Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Page Redirect "http://8.26.70.252/...." Help !!!!


  • Please log in to reply
13 replies to this topic

#1 mehboob8888

mehboob8888

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:13 PM

Posted 25 September 2012 - 06:51 AM

Hi,

I am using Firefox browser v16.
few days back i installed some software found out there was " incredibar toolbar " along with it which changed the default search page to 'Mystart' search page and was quite annoying.
I managed to remove it through some online forum topics. not all files related to incredibar are removed, and then I started to face some page redirect problem whenever visiting extratorrent.com

http://8.26.70.252/see/display.php?q=download%20movies&affid=extratorrent&subid=exityield&p=2&r=0

Note : its only happening with extratorrent.com when ever i am trying to refresh/reload the page :unsure:

I have tried to check forum topics.. did scan with malwarebytes.... did scan with Kaspersky.. used ccleaner... (ran same scans in safe mode too), Disabled all extensions, addons... uninstalled Firefox v15 and reinstalled it again Firefox v16 ....... still annyoing problem exist.

PLS Help me :( I like extratorrent.com

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 PM

Posted 25 September 2012 - 06:53 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 mehboob8888

mehboob8888
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:13 PM

Posted 25 September 2012 - 09:38 AM

TDSSKiller Log :
================

18:15:39.0784 18452 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:15:40.0446 18452 ============================================================
18:15:40.0446 18452 Current date / time: 2012/09/25 18:15:40.0446
18:15:40.0446 18452 SystemInfo:
18:15:40.0446 18452
18:15:40.0446 18452 OS Version: 6.1.7601 ServicePack: 1.0
18:15:40.0446 18452 Product type: Workstation
18:15:40.0446 18452 ComputerName: MEHBOOB-PC
18:15:40.0446 18452 UserName: Mehboob
18:15:40.0446 18452 Windows directory: C:\Windows
18:15:40.0446 18452 System windows directory: C:\Windows
18:15:40.0446 18452 Running under WOW64
18:15:40.0446 18452 Processor architecture: Intel x64
18:15:40.0446 18452 Number of processors: 4
18:15:40.0446 18452 Page size: 0x1000
18:15:40.0446 18452 Boot type: Normal boot
18:15:40.0446 18452 ============================================================
18:15:41.0238 18452 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:15:41.0245 18452 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1115C00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:15:41.0368 18452 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:15:41.0370 18452 ============================================================
18:15:41.0370 18452 \Device\Harddisk0\DR0:
18:15:41.0372 18452 MBR partitions:
18:15:41.0372 18452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x175FED5C
18:15:41.0386 18452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x175FEDDA, BlocksNum 0x175FED5C
18:15:41.0402 18452 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2EBFDB75, BlocksNum 0x175FED5C
18:15:41.0417 18452 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x461FC910, BlocksNum 0x175FED5C
18:15:41.0427 18452 \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x5D7FB6AB, BlocksNum 0x16F06455
18:15:41.0427 18452 \Device\Harddisk1\DR1:
18:15:41.0428 18452 MBR partitions:
18:15:41.0428 18452 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
18:15:41.0428 18452 \Device\Harddisk2\DR2:
18:15:41.0429 18452 MBR partitions:
18:15:41.0429 18452 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A380D41
18:15:41.0429 18452 ============================================================
18:15:41.0501 18452 C: <-> \Device\Harddisk0\DR0\Partition1
18:15:41.0559 18452 D: <-> \Device\Harddisk0\DR0\Partition2
18:15:41.0578 18452 E: <-> \Device\Harddisk0\DR0\Partition3
18:15:41.0603 18452 F: <-> \Device\Harddisk0\DR0\Partition4
18:15:41.0624 18452 G: <-> \Device\Harddisk0\DR0\Partition5
18:15:41.0628 18452 I: <-> \Device\Harddisk1\DR1\Partition1
18:15:41.0629 18452 M: <-> \Device\Harddisk2\DR2\Partition1
18:15:41.0629 18452 ============================================================
18:15:41.0629 18452 Initialize success
18:15:41.0629 18452 ============================================================
18:15:45.0751 18584 ============================================================
18:15:45.0751 18584 Scan started
18:15:45.0751 18584 Mode: Manual; TDLFS;
18:15:45.0751 18584 ============================================================
18:15:46.0042 18584 ================ Scan system memory ========================
18:15:46.0042 18584 System memory - ok
18:15:46.0043 18584 ================ Scan services =============================
18:15:46.0182 18584 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:15:46.0185 18584 1394ohci - ok
18:15:46.0212 18584 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:15:46.0216 18584 ACPI - ok
18:15:46.0236 18584 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:15:46.0237 18584 AcpiPmi - ok
18:15:46.0286 18584 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:15:46.0288 18584 AdobeARMservice - ok
18:15:46.0366 18584 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:15:46.0369 18584 AdobeFlashPlayerUpdateSvc - ok
18:15:46.0403 18584 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:15:46.0408 18584 adp94xx - ok
18:15:46.0428 18584 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:15:46.0432 18584 adpahci - ok
18:15:46.0457 18584 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:15:46.0460 18584 adpu320 - ok
18:15:46.0497 18584 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:15:46.0508 18584 AeLookupSvc - ok
18:15:46.0539 18584 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:15:46.0545 18584 AFD - ok
18:15:46.0562 18584 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:15:46.0564 18584 agp440 - ok
18:15:46.0587 18584 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:15:46.0589 18584 ALG - ok
18:15:46.0605 18584 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:15:46.0606 18584 aliide - ok
18:15:46.0618 18584 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:15:46.0619 18584 amdide - ok
18:15:46.0632 18584 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:15:46.0634 18584 AmdK8 - ok
18:15:46.0644 18584 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:15:46.0646 18584 AmdPPM - ok
18:15:46.0678 18584 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:15:46.0680 18584 amdsata - ok
18:15:46.0699 18584 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:15:46.0702 18584 amdsbs - ok
18:15:46.0713 18584 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:15:46.0714 18584 amdxata - ok
18:15:46.0746 18584 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:15:46.0748 18584 AppID - ok
18:15:46.0762 18584 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:15:46.0764 18584 AppIDSvc - ok
18:15:46.0795 18584 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:15:46.0798 18584 Appinfo - ok
18:15:46.0816 18584 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:15:46.0820 18584 AppMgmt - ok
18:15:46.0835 18584 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:15:46.0837 18584 arc - ok
18:15:46.0854 18584 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:15:46.0856 18584 arcsas - ok
18:15:46.0865 18584 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:15:46.0866 18584 AsyncMac - ok
