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:51:42.0191 8288 AppID - ok
13:51:42.0208 8288 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:51:42.0208 8288 AppIDSvc - ok
13:51:42.0241 8288 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:51:42.0242 8288 Appinfo - ok
13:51:42.0371 8288 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:51:42.0373 8288 Apple Mobile Device - ok
13:51:42.0401 8288 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:51:42.0402 8288 arc - ok
13:51:42.0407 8288 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:51:42.0408 8288 arcsas - ok
13:51:42.0430 8288 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:51:42.0431 8288 AsyncMac - ok
13:51:42.0455 8288 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:51:42.0455 8288 atapi - ok
13:51:42.0489 8288 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:51:42.0496 8288 AudioEndpointBuilder - ok
13:51:42.0520 8288 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:51:42.0526 8288 AudioSrv - ok
13:51:42.0611 8288 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:51:42.0613 8288 AxInstSV - ok
13:51:42.0648 8288 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:51:42.0653 8288 b06bdrv - ok
13:51:42.0697 8288 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:51:42.0700 8288 b57nd60a - ok
13:51:42.0732 8288 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:51:42.0733 8288 BDESVC - ok
13:51:42.0754 8288 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:51:42.0754 8288 Beep - ok
13:51:42.0808 8288 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:51:42.0814 8288 BFE - ok
13:51:42.0864 8288 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
13:51:42.0873 8288 BITS - ok
13:51:42.0897 8288 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:51:42.0898 8288 blbdrive - ok
13:51:43.0029 8288 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:51:43.0033 8288 Bonjour Service - ok
13:51:43.0066 8288 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:51:43.0067 8288 bowser - ok
13:51:43.0084 8288 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:51:43.0084 8288 BrFiltLo - ok
13:51:43.0095 8288 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:51:43.0095 8288 BrFiltUp - ok
13:51:43.0106 8288 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:51:43.0107 8288 BridgeMP - ok
13:51:43.0138 8288 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:51:43.0139 8288 Browser - ok
13:51:43.0161 8288 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:51:43.0164 8288 Brserid - ok
13:51:43.0176 8288 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:51:43.0177 8288 BrSerWdm - ok
13:51:43.0194 8288 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:51:43.0194 8288 BrUsbMdm - ok
13:51:43.0200 8288 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:51:43.0201 8288 BrUsbSer - ok
13:51:43.0217 8288 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:51:43.0218 8288 BTHMODEM - ok
13:51:43.0249 8288 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:51:43.0250 8288 bthserv - ok
13:51:43.0261 8288 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:51:43.0262 8288 cdfs - ok
13:51:43.0302 8288 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:51:43.0303 8288 cdrom - ok
13:51:43.0342 8288 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:51:43.0343 8288 CertPropSvc - ok
13:51:43.0369 8288 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:51:43.0369 8288 circlass - ok
13:51:43.0396 8288 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:51:43.0400 8288 CLFS - ok
13:51:43.0464 8288 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:51:43.0466 8288 clr_optimization_v2.0.50727_32 - ok
13:51:43.0527 8288 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:51:43.0528 8288 clr_optimization_v2.0.50727_64 - ok
13:51:43.0622 8288 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:51:43.0624 8288 clr_optimization_v4.0.30319_32 - ok
13:51:43.0666 8288 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:51:43.0668 8288 clr_optimization_v4.0.30319_64 - ok
13:51:43.0679 8288 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:51:43.0679 8288 CmBatt - ok
13:51:43.0691 8288 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:51:43.0692 8288 cmdide - ok
13:51:43.0725 8288 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:51:43.0729 8288 CNG - ok
13:51:43.0749 8288 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:51:43.0749 8288 Compbatt - ok
13:51:43.0795 8288 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:51:43.0796 8288 CompositeBus - ok
13:51:43.0800 8288 COMSysApp - ok
13:51:43.0819 8288 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:51:43.0819 8288 crcdisk - ok
13:51:43.0864 8288 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:51:43.0866 8288 CryptSvc - ok
13:51:43.0907 8288 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:51:43.0913 8288 DcomLaunch - ok
13:51:43.0936 8288 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:51:43.0940 8288 defragsvc - ok
13:51:43.0981 8288 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:51:43.0982 8288 DfsC - ok
13:51:44.0045 8288 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:51:44.0049 8288 Dhcp - ok
13:51:44.0067 8288 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:51:44.0068 8288 discache - ok
13:51:44.0092 8288 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:51:44.0093 8288 Disk - ok
13:51:44.0134 8288 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:51:44.0137 8288 Dnscache - ok
13:51:44.0235 8288 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:51:44.0238 8288 dot3svc - ok
13:51:44.0307 8288 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:51:44.0309 8288 DPS - ok
13:51:44.0402 8288 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:51:44.0403 8288 drmkaud - ok
13:51:44.0461 8288 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:51:44.0470 8288 DXGKrnl - ok
13:51:44.0482 8288 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:51:44.0484 8288 EapHost - ok
13:51:44.0560 8288 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:51:44.0577 8288 ebdrv - ok
13:51:44.0606 8288 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:51:44.0606 8288 EFS - ok
13:51:44.0661 8288 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:51:44.0668 8288 ehRecvr - ok
13:51:44.0703 8288 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:51:44.0704 8288 ehSched - ok
13:51:44.0731 8288 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:51:44.0736 8288 elxstor - ok
13:51:44.0747 8288 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:51:44.0748 8288 ErrDev - ok
13:51:44.0781 8288 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:51:44.0785 8288 EventSystem - ok
13:51:44.0805 8288 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:51:44.0807 8288 exfat - ok
13:51:44.0831 8288 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:51:44.0833 8288 fastfat - ok
13:51:44.0873 8288 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:51:44.0880 8288 Fax - ok
13:51:44.0902 8288 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:51:44.0903 8288 fdc - ok
13:51:44.0936 8288 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:51:44.0937 8288 fdPHost - ok
13:51:44.0962 8288 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:51:44.0963 8288 FDResPub - ok
13:51:44.0971 8288 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:51:44.0972 8288 FileInfo - ok
13:51:44.0989 8288 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:51:44.0989 8288 Filetrace - ok
13:51:44.0998 8288 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:51:44.0999 8288 flpydisk - ok
13:51:45.0018 8288 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:51:45.0021 8288 FltMgr - ok
13:51:45.0077 8288 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:51:45.0088 8288 FontCache - ok
13:51:45.0151 8288 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:51:45.0152 8288 FontCache3.0.0.0 - ok
13:51:45.0173 8288 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:51:45.0174 8288 FsDepends - ok
13:51:45.0205 8288 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:51:45.0205 8288 Fs_Rec - ok
13:51:45.0232 8288 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:51:45.0234 8288 fvevol - ok
13:51:45.0264 8288 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:51:45.0265 8288 gagp30kx - ok
13:51:45.0297 8288 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:51:45.0298 8288 GEARAspiWDM - ok
13:51:45.0340 8288 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:51:45.0347 8288 gpsvc - ok
13:51:45.0464 8288 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:51:45.0465 8288 gupdate - ok
13:51:45.0507 8288 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:51:45.0509 8288 gupdatem - ok
13:51:45.0528 8288 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:51:45.0529 8288 hcw85cir - ok
13:51:45.0570 8288 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:51:45.0573 8288 HdAudAddService - ok
13:51:45.0606 8288 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:51:45.0607 8288 HDAudBus - ok
13:51:45.0621 8288 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:51:45.0622 8288 HidBatt - ok
13:51:45.0636 8288 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:51:45.0637 8288 HidBth - ok
13:51:45.0658 8288 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:51:45.0659 8288 HidIr - ok
13:51:45.0689 8288 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
13:51:45.0691 8288 hidserv - ok
13:51:45.0729 8288 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:51:45.0729 8288 HidUsb - ok
13:51:45.0762 8288 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:51:45.0764 8288 hkmsvc - ok
13:51:45.0779 8288 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:51:45.0782 8288 HomeGroupListener - ok
13:51:45.0808 8288 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:51:45.0812 8288 HomeGroupProvider - ok
13:51:45.0831 8288 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:51:45.0832 8288 HpSAMD - ok
13:51:45.0898 8288 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:51:45.0905 8288 HTTP - ok
13:51:45.0936 8288 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:51:45.0937 8288 hwpolicy - ok
13:51:45.0967 8288 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:51:45.0968 8288 i8042prt - ok
13:51:45.0986 8288 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:51:45.0990 8288 iaStorV - ok
13:51:46.0030 8288 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:51:46.0037 8288 idsvc - ok
13:51:46.0124 8288 [ C135BFF15563592B8EA070EA109967F7 ] IHA_MessageCenter C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
13:51:46.0127 8288 IHA_MessageCenter - ok
13:51:46.0147 8288 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:51:46.0148 8288 iirsp - ok
13:51:46.0197 8288 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:51:46.0205 8288 IKEEXT - ok
13:51:46.0225 8288 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:51:46.0226 8288 intelide - ok
13:51:46.0259 8288 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:51:46.0260 8288 intelppm - ok
13:51:46.0311 8288 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:51:46.0313 8288 IPBusEnum - ok
13:51:46.0346 8288 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:51:46.0348 8288 IpFilterDriver - ok
13:51:46.0385 8288 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:51:46.0391 8288 iphlpsvc - ok
13:51:46.0420 8288 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:51:46.0421 8288 IPMIDRV - ok
13:51:46.0435 8288 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:51:46.0436 8288 IPNAT - ok
13:51:46.0513 8288 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:51:46.0521 8288 iPod Service - ok
13:51:46.0538 8288 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:51:46.0539 8288 IRENUM - ok
13:51:46.0556 8288 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:51:46.0557 8288 isapnp - ok
13:51:46.0586 8288 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:51:46.0589 8288 iScsiPrt - ok
13:51:46.0615 8288 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:51:46.0616 8288 kbdclass - ok
13:51:46.0641 8288 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:51:46.0641 8288 kbdhid - ok
13:51:46.0650 8288 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:51:46.0652 8288 KeyIso - ok
13:51:46.0682 8288 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:51:46.0683 8288 KSecDD - ok
13:51:46.0715 8288 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:51:46.0716 8288 KSecPkg - ok
13:51:46.0727 8288 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:51:46.0728 8288 ksthunk - ok
13:51:46.0751 8288 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:51:46.0755 8288 KtmRm - ok
13:51:46.0771 8288 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:51:46.0775 8288 LanmanServer - ok
13:51:46.0816 8288 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:51:46.0820 8288 LanmanWorkstation - ok
13:51:46.0922 8288 [ 19EFF704CD16DD0429E128431F1DD631 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
13:51:46.0925 8288 LBTServ - ok
13:51:46.0966 8288 [ ABFD2B5726F4CCE49297AE48806CC594 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
13:51:46.0967 8288 LEqdUsb - ok
13:51:46.0994 8288 [ 933F69CF9ACD2498693BFCD7ED68E8D4 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
13:51:46.0994 8288 LHidEqd - ok
13:51:47.0035 8288 [ 1074C77A47835E03C15BF92452F9A750 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:51:47.0036 8288 LHidFilt - ok
13:51:47.0053 8288 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:51:47.0054 8288 lltdio - ok
13:51:47.0075 8288 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:51:47.0078 8288 lltdsvc - ok
13:51:47.0093 8288 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:51:47.0094 8288 lmhosts - ok
13:51:47.0102 8288 [ 96999C364C649E2866A268F7420A304A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:51:47.0103 8288 LMouFilt - ok
13:51:47.0141 8288 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:51:47.0143 8288 LSI_FC - ok
13:51:47.0154 8288 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:51:47.0155 8288 LSI_SAS - ok
13:51:47.0173 8288 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:51:47.0174 8288 LSI_SAS2 - ok
13:51:47.0195 8288 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:51:47.0197 8288 LSI_SCSI - ok
13:51:47.0212 8288 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:51:47.0213 8288 luafv - ok
13:51:47.0265 8288 [ 51914228D4B9610FBA24F249C0FDD871 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
13:51:47.0266 8288 mbamchameleon - ok
13:51:47.0298 8288 [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
13:51:47.0301 8288 McciCMService - ok
13:51:47.0344 8288 [ 859E5A32485178DAECA06B52E2BB44B2 ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
13:51:47.0349 8288 McciCMService64 - ok
13:51:47.0373 8288 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:51:47.0375 8288 Mcx2Svc - ok
13:51:47.0394 8288 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:51:47.0395 8288 megasas - ok
13:51:47.0412 8288 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:51:47.0415 8288 MegaSR - ok
13:51:47.0436 8288 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:51:47.0438 8288 MMCSS - ok
13:51:47.0463 8288 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:51:47.0464 8288 Modem - ok
13:51:47.0495 8288 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:51:47.0496 8288 monitor - ok
13:51:47.0524 8288 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:51:47.0525 8288 mouclass - ok
13:51:47.0555 8288 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:51:47.0556 8288 mouhid - ok
13:51:47.0582 8288 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:51:47.0584 8288 mountmgr - ok
13:51:47.0645 8288 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:51:47.0646 8288 MozillaMaintenance - ok
13:51:47.0704 8288 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
13:51:47.0707 8288 MpFilter - ok
13:51:47.0730 8288 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:51:47.0732 8288 mpio - ok
13:51:47.0752 8288 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:51:47.0754 8288 mpsdrv - ok
13:51:47.0797 8288 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:51:47.0805 8288 MpsSvc - ok
13:51:47.0840 8288 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
13:51:47.0841 8288 MREMP50 - ok
13:51:47.0844 8288 MREMP50a64 - ok
13:51:47.0850 8288 MREMPR5 - ok
13:51:47.0856 8288 MRENDIS5 - ok
13:51:47.0878 8288 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
13:51:47.0878 8288 MRESP50 - ok
13:51:47.0880 8288 MRESP50a64 - ok
13:51:47.0912 8288 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:51:47.0912 8288 MRxDAV - ok
13:51:47.0944 8288 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:51:47.0946 8288 mrxsmb - ok
13:51:47.0980 8288 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:51:47.0982 8288 mrxsmb10 - ok
13:51:48.0023 8288 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:51:48.0025 8288 mrxsmb20 - ok
13:51:48.0061 8288 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:51:48.0061 8288 msahci - ok
13:51:48.0085 8288 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:51:48.0087 8288 msdsm - ok
13:51:48.0098 8288 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:51:48.0101 8288 MSDTC - ok
13:51:48.0141 8288 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:51:48.0142 8288 Msfs - ok
13:51:48.0161 8288 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:51:48.0162 8288 mshidkmdf - ok
13:51:48.0193 8288 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:51:48.0193 8288 msisadrv - ok
13:51:48.0222 8288 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:51:48.0224 8288 MSiSCSI - ok
13:51:48.0229 8288 msiserver - ok
13:51:48.0262 8288 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:51:48.0262 8288 MSKSSRV - ok
13:51:48.0349 8288 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:51:48.0349 8288 MsMpSvc - ok
13:51:48.0354 8288 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:51:48.0354 8288 MSPCLOCK - ok
13:51:48.0359 8288 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:51:48.0360 8288 MSPQM - ok
13:51:48.0397 8288 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:51:48.0399 8288 MsRPC - ok
13:51:48.0409 8288 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:51:48.0409 8288 mssmbios - ok
13:51:48.0435 8288 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:51:48.0436 8288 MSTEE - ok
13:51:48.0452 8288 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:51:48.0452 8288 MTConfig - ok
13:51:48.0477 8288 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:51:48.0478 8288 Mup - ok
13:51:48.0511 8288 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:51:48.0517 8288 napagent - ok
13:51:48.0556 8288 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:51:48.0559 8288 NativeWifiP - ok
13:51:48.0614 8288 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:51:48.0621 8288 NDIS - ok
13:51:48.0643 8288 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:51:48.0644 8288 NdisCap - ok
13:51:48.0678 8288 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:51:48.0679 8288 NdisTapi - ok
13:51:48.0710 8288 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:51:48.0711 8288 Ndisuio - ok
13:51:48.0741 8288 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:51:48.0742 8288 NdisWan - ok
13:51:48.0767 8288 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:51:48.0768 8288 NDProxy - ok
13:51:48.0781 8288 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:51:48.0781 8288 NetBIOS - ok
13:51:48.0817 8288 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:51:48.0819 8288 NetBT - ok
13:51:48.0828 8288 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:51:48.0829 8288 Netlogon - ok
13:51:48.0866 8288 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:51:48.0870 8288 Netman - ok
13:51:48.0889 8288 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:51:48.0895 8288 netprofm - ok
13:51:48.0924 8288 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:51:48.0925 8288 NetTcpPortSharing - ok
13:51:48.0944 8288 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:51:48.0945 8288 nfrd960 - ok
13:51:48.0992 8288 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:51:48.0994 8288 NisDrv - ok
13:51:49.0054 8288 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
13:51:49.0056 8288 NisSrv - ok
13:51:49.0098 8288 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:51:49.0102 8288 NlaSvc - ok
13:51:49.0116 8288 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:51:49.0117 8288 Npfs - ok
13:51:49.0131 8288 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:51:49.0133 8288 nsi - ok
13:51:49.0143 8288 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:51:49.0143 8288 nsiproxy - ok
13:51:49.0197 8288 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:51:49.0212 8288 Ntfs - ok
13:51:49.0236 8288 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:51:49.0236 8288 Null - ok
13:51:49.0428 8288 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:51:49.0474 8288 nvlddmkm - ok