18:15:46.0882 18584 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:15:46.0884 18584 atapi - ok
18:15:46.0904 18584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:15:46.0912 18584 AudioEndpointBuilder - ok
18:15:46.0927 18584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:15:46.0935 18584 AudioSrv - ok
18:15:47.0136 18584 [ 6FDDD18A650764A59302A018765E5521 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
18:15:47.0139 18584 AVP - ok
18:15:47.0149 18584 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:15:47.0153 18584 AxInstSV - ok
18:15:47.0172 18584 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:15:47.0177 18584 b06bdrv - ok
18:15:47.0195 18584 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:15:47.0198 18584 b57nd60a - ok
18:15:47.0215 18584 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:15:47.0218 18584 BDESVC - ok
18:15:47.0224 18584 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:15:47.0225 18584 Beep - ok
18:15:47.0270 18584 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:15:47.0279 18584 BFE - ok
18:15:47.0304 18584 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:15:47.0332 18584 BITS - ok
18:15:47.0342 18584 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:15:47.0344 18584 blbdrive - ok
18:15:47.0389 18584 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:15:47.0391 18584 bowser - ok
18:15:47.0404 18584 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:15:47.0405 18584 BrFiltLo - ok
18:15:47.0417 18584 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:15:47.0418 18584 BrFiltUp - ok
18:15:47.0444 18584 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:15:47.0448 18584 Browser - ok
18:15:47.0464 18584 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:15:47.0468 18584 Brserid - ok
18:15:47.0480 18584 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:15:47.0481 18584 BrSerWdm - ok
18:15:47.0495 18584 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:15:47.0497 18584 BrUsbMdm - ok
18:15:47.0508 18584 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:15:47.0510 18584 BrUsbSer - ok
18:15:47.0543 18584 [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
18:15:47.0544 18584 BthAvrcp - ok
18:15:47.0559 18584 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:15:47.0561 18584 BthEnum - ok
18:15:47.0576 18584 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:15:47.0578 18584 BTHMODEM - ok
18:15:47.0604 18584 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:15:47.0607 18584 BthPan - ok
18:15:47.0635 18584 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:15:47.0642 18584 BTHPORT - ok
18:15:47.0663 18584 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:15:47.0666 18584 bthserv - ok
18:15:47.0689 18584 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:15:47.0691 18584 BTHUSB - ok
18:15:47.0740 18584 [ 19C8E65DC74D8240C3C8BE0F8751B17E ] camdrv42 C:\Windows\system32\DRIVERS\camdrv42.sys
18:15:47.0775 18584 camdrv42 - ok
18:15:47.0785 18584 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:15:47.0788 18584 cdfs - ok
18:15:47.0815 18584 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:15:47.0819 18584 cdrom - ok
18:15:47.0850 18584 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:15:47.0855 18584 CertPropSvc - ok
18:15:47.0872 18584 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:15:47.0874 18584 circlass - ok
18:15:47.0894 18584 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:15:47.0903 18584 CLFS - ok
18:15:47.0964 18584 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:15:47.0970 18584 clr_optimization_v2.0.50727_32 - ok
18:15:48.0005 18584 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:15:48.0011 18584 clr_optimization_v2.0.50727_64 - ok
18:15:48.0081 18584 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:15:48.0086 18584 clr_optimization_v4.0.30319_32 - ok
18:15:48.0112 18584 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:15:48.0118 18584 clr_optimization_v4.0.30319_64 - ok
18:15:48.0132 18584 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:15:48.0134 18584 CmBatt - ok
18:15:48.0143 18584 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:15:48.0145 18584 cmdide - ok
18:15:48.0182 18584 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:15:48.0190 18584 CNG - ok
18:15:48.0207 18584 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:15:48.0209 18584 Compbatt - ok
18:15:48.0233 18584 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:15:48.0236 18584 CompositeBus - ok
18:15:48.0241 18584 COMSysApp - ok
18:15:48.0257 18584 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:15:48.0259 18584 crcdisk - ok
18:15:48.0293 18584 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:15:48.0300 18584 CryptSvc - ok
18:15:48.0341 18584 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:15:48.0350 18584 CSC - ok
18:15:48.0375 18584 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:15:48.0388 18584 CscService - ok
18:15:48.0421 18584 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
18:15:48.0423 18584 dc3d - ok
18:15:48.0463 18584 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:15:48.0493 18584 DcomLaunch - ok
18:15:48.0521 18584 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:15:48.0531 18584 defragsvc - ok
18:15:48.0559 18584 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:15:48.0563 18584 DfsC - ok
18:15:48.0584 18584 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:15:48.0594 18584 Dhcp - ok
18:15:48.0611 18584 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:15:48.0613 18584 discache - ok
18:15:48.0625 18584 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:15:48.0628 18584 Disk - ok
18:15:48.0657 18584 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:15:48.0666 18584 Dnscache - ok
18:15:48.0680 18584 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:15:48.0690 18584 dot3svc - ok
18:15:48.0703 18584 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:15:48.0713 18584 DPS - ok
18:15:48.0729 18584 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:15:48.0731 18584 drmkaud - ok
18:15:48.0773 18584 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:15:48.0789 18584 DXGKrnl - ok
18:15:48.0811 18584 [ 60C5B36E07BE8B3AF3911C3D10303CFE ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
18:15:48.0817 18584 e1kexpress - ok
18:15:48.0834 18584 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:15:48.0844 18584 EapHost - ok
18:15:48.0917 18584 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:15:48.0979 18584 ebdrv - ok
18:15:49.0018 18584 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:15:49.0032 18584 EFS - ok
18:15:49.0125 18584 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:15:49.0137 18584 ehRecvr - ok
18:15:49.0160 18584 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:15:49.0165 18584 ehSched - ok
18:15:49.0188 18584 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:15:49.0197 18584 elxstor - ok
18:15:49.0223 18584 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:15:49.0225 18584 ErrDev - ok
18:15:49.0250 18584 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:15:49.0264 18584 EventSystem - ok
18:15:49.0284 18584 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:15:49.0289 18584 exfat - ok
18:15:49.0302 18584 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:15:49.0307 18584 fastfat - ok
18:15:49.0326 18584 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:15:49.0344 18584 Fax - ok
18:15:49.0359 18584 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:15:49.0361 18584 fdc - ok
18:15:49.0378 18584 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:15:49.0387 18584 fdPHost - ok
18:15:49.0399 18584 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:15:49.0408 18584 FDResPub - ok
18:15:49.0418 18584 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:15:49.0421 18584 FileInfo - ok
18:15:49.0439 18584 [ 7E9839CA88FFF14CF2B7CFFE9E93D461 ] FileLock C:\Windows\system32\drivers\FileLock.sys
18:15:49.0442 18584 FileLock - ok
18:15:49.0453 18584 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:15:49.0456 18584 Filetrace - ok
18:15:49.0465 18584 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:15:49.0467 18584 flpydisk - ok
18:15:49.0488 18584 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:15:49.0494 18584 FltMgr - ok
18:15:49.0538 18584 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:15:49.0572 18584 FontCache - ok
18:15:49.0624 18584 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:15:49.0627 18584 FontCache3.0.0.0 - ok
18:15:49.0642 18584 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:15:49.0645 18584 FsDepends - ok
18:15:49.0667 18584 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:15:49.0670 18584 Fs_Rec - ok
18:15:49.0700 18584 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:15:49.0705 18584 fvevol - ok
18:15:49.0720 18584 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:15:49.0723 18584 gagp30kx - ok
18:15:49.0761 18584 [ 16C2A6BCDDA8952C2035DEC861492A19 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
18:15:49.0763 18584 ggflt - ok
18:15:49.0778 18584 [ 6B503DF845EABF3457E49FBBDA26C10E ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
18:15:49.0780 18584 ggsemc - ok
18:15:49.0804 18584 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:15:49.0823 18584 gpsvc - ok
18:15:49.0836 18584 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:15:49.0839 18584 hcw85cir - ok
18:15:49.0867 18584 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:15:49.0874 18584 HdAudAddService - ok
18:15:49.0913 18584 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:15:49.0916 18584 HDAudBus - ok
18:15:49.0930 18584 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:15:49.0932 18584 HECIx64 - ok
18:15:49.0949 18584 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:15:49.0951 18584 HidBatt - ok
18:15:49.0965 18584 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:15:49.0968 18584 HidBth - ok
18:15:49.0978 18584 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:15:49.0981 18584 HidIr - ok
18:15:50.0002 18584 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:15:50.0012 18584 hidserv - ok
18:15:50.0040 18584 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:15:50.0042 18584 HidUsb - ok
18:15:50.0079 18584 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:15:50.0093 18584 hkmsvc - ok
18:15:50.0129 18584 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:15:50.0146 18584 HomeGroupListener - ok
18:15:50.0158 18584 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:15:50.0180 18584 HomeGroupProvider - ok
18:15:50.0212 18584 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:15:50.0215 18584 HpSAMD - ok
18:15:50.0241 18584 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:15:50.0254 18584 HTTP - ok
18:15:50.0279 18584 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:15:50.0282 18584 hwpolicy - ok
18:15:50.0295 18584 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:15:50.0299 18584 i8042prt - ok
18:15:50.0335 18584 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:15:50.0343 18584 iaStorV - ok
18:15:50.0389 18584 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:15:50.0404 18584 idsvc - ok
18:15:50.0468 18584 [ 4D0D244EE148D89D23AEA33868AA701D ] IduService C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe
18:15:50.0472 18584 IduService - ok
18:15:50.0725 18584 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:15:50.0974 18584 igfx - ok
18:15:51.0006 18584 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:15:51.0010 18584 iirsp - ok
18:15:51.0045 18584 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
18:15:51.0049 18584 IJPLMSVC - ok
18:15:51.0072 18584 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:15:51.0094 18584 IKEEXT - ok
18:15:51.0160 18584 [ 0A3C4D8BE71FDD08FB39A88AF026D196 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:15:51.0212 18584 IntcAzAudAddService - ok
18:15:51.0230 18584 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:15:51.0236 18584 IntcDAud - ok
18:15:51.0245 18584 [ A2EC2ACC0C44120EA7DE1CEBA8F6CE40 ] Intel® Desktop Boards FSC Application Service C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe
18:15:51.0248 18584 Intel® Desktop Boards FSC Application Service - ok
18:15:51.0276 18584 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:15:51.0279 18584 intelide - ok
18:15:51.0293 18584 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:15:51.0296 18584 intelppm - ok
18:15:51.0317 18584 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:15:51.0330 18584 IPBusEnum - ok
18:15:51.0356 18584 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:15:51.0360 18584 IpFilterDriver - ok
18:15:51.0374 18584 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:15:51.0378 18584 IPMIDRV - ok
18:15:51.0392 18584 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:15:51.0396 18584 IPNAT - ok
18:15:51.0406 18584 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:15:51.0408 18584 IRENUM - ok
18:15:51.0421 18584 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:15:51.0424 18584 isapnp - ok
18:15:51.0437 18584 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:15:51.0443 18584 iScsiPrt - ok
18:15:51.0458 18584 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:15:51.0461 18584 kbdclass - ok
18:15:51.0496 18584 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:15:51.0507 18584 kbdhid - ok
18:15:51.0523 18584 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:15:51.0538 18584 KeyIso - ok
18:15:51.0566 18584 [ 549F9D454E9E6697B108F16C569B505A ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
18:15:51.0574 18584 KL1 - ok
18:15:51.0603 18584 [ D865DD8B0448E3F963D68C04C532858F ] kl2 C:\Windows\system32\DRIVERS\kl2.sys
18:15:51.0606 18584 kl2 - ok
18:15:51.0648 18584 [ 08DF1B7A82837B92096EC7597C00889A ] KLIF C:\Windows\system32\DRIVERS\klif.sys
18:15:51.0659 18584 KLIF - ok
18:15:51.0685 18584 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
18:15:51.0688 18584 KLIM6 - ok
18:15:51.0711 18584 [ E6FAA395058F7BAF0F3529CDBA9B7133 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
18:15:51.0714 18584 klkbdflt - ok
18:15:51.0726 18584 [ D398DABD44FDDDBED305442BB7BCDB29 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
18:15:51.0729 18584 klmouflt - ok
18:15:51.0763 18584 [ B9B2AEEE5E17B2CEBC034FF2748577A0 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
18:15:51.0766 18584 kltdi - ok
18:15:51.0771 18584 KMService - ok
18:15:51.0787 18584 [ 8E880E08D7453DB58DAC36C2C48FFD45 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
18:15:51.0792 18584 kneps - ok
18:15:51.0823 18584 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:15:51.0827 18584 KSecDD - ok
18:15:51.0843 18584 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:15:51.0848 18584 KSecPkg - ok
18:15:51.0864 18584 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:15:51.0868 18584 ksthunk - ok
18:15:51.0891 18584 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:15:51.0911 18584 KtmRm - ok