13:51:49.0515 8288 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:51:49.0516 8288 nvraid - ok
13:51:49.0546 8288 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:51:49.0547 8288 nvstor - ok
13:51:49.0577 8288 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:51:49.0578 8288 nv_agp - ok
13:51:49.0660 8288 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:51:49.0664 8288 odserv - ok
13:51:49.0697 8288 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:51:49.0699 8288 ohci1394 - ok
13:51:49.0748 8288 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:51:49.0749 8288 ose - ok
13:51:49.0775 8288 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:51:49.0779 8288 p2pimsvc - ok
13:51:49.0794 8288 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:51:49.0799 8288 p2psvc - ok
13:51:49.0828 8288 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:51:49.0829 8288 Parport - ok
13:51:49.0859 8288 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:51:49.0861 8288 partmgr - ok
13:51:49.0875 8288 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:51:49.0878 8288 PcaSvc - ok
13:51:49.0893 8288 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:51:49.0895 8288 pci - ok
13:51:49.0910 8288 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:51:49.0911 8288 pciide - ok
13:51:49.0930 8288 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:51:49.0932 8288 pcmcia - ok
13:51:49.0947 8288 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:51:49.0948 8288 pcw - ok
13:51:49.0972 8288 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:51:49.0978 8288 PEAUTH - ok
13:51:50.0044 8288 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:51:50.0046 8288 PerfHost - ok
13:51:50.0114 8288 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:51:50.0127 8288 pla - ok
13:51:50.0175 8288 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:51:50.0180 8288 PlugPlay - ok
13:51:50.0192 8288 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:51:50.0194 8288 PNRPAutoReg - ok
13:51:50.0208 8288 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:51:50.0212 8288 PNRPsvc - ok
13:51:50.0242 8288 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:51:50.0248 8288 PolicyAgent - ok
13:51:50.0291 8288 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:51:50.0295 8288 Power - ok
13:51:50.0336 8288 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:51:50.0337 8288 PptpMiniport - ok
13:51:50.0358 8288 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:51:50.0359 8288 Processor - ok
13:51:50.0393 8288 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:51:50.0396 8288 ProfSvc - ok
13:51:50.0406 8288 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:51:50.0407 8288 ProtectedStorage - ok
13:51:50.0450 8288 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:51:50.0452 8288 Psched - ok
13:51:50.0499 8288 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:51:50.0510 8288 ql2300 - ok
13:51:50.0531 8288 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:51:50.0532 8288 ql40xx - ok
13:51:50.0547 8288 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:51:50.0549 8288 QWAVE - ok
13:51:50.0557 8288 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:51:50.0557 8288 QWAVEdrv - ok
13:51:50.0566 8288 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:51:50.0566 8288 RasAcd - ok
13:51:50.0584 8288 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:51:50.0585 8288 RasAgileVpn - ok
13:51:50.0599 8288 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:51:50.0601 8288 RasAuto - ok
13:51:50.0635 8288 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:51:50.0636 8288 Rasl2tp - ok
13:51:50.0675 8288 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:51:50.0680 8288 RasMan - ok
13:51:50.0685 8288 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:51:50.0686 8288 RasPppoe - ok
13:51:50.0696 8288 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:51:50.0697 8288 RasSstp - ok
13:51:50.0735 8288 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:51:50.0737 8288 rdbss - ok
13:51:50.0753 8288 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:51:50.0754 8288 rdpbus - ok
13:51:50.0767 8288 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:51:50.0767 8288 RDPCDD - ok
13:51:50.0791 8288 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:51:50.0792 8288 RDPENCDD - ok
13:51:50.0807 8288 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:51:50.0808 8288 RDPREFMP - ok
13:51:50.0842 8288 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:51:50.0844 8288 RDPWD - ok
13:51:50.0883 8288 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:51:50.0885 8288 rdyboost - ok
13:51:50.0906 8288 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:51:50.0908 8288 RemoteAccess - ok
13:51:50.0918 8288 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:51:50.0921 8288 RemoteRegistry - ok
13:51:50.0936 8288 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:51:50.0939 8288 RpcEptMapper - ok
13:51:50.0961 8288 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:51:50.0963 8288 RpcLocator - ok
13:51:50.0996 8288 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:51:51.0002 8288 RpcSs - ok
13:51:51.0018 8288 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:51:51.0019 8288 rspndr - ok
13:51:51.0062 8288 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:51:51.0064 8288 RTL8167 - ok
13:51:51.0072 8288 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:51:51.0074 8288 SamSs - ok
13:51:51.0124 8288 [ CDB954C736D51DC5FA712C039AF4F683 ] SbFw C:\Windows\system32\drivers\SbFw.sys
13:51:51.0127 8288 SbFw - ok
13:51:51.0162 8288 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCL C:\Windows\system32\DRIVERS\sbfwim.sys
13:51:51.0163 8288 SBFWIMCL - ok
13:51:51.0168 8288 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCLMP C:\Windows\system32\DRIVERS\SBFWIM.sys
13:51:51.0169 8288 SBFWIMCLMP - ok
13:51:51.0203 8288 [ A5BC45F8C2F30350E7566799C86B2F5D ] sbhips C:\Windows\system32\drivers\sbhips.sys
13:51:51.0204 8288 sbhips - ok
13:51:51.0237 8288 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:51:51.0239 8288 sbp2port - ok
13:51:51.0242 8288 SBRE - ok
13:51:51.0330 8288 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
13:51:51.0340 8288 SBSDWSCService - ok
13:51:51.0385 8288 [ F9955774A6BF0A5CA696F591C7B80A79 ] SbTis C:\Windows\system32\drivers\sbtis.sys
13:51:51.0386 8288 SbTis - ok
13:51:51.0397 8288 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:51:51.0401 8288 SCardSvr - ok
13:51:51.0431 8288 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:51:51.0432 8288 scfilter - ok
13:51:51.0481 8288 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:51:51.0493 8288 Schedule - ok
13:51:51.0519 8288 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:51:51.0520 8288 SCPolicySvc - ok
13:51:51.0547 8288 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:51:51.0552 8288 SDRSVC - ok
13:51:51.0595 8288 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:51:51.0596 8288 secdrv - ok
13:51:51.0636 8288 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:51:51.0639 8288 seclogon - ok
13:51:51.0678 8288 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
13:51:51.0681 8288 SENS - ok
13:51:51.0690 8288 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:51:51.0693 8288 SensrSvc - ok
13:51:51.0714 8288 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:51:51.0715 8288 Serenum - ok
13:51:51.0731 8288 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:51:51.0733 8288 Serial - ok
13:51:51.0765 8288 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:51:51.0767 8288 sermouse - ok
13:51:51.0806 8288 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:51:51.0809 8288 SessionEnv - ok
13:51:51.0839 8288 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:51:51.0840 8288 sffdisk - ok
13:51:51.0853 8288 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:51:51.0854 8288 sffp_mmc - ok
13:51:51.0865 8288 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:51:51.0866 8288 sffp_sd - ok
13:51:51.0878 8288 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:51:51.0879 8288 sfloppy - ok
13:51:51.0937 8288 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:51:51.0943 8288 SharedAccess - ok
13:51:51.0987 8288 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:51:51.0994 8288 ShellHWDetection - ok
13:51:52.0007 8288 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:51:52.0008 8288 SiSRaid2 - ok
13:51:52.0029 8288 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:51:52.0031 8288 SiSRaid4 - ok
13:51:52.0100 8288 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:51:52.0102 8288 SkypeUpdate - ok
13:51:52.0141 8288 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:51:52.0143 8288 Smb - ok
13:51:52.0204 8288 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:51:52.0206 8288 SNMPTRAP - ok
13:51:52.0235 8288 [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan C:\Windows\syswow64\speedfan.sys
13:51:52.0253 8288 speedfan - ok
13:51:52.0262 8288 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:51:52.0262 8288 spldr - ok
13:51:52.0302 8288 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:51:52.0311 8288 Spooler - ok
13:51:52.0398 8288 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:51:52.0489 8288 sppsvc - ok
13:51:52.0526 8288 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:51:52.0529 8288 sppuinotify - ok
13:51:52.0576 8288 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:51:52.0583 8288 srv - ok
13:51:52.0605 8288 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:51:52.0610 8288 srv2 - ok
13:51:52.0622 8288 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:51:52.0624 8288 srvnet - ok
13:51:52.0659 8288 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:51:52.0664 8288 SSDPSRV - ok
13:51:52.0675 8288 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:51:52.0678 8288 SstpSvc - ok
13:51:52.0729 8288 [ F5CB1651A046370739995015122C0B7E ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
13:51:52.0732 8288 ss_bus - ok
13:51:52.0765 8288 [ 7E08AE04093BCE4AC93EA179B58526F9 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
13:51:52.0766 8288 ss_mdfl - ok
13:51:52.0799 8288 [ 052BF246422B007D3B827ED2A306C859 ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
13:51:52.0801 8288 ss_mdm - ok
13:51:52.0851 8288 StarOpen - ok
13:51:52.0871 8288 Steam Client Service - ok
13:51:52.0891 8288 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:51:52.0892 8288 stexstor - ok