18:15:51.0948 18584 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:15:51.0974 18584 LanmanServer - ok
18:15:51.0997 18584 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:15:52.0025 18584 LanmanWorkstation - ok
18:15:52.0041 18584 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:15:52.0045 18584 lltdio - ok
18:15:52.0064 18584 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:15:52.0082 18584 lltdsvc - ok
18:15:52.0096 18584 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:15:52.0111 18584 lmhosts - ok
18:15:52.0145 18584 [ 1D82A01A368255FE78C65CF66B5B8281 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:15:52.0157 18584 LMS - ok
18:15:52.0188 18584 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:15:52.0231 18584 LSI_FC - ok
18:15:52.0246 18584 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:15:52.0250 18584 LSI_SAS - ok
18:15:52.0260 18584 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:15:52.0263 18584 LSI_SAS2 - ok
18:15:52.0277 18584 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:15:52.0282 18584 LSI_SCSI - ok
18:15:52.0300 18584 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:15:52.0305 18584 luafv - ok
18:15:52.0342 18584 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:15:52.0345 18584 MBAMProtector - ok
18:15:52.0391 18584 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:15:52.0398 18584 MBAMScheduler - ok
18:15:52.0428 18584 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:15:52.0440 18584 MBAMService - ok
18:15:52.0466 18584 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:15:52.0481 18584 Mcx2Svc - ok
18:15:52.0497 18584 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:15:52.0504 18584 megasas - ok
18:15:52.0522 18584 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:15:52.0528 18584 MegaSR - ok
18:15:52.0575 18584 Microsoft SharePoint Workspace Audit Service - ok
18:15:52.0596 18584 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:15:52.0612 18584 MMCSS - ok
18:15:52.0626 18584 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:15:52.0629 18584 Modem - ok
18:15:52.0640 18584 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:15:52.0643 18584 monitor - ok
18:15:52.0658 18584 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:15:52.0662 18584 mouclass - ok
18:15:52.0676 18584 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:15:52.0679 18584 mouhid - ok
18:15:52.0701 18584 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:15:52.0705 18584 mountmgr - ok
18:15:52.0743 18584 [ CC85DEC3B8932F7EC2976DCE2286213A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:15:52.0748 18584 MozillaMaintenance - ok
18:15:52.0774 18584 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:15:52.0779 18584 mpio - ok
18:15:52.0797 18584 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:15:52.0801 18584 mpsdrv - ok
18:15:52.0844 18584 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:15:52.0870 18584 MpsSvc - ok
18:15:52.0901 18584 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:15:52.0905 18584 MRxDAV - ok
18:15:52.0927 18584 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:15:52.0932 18584 mrxsmb - ok
18:15:52.0956 18584 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:15:52.0963 18584 mrxsmb10 - ok
18:15:52.0976 18584 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:15:52.0981 18584 mrxsmb20 - ok
18:15:52.0987 18584 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:15:52.0990 18584 msahci - ok
18:15:53.0014 18584 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:15:53.0018 18584 msdsm - ok
18:15:53.0035 18584 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:15:53.0053 18584 MSDTC - ok
18:15:53.0065 18584 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:15:53.0069 18584 Msfs - ok
18:15:53.0088 18584 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:15:53.0091 18584 mshidkmdf - ok
18:15:53.0118 18584 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:15:53.0121 18584 msisadrv - ok
18:15:53.0144 18584 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:15:53.0157 18584 MSiSCSI - ok
18:15:53.0162 18584 msiserver - ok
18:15:53.0196 18584 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:15:53.0199 18584 MSKSSRV - ok
18:15:53.0207 18584 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:15:53.0211 18584 MSPCLOCK - ok
18:15:53.0225 18584 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:15:53.0228 18584 MSPQM - ok
18:15:53.0259 18584 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:15:53.0266 18584 MsRPC - ok
18:15:53.0284 18584 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:15:53.0287 18584 mssmbios - ok
18:15:53.0298 18584 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:15:53.0301 18584 MSTEE - ok
18:15:53.0310 18584 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:15:53.0313 18584 MTConfig - ok
18:15:53.0325 18584 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:15:53.0329 18584 Mup - ok
18:15:53.0364 18584 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:15:53.0391 18584 napagent - ok
18:15:53.0430 18584 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:15:53.0437 18584 NativeWifiP - ok
18:15:53.0474 18584 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:15:53.0490 18584 NDIS - ok
18:15:53.0507 18584 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:15:53.0510 18584 NdisCap - ok
18:15:53.0523 18584 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:15:53.0526 18584 NdisTapi - ok
18:15:53.0553 18584 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:15:53.0557 18584 Ndisuio - ok
18:15:53.0571 18584 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:15:53.0576 18584 NdisWan - ok
18:15:53.0590 18584 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:15:53.0594 18584 NDProxy - ok
18:15:53.0604 18584 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:15:53.0608 18584 NetBIOS - ok
18:15:53.0626 18584 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:15:53.0633 18584 NetBT - ok
18:15:53.0646 18584 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:15:53.0660 18584 Netlogon - ok
18:15:53.0692 18584 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:15:53.0714 18584 Netman - ok
18:15:53.0734 18584 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:15:53.0757 18584 netprofm - ok
18:15:53.0780 18584 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:15:53.0784 18584 NetTcpPortSharing - ok
18:15:53.0797 18584 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:15:53.0800 18584 nfrd960 - ok
18:15:53.0827 18584 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:15:53.0849 18584 NlaSvc - ok
18:15:53.0874 18584 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
18:15:53.0876 18584 nmwcd - ok
18:15:53.0881 18584 NPF - ok
18:15:53.0898 18584 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:15:53.0902 18584 Npfs - ok
18:15:53.0911 18584 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:15:53.0930 18584 nsi - ok
18:15:53.0943 18584 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:15:53.0947 18584 nsiproxy - ok
18:15:54.0008 18584 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:15:54.0043 18584 Ntfs - ok
18:15:54.0051 18584 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:15:54.0055 18584 Null - ok
18:15:54.0089 18584 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:15:54.0094 18584 nvraid - ok
18:15:54.0106 18584 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:15:54.0110 18584 nvstor - ok
18:15:54.0122 18584 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:15:54.0126 18584 nv_agp - ok
18:15:54.0138 18584 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:15:54.0142 18584 ohci1394 - ok
18:15:54.0164 18584 [ 5CBCE1C10D7830946599011296689F6F ] osaio C:\Windows\system32\drivers\osaio.sys
18:15:54.0167 18584 osaio - ok
18:15:54.0195 18584 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:15:54.0200 18584 ose64 - ok
18:15:54.0363 18584 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:15:54.0456 18584 osppsvc - ok
18:15:54.0481 18584 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:15:54.0525 18584 p2pimsvc - ok
18:15:54.0552 18584 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:15:54.0577 18584 p2psvc - ok
18:15:54.0599 18584 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:15:54.0603 18584 Parport - ok
18:15:54.0626 18584 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:15:54.0631 18584 partmgr - ok
18:15:54.0648 18584 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:15:54.0669 18584 PcaSvc - ok
18:15:54.0694 18584 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:15:54.0700 18584 pci - ok
18:15:54.0707 18584 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:15:54.0711 18584 pciide - ok
18:15:54.0730 18584 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:15:54.0736 18584 pcmcia - ok
18:15:54.0747 18584 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:15:54.0751 18584 pcw - ok
18:15:54.0776 18584 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:15:54.0788 18584 PEAUTH - ok
18:15:54.0834 18584 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:15:54.0885 18584 PeerDistSvc - ok
18:15:54.0950 18584 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:15:54.0966 18584 PerfHost - ok
18:15:55.0026 18584 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:15:55.0077 18584 pla - ok
18:15:55.0101 18584 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:15:55.0131 18584 PlugPlay - ok
18:15:55.0143 18584 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:15:55.0163 18584 PNRPAutoReg - ok
18:15:55.0180 18584 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:15:55.0202 18584 PNRPsvc - ok
18:15:55.0232 18584 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:15:55.0250 18584 PolicyAgent - ok
18:15:55.0279 18584 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:15:55.0309 18584 Power - ok
18:15:55.0319 18584 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:15:55.0324 18584 PptpMiniport - ok
18:15:55.0336 18584 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:15:55.0340 18584 Processor - ok
18:15:55.0363 18584 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:15:55.0386 18584 ProfSvc - ok
18:15:55.0394 18584 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:15:55.0408 18584 ProtectedStorage - ok
18:15:55.0423 18584 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:15:55.0428 18584 Psched - ok
18:15:55.0452 18584 [ 05E19F35C17D8638D7E4F37E55DC2E23 ] pwdrvio C:\Windows\system32\pwdrvio.sys
18:15:55.0472 18584 pwdrvio - ok
18:15:55.0488 18584 [ FCFBB1AF2DCD1C221F60CA394BDE2BAB ] pwdspio C:\Windows\system32\pwdspio.sys
18:15:55.0508 18584 pwdspio - ok
18:15:55.0543 18584 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:15:55.0578 18584 ql2300 - ok
18:15:55.0594 18584 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:15:55.0599 18584 ql40xx - ok
18:15:55.0615 18584 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:15:55.0638 18584 QWAVE - ok
18:15:55.0649 18584 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:15:55.0653 18584 QWAVEdrv - ok
18:15:55.0665 18584 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:15:55.0669 18584 RasAcd - ok
18:15:55.0680 18584 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:15:55.0682 18584 RasAgileVpn - ok
18:15:55.0698 18584 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:15:55.0719 18584 RasAuto - ok
18:15:55.0737 18584 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:15:55.0742 18584 Rasl2tp - ok
18:15:55.0759 18584 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:15:55.0785 18584 RasMan - ok
18:15:55.0808 18584 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:15:55.0812 18584 RasPppoe - ok
18:15:55.0830 18584 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:15:55.0835 18584 RasSstp - ok
18:15:55.0849 18584 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:15:55.0856 18584 rdbss - ok
18:15:55.0872 18584 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:15:55.0876 18584 rdpbus - ok
18:15:55.0886 18584 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:15:55.0889 18584 RDPCDD - ok
18:15:55.0923 18584 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:15:55.0928 18584 RDPDR - ok
18:15:55.0933 18584 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:15:55.0937 18584 RDPENCDD - ok
18:15:55.0946 18584 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:15:55.0949 18584 RDPREFMP - ok
18:15:55.0993 18584 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:15:55.0997 18584 RdpVideoMiniport - ok
18:15:56.0020 18584 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:15:56.0026 18584 RDPWD - ok
18:15:56.0040 18584 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:15:56.0046 18584 rdyboost - ok
18:15:56.0087 18584 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:15:56.0103 18584 RemoteAccess - ok
18:15:56.0120 18584 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:15:56.0143 18584 RemoteRegistry - ok
18:15:56.0168 18584 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:15:56.0174 18584 RFCOMM - ok
18:15:56.0229 18584 [ 0B169FE016039571ECC6DB70073F8979 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
18:15:56.0236 18584 RichVideo64 - ok
18:15:56.0250 18584 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:15:56.0272 18584 RpcEptMapper - ok
18:15:56.0289 18584 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:15:56.0303 18584 RpcLocator - ok
18:15:56.0338 18584 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:15:56.0362 18584 RpcSs - ok
18:15:56.0373 18584 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:15:56.0378 18584 rspndr - ok
18:15:56.0404 18584 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:15:56.0408 18584 s3cap - ok
18:15:56.0418 18584 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:15:56.0431 18584 SamSs - ok
18:15:56.0446 18584 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:15:56.0451 18584 sbp2port - ok
18:15:56.0467 18584 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:15:56.0493 18584 SCardSvr - ok
18:15:56.0517 18584 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:15:56.0521 18584 scfilter - ok
18:15:56.0569 18584 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:15:56.0620 18584 Schedule - ok
18:15:56.0632 18584 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:15:56.0636 18584 SCPolicySvc - ok
18:15:56.0660 18584 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:15:56.0685 18584 SDRSVC - ok
18:15:56.0715 18584 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:15:56.0720 18584 secdrv - ok
18:15:56.0732 18584 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:15:56.0754 18584 seclogon - ok
18:15:56.0772 18584 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:15:56.0794 18584 SENS - ok
18:15:56.0810 18584 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:15:56.0833 18584 SensrSvc - ok
18:15:56.0844 18584 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:15:56.0848 18584 Serenum - ok