13:51:52.0952 8288 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:51:52.0962 8288 stisvc - ok
13:51:52.0995 8288 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:51:52.0996 8288 swenum - ok
13:51:53.0016 8288 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:51:53.0025 8288 swprv - ok
13:51:53.0077 8288 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:51:53.0123 8288 SysMain - ok
13:51:53.0162 8288 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:51:53.0166 8288 TabletInputService - ok
13:51:53.0208 8288 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:51:53.0214 8288 TapiSrv - ok
13:51:53.0227 8288 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:51:53.0230 8288 TBS - ok
13:51:53.0313 8288 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:51:53.0358 8288 Tcpip - ok
13:51:53.0398 8288 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:51:53.0414 8288 TCPIP6 - ok
13:51:53.0438 8288 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:51:53.0439 8288 tcpipreg - ok
13:51:53.0449 8288 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:51:53.0449 8288 TDPIPE - ok
13:51:53.0479 8288 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:51:53.0480 8288 TDTCP - ok
13:51:53.0512 8288 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:51:53.0514 8288 tdx - ok
13:51:53.0527 8288 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:51:53.0528 8288 TermDD - ok
13:51:53.0569 8288 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:51:53.0580 8288 TermService - ok
13:51:53.0596 8288 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:51:53.0599 8288 Themes - ok
13:51:53.0614 8288 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:51:53.0616 8288 THREADORDER - ok
13:51:53.0629 8288 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:51:53.0633 8288 TrkWks - ok
13:51:53.0687 8288 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:51:53.0690 8288 TrustedInstaller - ok
13:51:53.0724 8288 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:51:53.0725 8288 tssecsrv - ok
13:51:53.0776 8288 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:51:53.0778 8288 TsUsbFlt - ok
13:51:53.0822 8288 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:51:53.0824 8288 tunnel - ok
13:51:53.0850 8288 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:51:53.0852 8288 uagp35 - ok
13:51:53.0889 8288 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:51:53.0894 8288 udfs - ok
13:51:53.0918 8288 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:51:53.0920 8288 UI0Detect - ok
13:51:53.0942 8288 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:51:53.0944 8288 uliagpkx - ok
13:51:53.0966 8288 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
13:51:53.0967 8288 umbus - ok
13:51:53.0984 8288 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:51:53.0985 8288 UmPass - ok
13:51:54.0004 8288 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:51:54.0010 8288 upnphost - ok
13:51:54.0044 8288 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:51:54.0045 8288 USBAAPL64 - ok
13:51:54.0073 8288 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:51:54.0075 8288 usbccgp - ok
13:51:54.0118 8288 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:51:54.0120 8288 usbcir - ok
13:51:54.0145 8288 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:51:54.0147 8288 usbehci - ok
13:51:54.0180 8288 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:51:54.0185 8288 usbhub - ok
13:51:54.0207 8288 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:51:54.0208 8288 usbohci - ok
13:51:54.0221 8288 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:51:54.0222 8288 usbprint - ok
13:51:54.0252 8288 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:51:54.0254 8288 usbscan - ok
13:51:54.0295 8288 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
13:51:54.0297 8288 USBSTOR - ok
13:51:54.0332 8288 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:51:54.0333 8288 usbuhci - ok
13:51:54.0342 8288 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:51:54.0345 8288 UxSms - ok
13:51:54.0361 8288 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:51:54.0363 8288 VaultSvc - ok
13:51:54.0373 8288 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:51:54.0374 8288 vdrvroot - ok
13:51:54.0413 8288 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:51:54.0423 8288 vds - ok
13:51:54.0454 8288 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:51:54.0455 8288 vga - ok
13:51:54.0483 8288 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:51:54.0484 8288 VgaSave - ok
13:51:54.0514 8288 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:51:54.0517 8288 vhdmp - ok
13:51:54.0545 8288 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:51:54.0546 8288 viaide - ok
13:51:54.0584 8288 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:51:54.0586 8288 volmgr - ok
13:51:54.0629 8288 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:51:54.0634 8288 volmgrx - ok
13:51:54.0647 8288 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:51:54.0652 8288 volsnap - ok
13:51:54.0673 8288 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:51:54.0676 8288 vsmraid - ok
13:51:54.0734 8288 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:51:54.0768 8288 VSS - ok
13:51:54.0788 8288 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:51:54.0789 8288 vwifibus - ok
13:51:54.0807 8288 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:51:54.0814 8288 W32Time - ok
13:51:54.0833 8288 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:51:54.0835 8288 WacomPen - ok
13:51:54.0868 8288 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:51:54.0870 8288 WANARP - ok
13:51:54.0880 8288 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:51:54.0881 8288 Wanarpv6 - ok
13:51:54.0952 8288 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:51:54.0969 8288 WatAdminSvc - ok
13:51:55.0032 8288 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:51:55.0064 8288 wbengine - ok
13:51:55.0094 8288 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:51:55.0099 8288 WbioSrvc - ok
13:51:55.0129 8288 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:51:55.0136 8288 wcncsvc - ok
13:51:55.0152 8288 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:51:55.0155 8288 WcsPlugInService - ok
13:51:55.0172 8288 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:51:55.0173 8288 Wd - ok
13:51:55.0204 8288 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:51:55.0212 8288 Wdf01000 - ok
13:51:55.0220 8288 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:51:55.0223 8288 WdiServiceHost - ok
13:51:55.0227 8288 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:51:55.0230 8288 WdiSystemHost - ok
13:51:55.0256 8288 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:51:55.0261 8288 WebClient - ok
13:51:55.0280 8288 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:51:55.0285 8288 Wecsvc - ok
13:51:55.0294 8288 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:51:55.0297 8288 wercplsupport - ok
13:51:55.0331 8288 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:51:55.0334 8288 WerSvc - ok
13:51:55.0358 8288 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:51:55.0359 8288 WfpLwf - ok
13:51:55.0378 8288 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:51:55.0379 8288 WIMMount - ok
13:51:55.0388 8288 WinDefend - ok
13:51:55.0393 8288 WinHttpAutoProxySvc - ok
13:51:55.0454 8288 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:51:55.0458 8288 Winmgmt - ok
13:51:55.0678 8288 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:51:55.0730 8288 WinRM - ok
13:51:55.0812 8288 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:51:55.0814 8288 WinUsb - ok
13:51:55.0853 8288 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:51:55.0867 8288 Wlansvc - ok
13:51:55.0906 8288 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:51:55.0907 8288 WmiAcpi - ok
13:51:55.0939 8288 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:51:55.0942 8288 wmiApSrv - ok
13:51:55.0972 8288 WMPNetworkSvc - ok
13:51:55.0985 8288 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:51:55.0988 8288 WPCSvc - ok
13:51:56.0023 8288 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:51:56.0026 8288 WPDBusEnum - ok
13:51:56.0061 8288 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:51:56.0062 8288 ws2ifsl - ok
13:51:56.0079 8288 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
13:51:56.0083 8288 wscsvc - ok
13:51:56.0087 8288 WSearch - ok
13:51:56.0175 8288 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:51:56.0232 8288 wuauserv - ok
13:51:56.0265 8288 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:51:56.0266 8288 WudfPf - ok
13:51:56.0320 8288 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:51:56.0323 8288 WUDFRd - ok
13:51:56.0355 8288 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:51:56.0358 8288 wudfsvc - ok
13:51:56.0377 8288 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:51:56.0382 8288 WwanSvc - ok
13:51:56.0391 8288 ================ Scan global ===============================
13:51:56.0419 8288 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:51:56.0455 8288 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:51:56.0465 8288 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:51:56.0495 8288 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:51:56.0520 8288 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:51:56.0526 8288 [Global] - ok
13:51:56.0526 8288 ================ Scan MBR ==================================
13:51:56.0532 8288 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:51:56.0776 8288 \Device\Harddisk0\DR0 - ok
13:51:56.0780 8288 [ BBB0A0725AD66F38B1A32135F3CB55D6 ] \Device\Harddisk1\DR1
13:51:56.0950 8288 \Device\Harddisk1\DR1 - ok
13:51:56.0950 8288 ================ Scan VBR ==================================
13:51:56.0965 8288 [ 625EB878BD1CC4A117E56A6114F85B74 ] \Device\Harddisk0\DR0\Partition1
13:51:56.0966 8288 \Device\Harddisk0\DR0\Partition1 - ok
13:51:56.0979 8288 [ 208B4D672ECE9E210E7868C2E5980B0A ] \Device\Harddisk0\DR0\Partition2
13:51:56.0981 8288 \Device\Harddisk0\DR0\Partition2 - ok
13:51:56.0985 8288 [ F95A8568BC9FECE5613FC74C594364C3 ] \Device\Harddisk1\DR1\Partition1
13:51:56.0987 8288 \Device\Harddisk1\DR1\Partition1 - ok
13:51:56.0987 8288 ============================================================
13:51:56.0987 8288 Scan finished
13:51:56.0987 8288 ============================================================
13:51:56.0998 9608 Detected object count: 0
13:51:56.0998 9608 Actual detected object count: 0