18:15:56.0863 18584 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:15:56.0868 18584 Serial - ok
18:15:56.0880 18584 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:15:56.0885 18584 sermouse - ok
18:15:56.0911 18584 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:15:56.0935 18584 SessionEnv - ok
18:15:56.0954 18584 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:15:56.0957 18584 sffdisk - ok
18:15:56.0969 18584 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:15:56.0973 18584 sffp_mmc - ok
18:15:56.0983 18584 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:15:56.0987 18584 sffp_sd - ok
18:15:57.0004 18584 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:15:57.0008 18584 sfloppy - ok
18:15:57.0042 18584 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:15:57.0060 18584 SharedAccess - ok
18:15:57.0082 18584 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:15:57.0109 18584 ShellHWDetection - ok
18:15:57.0122 18584 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:15:57.0131 18584 SiSRaid2 - ok
18:15:57.0153 18584 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:15:57.0158 18584 SiSRaid4 - ok
18:15:57.0173 18584 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:15:57.0178 18584 Smb - ok
18:15:57.0196 18584 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:15:57.0219 18584 SNMPTRAP - ok
18:15:57.0276 18584 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
18:15:57.0281 18584 Sony PC Companion - ok
18:15:57.0294 18584 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:15:57.0298 18584 spldr - ok
18:15:57.0327 18584 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:15:57.0357 18584 Spooler - ok
18:15:57.0442 18584 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:15:57.0529 18584 sppsvc - ok
18:15:57.0545 18584 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:15:57.0570 18584 sppuinotify - ok
18:15:57.0601 18584 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:15:57.0611 18584 srv - ok
18:15:57.0634 18584 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:15:57.0644 18584 srv2 - ok
18:15:57.0675 18584 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:15:57.0681 18584 srvnet - ok
18:15:57.0702 18584 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:15:57.0728 18584 SSDPSRV - ok
18:15:57.0747 18584 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:15:57.0771 18584 SstpSvc - ok
18:15:57.0786 18584 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:15:57.0790 18584 stexstor - ok
18:15:57.0836 18584 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:15:57.0872 18584 stisvc - ok
18:15:57.0902 18584 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:15:57.0906 18584 storflt - ok
18:15:57.0924 18584 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:15:57.0927 18584 storvsc - ok
18:15:57.0943 18584 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:15:57.0947 18584 swenum - ok
18:15:57.0970 18584 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:15:58.0002 18584 swprv - ok
18:15:58.0007 18584 Synth3dVsc - ok
18:15:58.0063 18584 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:15:58.0122 18584 SysMain - ok
18:15:58.0152 18584 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:15:58.0177 18584 TabletInputService - ok
18:15:58.0208 18584 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:15:58.0236 18584 TapiSrv - ok
18:15:58.0252 18584 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:15:58.0278 18584 TBS - ok
18:15:58.0332 18584 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:15:58.0376 18584 Tcpip - ok
18:15:58.0424 18584 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:15:58.0444 18584 TCPIP6 - ok
18:15:58.0481 18584 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:15:58.0485 18584 tcpipreg - ok
18:15:58.0522 18584 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:15:58.0527 18584 TDPIPE - ok
18:15:58.0552 18584 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:15:58.0556 18584 TDTCP - ok
18:15:58.0566 18584 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:15:58.0572 18584 tdx - ok
18:15:58.0657 18584 [ 33966A658FF37E0C65D46E59F37E2380 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
18:15:58.0716 18584 TeamViewer7 - ok
18:15:58.0728 18584 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:15:58.0733 18584 TermDD - ok
18:15:58.0775 18584 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:15:58.0807 18584 TermService - ok
18:15:58.0837 18584 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:15:58.0862 18584 Themes - ok
18:15:58.0873 18584 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:15:58.0888 18584 THREADORDER - ok
18:15:58.0898 18584 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:15:58.0924 18584 TrkWks - ok
18:15:58.0963 18584 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:15:58.0968 18584 TrustedInstaller - ok
18:15:58.0996 18584 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:15:59.0001 18584 tssecsrv - ok
18:15:59.0017 18584 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:15:59.0022 18584 TsUsbFlt - ok
18:15:59.0027 18584 tsusbhub - ok
18:15:59.0052 18584 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:15:59.0058 18584 tunnel - ok
18:15:59.0079 18584 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:15:59.0083 18584 uagp35 - ok
18:15:59.0106 18584 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:15:59.0115 18584 udfs - ok
18:15:59.0120 18584 UFDSVC - ok
18:15:59.0153 18584 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:15:59.0179 18584 UI0Detect - ok
18:15:59.0196 18584 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:15:59.0202 18584 uliagpkx - ok
18:15:59.0229 18584 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:15:59.0234 18584 umbus - ok
18:15:59.0243 18584 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:15:59.0247 18584 UmPass - ok
18:15:59.0280 18584 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:15:59.0308 18584 UmRdpService - ok
18:15:59.0409 18584 [ C6142B8CB72558D91CEA8E38F1B7D905 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:15:59.0459 18584 UNS - ok
18:15:59.0477 18584 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:15:59.0509 18584 upnphost - ok
18:15:59.0525 18584 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:15:59.0531 18584 usbaudio - ok
18:15:59.0565 18584 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:15:59.0570 18584 usbccgp - ok
18:15:59.0585 18584 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:15:59.0590 18584 usbcir - ok
18:15:59.0606 18584 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:15:59.0611 18584 usbehci - ok
18:15:59.0629 18584 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:15:59.0639 18584 usbhub - ok
18:15:59.0656 18584 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:15:59.0661 18584 usbohci - ok
18:15:59.0675 18584 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:15:59.0679 18584 usbprint - ok
18:15:59.0705 18584 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:15:59.0710 18584 usbscan - ok
18:15:59.0741 18584 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:15:59.0747 18584 USBSTOR - ok
18:15:59.0762 18584 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:15:59.0768 18584 usbuhci - ok
18:15:59.0779 18584 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:15:59.0804 18584 UxSms - ok
18:15:59.0814 18584 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:15:59.0828 18584 VaultSvc - ok
18:15:59.0839 18584 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:15:59.0843 18584 vdrvroot - ok
18:15:59.0884 18584 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:15:59.0918 18584 vds - ok
18:15:59.0934 18584 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:15:59.0938 18584 vga - ok
18:15:59.0956 18584 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:15:59.0960 18584 VgaSave - ok
18:15:59.0967 18584 VGPU - ok
18:15:59.0985 18584 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:15:59.0992 18584 vhdmp - ok
18:16:00.0008 18584 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:16:00.0012 18584 viaide - ok
18:16:00.0032 18584 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:16:00.0038 18584 vmbus - ok
18:16:00.0059 18584 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:16:00.0063 18584 VMBusHID - ok
18:16:00.0078 18584 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:16:00.0083 18584 volmgr - ok
18:16:00.0115 18584 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:16:00.0125 18584 volmgrx - ok
18:16:00.0141 18584 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:16:00.0149 18584 volsnap - ok
18:16:00.0167 18584 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:16:00.0173 18584 vsmraid - ok
18:16:00.0215 18584 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:16:00.0274 18584 VSS - ok
18:16:00.0286 18584 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:16:00.0291 18584 vwifibus - ok
18:16:00.0308 18584 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:16:00.0340 18584 W32Time - ok
18:16:00.0364 18584 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:16:00.0369 18584 WacomPen - ok
18:16:00.0398 18584 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:16:00.0403 18584 WANARP - ok
18:16:00.0409 18584 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:16:00.0413 18584 Wanarpv6 - ok
18:16:00.0464 18584 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:16:00.0490 18584 WatAdminSvc - ok
18:16:00.0553 18584 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:16:00.0631 18584 wbengine - ok
18:16:00.0660 18584 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:16:00.0689 18584 WbioSrvc - ok
18:16:00.0714 18584 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:16:00.0745 18584 wcncsvc - ok
18:16:00.0761 18584 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:16:00.0789 18584 WcsPlugInService - ok
18:16:00.0804 18584 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:16:00.0808 18584 Wd - ok
18:16:00.0836 18584 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:16:00.0849 18584 Wdf01000 - ok
18:16:00.0863 18584 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:16:00.0890 18584 WdiServiceHost - ok
18:16:00.0896 18584 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:16:00.0922 18584 WdiSystemHost - ok
18:16:00.0962 18584 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:16:00.0991 18584 WebClient - ok
18:16:01.0001 18584 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:16:01.0030 18584 Wecsvc - ok
18:16:01.0053 18584 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:16:01.0080 18584 wercplsupport - ok
18:16:01.0097 18584 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:16:01.0124 18584 WerSvc - ok
18:16:01.0132 18584 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:16:01.0136 18584 WfpLwf - ok
18:16:01.0149 18584 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:16:01.0154 18584 WIMMount - ok
18:16:01.0162 18584 WinDefend - ok
18:16:01.0170 18584 WinHttpAutoProxySvc - ok
18:16:01.0211 18584 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:16:01.0218 18584 Winmgmt - ok
18:16:01.0286 18584 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:16:01.0354 18584 WinRM - ok
18:16:01.0392 18584 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:16:01.0397 18584 WinUsb - ok
18:16:01.0439 18584 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:16:01.0479 18584 Wlansvc - ok
18:16:01.0509 18584 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:16:01.0513 18584 WmiAcpi - ok
18:16:01.0532 18584 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:16:01.0539 18584 wmiApSrv - ok
18:16:01.0550 18584 WMPNetworkSvc - ok
18:16:01.0560 18584 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:16:01.0588 18584 WPCSvc - ok
18:16:01.0611 18584 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:16:01.0640 18584 WPDBusEnum - ok
18:16:01.0651 18584 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:16:01.0655 18584 ws2ifsl - ok
18:16:01.0664 18584 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:16:01.0694 18584 wscsvc - ok
18:16:01.0699 18584 WSearch - ok
18:16:01.0776 18584 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:16:01.0853 18584 wuauserv - ok
18:16:01.0886 18584 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:16:01.0892 18584 WudfPf - ok
18:16:01.0910 18584 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:16:01.0916 18584 WUDFRd - ok
18:16:01.0934 18584 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:16:01.0964 18584 wudfsvc - ok
18:16:01.0977 18584 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:16:02.0008 18584 WwanSvc - ok
18:16:02.0030 18584 ================ Scan global ===============================
18:16:02.0080 18584 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:16:02.0095 18584 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:16:02.0132 18584 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:16:02.0174 18584 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:16:02.0212 18584 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:16:02.0239 18584 [Global] - ok
18:16:02.0242 18584 ================ Scan MBR ==================================
18:16:02.0251 18584 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:16:03.0552 18584 \Device\Harddisk0\DR0 - ok
18:16:03.0557 18584 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:16:03.0655 18584 \Device\Harddisk1\DR1 - ok
18:16:03.0659 18584 [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk2\DR2
18:16:03.0734 18584 \Device\Harddisk2\DR2 - ok
18:16:03.0735 18584 ================ Scan VBR ==================================
18:16:03.0748 18584 [ 6DC1A487CD99EA126629C9297BC8B19B ] \Device\Harddisk0\DR0\Partition1
18:16:03.0750 18584 \Device\Harddisk0\DR0\Partition1 - ok
18:16:03.0755 18584 [ 77A00801B211EE71EC0BB79BA1B3B4E2 ] \Device\Harddisk0\DR0\Partition2
18:16:03.0757 18584 \Device\Harddisk0\DR0\Partition2 - ok
18:16:03.0779 18584 [ 796CCDC5CC415426E4D3BCD597864AF1 ] \Device\Harddisk0\DR0\Partition3
18:16:03.0782 18584 \Device\Harddisk0\DR0\Partition3 - ok
18:16:03.0802 18584 [ AAC9E149FB433BE469213607C42D08B9 ] \Device\Harddisk0\DR0\Partition4
18:16:03.0805 18584 \Device\Harddisk0\DR0\Partition4 - ok
18:16:03.0821 18584 [ 61DF30FBF9B0822F3A477CA723292805 ] \Device\Harddisk0\DR0\Partition5
18:16:03.0824 18584 \Device\Harddisk0\DR0\Partition5 - ok
18:16:03.0828 18584 [ 0AF47A366DBDDC5623E128307EE75180 ] \Device\Harddisk1\DR1\Partition1
18:16:03.0832 18584 \Device\Harddisk1\DR1\Partition1 - ok
18:16:03.0838 18584 [ ADE20BA1E2F3FD1411D41DB69AF517FF ] \Device\Harddisk2\DR2\Partition1
18:16:03.0840 18584 \Device\Harddisk2\DR2\Partition1 - ok
18:16:03.0841 18584 ============================================================
18:16:03.0841 18584 Scan finished
18:16:03.0841 18584 ============================================================
18:16:03.0859 18576 Detected object count: 0
18:16:03.0859 18576 Actual detected object count: 0
18:17:21.0629 19052 Deinitialize success