aswMBR Log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-16 13:55:06
-----------------------------
13:55:06.291 OS Version: Windows x64 6.1.7601 Service Pack 1
13:55:06.291 Number of processors: 4 586 0x1E05
13:55:06.292 ComputerName: RANDOM UserName:
13:55:07.508 Initialize success
14:04:05.193 AVAST engine defs: 12091400
14:04:27.475 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
14:04:27.478 Disk 0 Vendor: WDC_WD7500AADS-00M2B0 01.00A01 Size: 715404MB BusType: 3
14:04:27.491 Disk 0 MBR read successfully
14:04:27.494 Disk 0 MBR scan
14:04:27.500 Disk 0 Windows 7 default MBR code
14:04:27.504 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:04:27.549 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 715302 MB offset 206848
14:04:27.611 Disk 0 scanning C:\Windows\system32\drivers
14:04:41.173 Service scanning
14:05:07.150 Modules scanning
14:05:07.160 Disk 0 trace - called modules:
14:05:07.237 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
14:05:07.243 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004742060]
14:05:07.251 3 CLASSPNP.SYS[fffff8800187643f] -> nt!IofCallDriver -> [0xfffffa80044e0520]
14:05:07.257 5 ACPI.sys[fffff88000fb07a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80044e2060]
14:05:09.293 AVAST engine scan C:\Windows
14:05:13.413 AVAST engine scan C:\Windows\system32
14:08:35.472 AVAST engine scan C:\Windows\system32\drivers
14:08:50.710 AVAST engine scan C:\Users\Hamilton and Lauren
14:21:21.334 Disk 0 MBR has been saved successfully to "C:\Users\Hamilton and Lauren\Desktop\MBR.dat"
14:21:21.381 The log file has been saved successfully to "C:\Users\Hamilton and Lauren\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-16 14:23:33
-----------------------------
14:23:33.050 OS Version: Windows x64 6.1.7601 Service Pack 1
14:23:33.050 Number of processors: 4 586 0x1E05
14:23:33.050 ComputerName: RANDOM UserName:
14:23:34.720 Initialize success
14:34:06.023 AVAST engine defs: 12091400
14:40:09.192 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
14:40:09.192 Disk 0 Vendor: WDC_WD7500AADS-00M2B0 01.00A01 Size: 715404MB BusType: 3
14:40:09.223 Disk 0 MBR read successfully
14:40:09.223 Disk 0 MBR scan
14:40:09.239 Disk 0 Windows 7 default MBR code
14:40:09.239 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:40:09.301 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 715302 MB offset 206848
14:40:09.379 Disk 0 scanning C:\Windows\system32\drivers
14:40:23.279 Service scanning
14:40:49.284 Modules scanning
14:40:49.284 Disk 0 trace - called modules:
14:40:49.315 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
14:40:49.315 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004742060]
14:40:49.331 3 CLASSPNP.SYS[fffff8800187643f] -> nt!IofCallDriver -> [0xfffffa80044e0520]
14:40:49.331 5 ACPI.sys[fffff88000fb07a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80044e2060]
14:40:51.234 AVAST engine scan C:\Windows
14:40:56.117 AVAST engine scan C:\Windows\system32
14:43:59.760 AVAST engine scan C:\Windows\system32\drivers
14:44:15.282 AVAST engine scan C:\Users\Hamilton and Lauren
15:19:08.027 AVAST engine scan C:\ProgramData
15:20:31.284 Scan finished successfully
15:33:47.790 Disk 0 MBR has been saved successfully to "C:\Users\Hamilton and Lauren\Desktop\MBR.dat"
15:33:47.806 The log file has been saved successfully to "C:\Users\Hamilton and Lauren\Desktop\aswMBR.txt"

ESET Result:

C:\Users\Hamilton and Lauren\AppData\Local\{CC1AA359-D7E9-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined


Note: My primary browser is Firefox, which is where the redirects have been occurring, not Chrome.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 16 September 2012 - 04:08 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#6 hamiltonwhitney

hamiltonwhitney
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 19 September 2012 - 07:10 AM

Sorry it's taken a while to get back to you, I've been busy.

MBAM ran clean before and after reboot


mini tool box: MiniToolBox by Farbar Version: 23-07-2012
Ran by Hamilton and Lauren (administrator) on 19-09-2012 at 07:55:08
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Random
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-24-1D-D9-57-E9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9538:fdb:264c:fd52%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, September 19, 2012 7:51:42 AM
Lease Expires . . . . . . . . . . : Thursday, September 20, 2012 7:51:42 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234890269
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-AE-D9-26-00-24-1D-D9-57-E9
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3c90:73:3f57:fefb(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c90:73:3f57:fefb%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:802::1008
74.125.228.69
74.125.228.70
74.125.228.67
74.125.228.68
74.125.228.71
74.125.228.78
74.125.228.64
74.125.228.72
74.125.228.66
74.125.228.65
74.125.228.73


Pinging google.com [74.125.228.70] with 32 bytes of data:
Reply from 74.125.228.70: bytes=32 time=10ms TTL=252
Reply from 74.125.228.70: bytes=32 time=10ms TTL=252

Ping statistics for 74.125.228.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 10ms, Average = 10ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=86ms TTL=50
Reply from 98.138.253.109: bytes=32 time=112ms TTL=50

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 86ms, Maximum = 112ms, Average = 99ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 24 1d d9 57 e9 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 276
192.168.1.4 255.255.255.255 On-link 192.168.1.4 276
192.168.1.255 255.255.255.255 On-link 192.168.1.4 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:9d38:953c:3c90:73:3f57:fefb/128
On-link
10 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::3c90:73:3f57:fefb/128
On-link
10 276 fe80::9538:fdb:264c:fd52/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/18/2012 10:17:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/18/2012 10:16:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (09/18/2012 10:14:58 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (09/18/2012 10:14:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 03:36:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 03:36:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 03:36:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 03:36:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 03:36:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 01:32:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6989


System errors:
=============
Error: (09/18/2012 07:57:54 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (09/18/2012 05:56:42 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (09/18/2012 05:56:42 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (09/18/2012 05:55:03 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE
StarOpen

Error: (09/18/2012 05:54:29 PM) (Source: nvlddmkm) (User: )
Description:

Error: (09/18/2012 05:54:23 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (09/18/2012 08:16:57 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/18/2012 08:16:56 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/13/2012 05:20:00 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (09/13/2012 03:19:46 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE
StarOpen


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
AC3Filter 1.63b (Version: 1.63b)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
Amazon MP3 Downloader 1.0.10
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
BioShock
Bonjour (Version: 3.0.0.10)
Canon MP Navigator 2.0
Canon MP500
CCleaner (Version: 3.14)
Checkbook - TRIAL
Coupon Printer for Windows (Version: 5.0.0.0)
Crysis
Crysis Warhead
Crysis Wars
DivX Setup (Version: 2.5.0.8)
eReg (Version: 1.20.138.34)
erLT (Version: 1.20.0137)
ESET Online Scanner v3
F.E.A.R. 2: Project Origin
Facebook Plug-In
Free Mp3 Wma Converter V 1.91 (Version: 1.91.0.0)
Garmin City Navigator North America NT 2013.10 Update (Version: 16.10.0.0)
Garmin Lifetime Updater (Version: 2.1.7)
Garmin MapInstall (Version: 4.0.1)
Garmin USB Drivers (Version: 2.3.1.0)
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 21.0.1180.89)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Gmail Notifier
Google Update Helper (Version: 1.3.21.123)
Half-Life 2
Half-Life 2: Episode One
Half-Life 2: Episode Two
Half-Life 2: Lost Coast
Half-Life: Blue Shift
Half-Life: Opposing Force
iCloud (Version: 1.1.0.40)
IHA_MessageCenter (Version: 1.1.0)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
JPEG Lossless Rotator 8.0
Logitech SetPoint 6.30 (Version: 6.30.43)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Move Media Player
MozBackup 1.4.9
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MP3 Skype Recorder (Version: 3.1.3)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Portal
Portal 2
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0009)
SAMSUNG Mobile Composite Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 (Version: 3.0.0.80904)
Samsung PC Studio 3 (Version: 3.2.3.90502)
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701)
Skype™ 5.10 (Version: 5.10.116)
SpeedFan (remove only)
Spotify (Version: 0.5.2)
Spybot - Search & Destroy (Version: 1.6.2)
Steam (Version: 1.0.0.0)
Team Fortress 2
Team Fortress Classic
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Service (Version: 3.2.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Verizon Help and Support Tool
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Vz In Home Agent (Version: 8.02.27)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Essentials Media Codec Pack 3.2 (Version: 3.2)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.11 (64-bit) (Version: 4.11.0)

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 4087.49 MB
Available physical RAM: 2892.16 MB
Total Pagefile: 8173.18 MB
Available Pagefile: 6221.67 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.22 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:698.54 GB) (Free:496.54 GB) NTFS
3 Drive e: (WD USB 2) (Fixed) (Total:74.5 GB) (Free:14.36 GB) FAT32

========================= Users: ========================================

User accounts for \\RANDOM

Administrator Guest Hamilton and Lauren


**** End of log ****


FSS:


Farbar Service Scanner Version: 06-08-2012
Ran by Hamilton and Lauren (administrator) on 19-09-2012 at 07:58:01
Running from "C:\Users\Hamilton and Lauren\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-09-12 08:03] - [2012-08-22 14:12] - 1913200 ____A (Microsoft Corporation) F782CAD3CEDBB3F9FFE3BF2775D92DDC

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adware log:
# AdwCleaner v2.002 - Logfile created 09/19/2012 at 08:00:44
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Hamilton and Lauren - RANDOM
# Boot Mode : Normal
# Running from : C:\Users\Hamilton and Lauren\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Hamilton and Lauren\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Hamilton and Lauren\AppData\Roaming\Mozilla\Firefox\Profiles\56dw3m4f.default\extensions\staged

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Hamilton and Lauren\AppData\Roaming\Mozilla\Firefox\Profiles\56dw3m4f.default\prefs.js

Deleted : user_pref("verizon.toolbar.buttons_label", ",,Web Search,,,,,,,,,,,,,,,");
Deleted : user_pref("verizon.toolbar.search.label", "Web Search");

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Hamilton and Lauren\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1573 octets] - [19/09/2012 08:00:44]

########## EOF - C:\AdwCleaner[S1].txt - [1633 octets] ##########

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 19 September 2012 - 08:13 AM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#8 hamiltonwhitney

hamiltonwhitney
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 19 September 2012 - 05:20 PM

RKILL Log:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/19/2012 06:14:22 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 09/19/2012 06:15:05 PM
Execution time: 0 hours(s), 0 minute(s), and 42 seconds(s)


Autoruns results:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EvtMgr6" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpointp\setpoint.exe"
+ "Logitech Download Assistant" "Logitech Download Assistant" "Logitech, Inc." "c:\windows\system32\logilda.dll"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Verizon_McciTrayApp" "mcci+McciTrayApp" "Alcatel-Lucent" "c:\program files\verizon\mccitrayapp.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Ad-Aware Browsing Protection" "Ad-Aware Browsing Protection" "Lavasoft" "c:\programdata\ad-aware browsing protection\adawarebp.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "Garmin Lifetime Updater" "Garmin Lifetime Updater" "Garmin" "c:\program files (x86)\garmin\lifetime updater\garminlifetime.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" "Gmail Notifier" "Google Inc." "c:\program files (x86)\google\gmail notifier\gnotify.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ApplePhotoStreams" "ApplePhotoStreams.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\applephotostreams.exe"
+ "MobileDocuments" "ubd.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\ubd.exe"
+ "MP3 Skype Recorder" "MP3 Skype Recorder" "Alexander Nikiforov" "c:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
+ "Steam" "Steam" "Valve Corporation" "c:\program files (x86)\steam\steam.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "JPEGR" "" "" "c:\program files\jpeg lossless rotator\contmenu.dll"
+ "LavasoftShellExt" "" "" "File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "JPEGR" "" "" "c:\program files\jpeg lossless rotator\contmenu.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "LavasoftShellExt" "" "" "File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-186761856-4070334735-2680326214-1000Core" "Google Installer" "Google Inc." "c:\users\hamilton and lauren\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-186761856-4070334735-2680326214-1000UA" "Google Installer" "Google Inc." "c:\users\hamilton and lauren\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "IHA_MessageCenter" "IHA_MessageCenter" "Verizon" "c:\program files (x86)\verizon\iha_messagecenter\bin\verizon_ihamessagecenter.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"
+ "McciCMService" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files (x86)\common files\motive\mccicmservice.exe"
+ "McciCMService64" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LEqdUsb" "Logitech Equad USB Driver." "Logitech, Inc." "c:\windows\system32\drivers\leqdusb.sys"
+ "LHidEqd" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhideqd.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "mbamchameleon" "" "" "c:\windows\system32\drivers\mbamchameleon.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mremp50.sys"
+ "MREMP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS"
+ "MREMPR5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS"
+ "MRENDIS5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS"
+ "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mresp50.sys"
+ "MRESP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 185.93 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SbFw" "Sunbelt Personal Firewall driver" "Sunbelt Software, Inc." "c:\windows\system32\drivers\sbfw.sys"
+ "SBFWIMCL" "Sunbelt Personal Firewall NDIS Intermediate driver" "Sunbelt Software, Inc." "c:\windows\system32\drivers\sbfwim.sys"
+ "SBFWIMCLMP" "Sunbelt Personal Firewall NDIS Intermediate driver" "Sunbelt Software, Inc." "c:\windows\system32\drivers\sbfwim.sys"
+ "sbhips" "Legacy Host Intrusion Prevention System Driver" "Sunbelt Software, Inc." "c:\windows\system32\drivers\sbhips.sys"
+ "SBRE" "" "" "File not found: C:\Windows\system32\drivers\SBREdrv.sys"
+ "SbTis" "Sunbelt TDI Inspection System" "Sunbelt Software, Inc." "c:\windows\system32\drivers\sbtis.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "speedfan" "SpeedFan Device Driver" "Windows ® Server 2003 DDK provider" "c:\windows\syswow64\speedfan.sys"
+ "ss_bus" "SAMSUNG Mobile USB Device 1.0 Driver" "MCCI Corporation" "c:\windows\system32\drivers\ss_bus.sys"
+ "ss_mdfl" "SAMSUNG Mobile USB Modem 1.0 Filter" "MCCI Corporation" "c:\windows\system32\drivers\ss_mdfl.sys"
+ "ss_mdm" "SAMSUNG Mobile USB Modem 1.0 Drivers" "MCCI Corporation" "c:\windows\system32\drivers\ss_mdm.sys"
+ "StarOpen" "" "" "File not found: C:\Windows\System32\Drivers\StarOpen.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3filter" "" "" "c:\windows\system32\ac3filter64.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3filter" "" "" "c:\windows\syswow64\ac3filter.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "VIDC.FFDS" "" "" "File not found: ff_vfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\program files (x86)\ac3filter\x64\ac3filter64.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\program files (x86)\ac3filter\ac3filter.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\essentials codec pack\ffdshow\ffdshow.ax"
+ "FunBox Audio Codec Filter" "FunBox Audio Codec Filter" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funaudiocodecfilter.ax"
+ "FunBox Audio EQ Filter" "FunBox Audio Equalizer Filter" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funeqfilter.ax"
+ "FunBox Avi Source" "Avi Splitter" "Gabest" "c:\program files (x86)\samsung\samsung pc studio 3\funavisplitter.ax"
+ "FunBox Avi Splitter" "Avi Splitter" "Gabest" "c:\program files (x86)\samsung\samsung pc studio 3\funavisplitter.ax"
+ "FunBox Conversion Filter" "FunBox Conversion Filter" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funconvfilter.ax"
+ "FunBox Image Decoder Filter" "FunImgFilter Dynamic Link Library" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funimgfilter.ax"
+ "FunBox Mp3 Decoder Filter" "FunBox MP3 Decoder Filter" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funmp3decfilter.ax"
+ "FunBox MPEG Decoder Filter" "FunBox Decoder Filter" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\fundecfilter.ax"
+ "FunBox MPEG Encoder Filter" "FunBox Encoder Filter" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funencfilter.ax"
+ "FunBox Mpg Decoder Filter" "FunMpgDecFilter Dynamic Link Library" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funmpgdecfilter.ax"
+ "FunBox Mpg Grab Filter" "FunMpgGrabFilter Dynamic Link Library" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funmpggrabfilter.ax"
+ "FunBox Ogg Decoder Filter" "FunOggDecFilter Dynamic Link Library" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funoggdecfilter.ax"
+ "FunBox Sample Grabber Filter" "FunBox SampleGrabber Filter" "MobileLeader" "c:\program files (x86)\samsung\samsung pc studio 3\funsamplegrabberfilter.ax"
+ "FunBox Subtitle Filter" "FunBox Subtitle Filter" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funsubfilter.ax"
+ "FunBox Video Adjust Filter" "FunBox Video Adjust Filter" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funvideoadjustfilter.ax"
+ "FunBox Video Codec Filter" "FunBox Video Codec Filter" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funvideocodecfilter.ax"
+ "FunBox Video Resize Filter" "FunBox Video Resize Filter" "Mobile Leader" "c:\program files (x86)\samsung\samsung pc studio 3\funvideoresizefilter.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\essentials codec pack\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\essentials codec pack\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\essentials codec pack\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\essentials codec pack\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\essentials codec pack\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\essentials codec pack\haali\splitter.ax"
+ "MPEG Video Decoder (Gabest)" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files (x86)\essentials codec pack\mpeg2decfilter.ax"
+ "RealAudio Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\essentials codec pack\realmediasplitter.ax"
+ "RealMedia Source" "RealMedia Splitter" "Gabest" "c:\program files (x86)\essentials codec pack\realmediasplitter.ax"
+ "RealMedia Splitter" "RealMedia Splitter" "Gabest" "c:\program files (x86)\essentials codec pack\realmediasplitter.ax"
+ "RealVideo Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\essentials codec pack\realmediasplitter.ax"
+ "SubPicture Filter" "SubPictu 동적 연결 라이브러리" "" "c:\program files (x86)\samsung\samsung pc studio 3\dexsubpicturefilter.dll"
+ "WAV Dest" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\samsung\samsung pc studio 3\wavdest.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "LBTWlgn" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MP500" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm7l.dll"
"C:\Users\Hamilton and Lauren\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "AccuWeather.com Mini-Forecast" "AccuWeather.com Mini-Forecast" "AccuWeather.com" "C:\Users\Hamilton and Lauren\AppData\Local\Microsoft\Windows Sidebar\Gadgets\AccuWeatherMiniForecast.gadget\en-US\Gadget.xml"

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 19 September 2012 - 05:56 PM

Do you still have redirects?

which browser?

#10 hamiltonwhitney

hamiltonwhitney
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 19 September 2012 - 09:32 PM

Hi narenxp - I just did a dozen random searches in Firefox (where I was getting the redirects) and haven't gotten any. Fingers crossed, but I think the nasty thing is gone this time. Thank you so much for your help!

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 19 September 2012 - 09:39 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#12 hamiltonwhitney

hamiltonwhitney
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 20 September 2012 - 06:17 PM

All finished. Thanks again!

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 20 September 2012 - 06:24 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users