aswMBR Log :
=============

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-25 18:14:57
-----------------------------
18:14:57.178 OS Version: Windows x64 6.1.7601 Service Pack 1
18:14:57.178 Number of processors: 4 586 0x2505
18:14:57.180 ComputerName: MEHBOOB-PC UserName: Mehboob
18:14:59.748 Initialize success
18:15:08.361 AVAST engine defs: 12092500
18:17:17.095 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-5
18:17:17.100 Disk 0 Vendor: ST31000524AS JC4B Size: 953869MB BusType: 3
18:17:17.103 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000079
18:17:17.107 Disk 1 Vendor: Size: 953869MB BusType: 0
18:17:17.111 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000007a
18:17:17.115 Disk 2 Vendor: Size: 953869MB BusType: 0
18:17:17.179 Disk 0 MBR read successfully
18:17:17.186 Disk 0 MBR scan
18:17:17.195 Disk 0 Windows 7 default MBR code
18:17:17.212 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 191485 MB offset 63
18:17:17.221 Disk 0 Partition - 00 0F Extended LBA 762373 MB offset 392162715
18:17:17.243 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 191485 MB offset 392162778
18:17:17.253 Disk 0 Partition - 00 05 Extended 191485 MB offset 784325430
18:17:17.299 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 191485 MB offset 784325493
18:17:17.311 Disk 0 Partition - 00 05 Extended 191485 MB offset 1568650860
18:17:17.340 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 191485 MB offset 1176488208
18:17:17.351 Disk 0 Partition - 00 05 Extended 187916 MB offset 2352976290
18:17:17.375 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 187916 MB offset 1568650923
18:17:17.485 Disk 0 scanning C:\Windows\system32\drivers
18:17:43.588 Service scanning
18:18:11.111 Modules scanning
18:18:11.123 Disk 0 trace - called modules:
18:18:11.151 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
18:18:11.160 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048f6060]
18:18:11.168 3 CLASSPNP.SYS[fffff880020b543f] -> nt!IofCallDriver -> [0xfffffa80042fa580]
18:18:11.176 5 ACPI.sys[fffff88000eeb7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-5[0xfffffa8004311060]
18:18:12.755 AVAST engine scan C:\Windows
18:18:17.824 AVAST engine scan C:\Windows\system32
18:22:13.261 AVAST engine scan C:\Windows\system32\drivers
18:22:27.711 AVAST engine scan C:\Users\Mehboob
18:29:17.167 AVAST engine scan C:\ProgramData
18:31:23.126 Scan finished successfully
18:32:01.521 Disk 0 MBR has been saved successfully to "C:\Users\Mehboob\Desktop\MBR.dat"
18:32:01.528 The log file has been saved successfully to "C:\Users\Mehboob\Desktop\aswMBR.txt"


ESET online scanner:
====================

F:\SOFTWARE\ESET Smart Security 4.2.71.2.exe Win32/RiskWare.HackAV.FI application deleted - quarantined
F:\SOFTWARE\1-Click.PC.Fix.v4.1\1-Click.PC.Fix.v4.1\1ClickPCfix.exe probably a variant of Win32/Adware.IEDAFXP application cleaned by deleting - quarantined
F:\SOFTWARE\Dr.Gen.Pro.v9.0.0.182\9.0.0.182\Driver_Genius_9_Professional_US_Full.EXE probably a variant of Win32/Agent.BJSCQS trojan cleaned by deleting - quarantined
F:\SOFTWARE\ESET.Key.Finder.V8\ESET Nod32 & Smart Security Key Finder V8 Final.exe Win32/RiskWare.HackAV.GH application cleaned by deleting - quarantined
F:\SOFTWARE\Microsoft Office 2010 Professional Plus x64 x86\Microsoft Office 2010 Combined Edition X64 64bit\Crack\mini-KMS_Activator_v1.3_Office2010_VL_ENG.exe a variant of Win32/HackKMS.A application deleted - quarantined
F:\SOFTWARE\Microsoft Office 2010 Professional Plus x64 x86\Microsoft Office 2010 Combined Edition X64 64bit\Crack\mini-KMS_Activator_v1.3_Office2010_VL_RUS.exe a variant of Win32/HackKMS.A application deleted - quarantined
F:\SOFTWARE\Super.Yahoo.Messenger.Archive.Decoder.v35.02.Inc.Patch.Under.SEH.Team\Super Yahoo Messenger Archive Decoder_35.02_Patch_Dr.XJ - Under SEH Team.exe a variant of Win32/Packed.SDProtector.A application cleaned by deleting - quarantined
G:\external drive\Noor\hp back pp 15Jan2011(Delete)\Desktop Data\Noor\AppData\Local\Temp\NERO14182\Toolbar.exe Win32/Toolbar.AskSBar application cleaned by deleting - quarantined
G:\external drive\Noor\USTG IBC BkpJan2011\Download\ImTOO PDF to Word Converter 1.0.1.1116\pdf-to-word-converter.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
G:\external drive\Noor\USTG IBC BkpJan2011\Download\UniversalDocumentConverter-v5.0.909.4130_+_Crack\UDC_v5.0.909.4130.exe Win32/Qhost.ODU trojan cleaned by deleting - quarantined
M:\install\Microsoft Office 2010 Professional Plus x64 x86\Microsoft Office 2010 Combined Edition X64 64bit\Crack\mini-KMS_Activator_v1.3_Office2010_VL_RUS.exe a variant of Win32/HackKMS.A application deleted - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 PM

Posted 25 September 2012 - 09:40 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

#5 mehboob8888

mehboob8888
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:13 PM

Posted 25 September 2012 - 11:32 AM

1) Malwarebytes
=================
Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.25.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mehboob :: MEHBOOB-PC [administrator]

Protection: Enabled

25-09-2012 20:13:51
mbam-log-2012-09-25 (20-13-51).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 340484
Time elapsed: 44 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




2) mini toolbox
==================

MiniToolBox by Farbar Version: 23-07-2012
Ran by Mehboob (administrator) on 25-09-2012 at 21:01:07
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




========================= IP Configuration: ================================

Intel® 82578DC Gigabit Network Connection = Local Area Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 4 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Mehboob-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #4
Physical Address. . . . . . . . . : 00-15-83-15-A3-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82578DC Gigabit Network Connection
Physical Address. . . . . . . . . : E0-69-95-58-0D-AB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::99ba:4a2c:4a47:fef8%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 25 September 2012 06:24:03
Lease Expires . . . . . . . . . . : 26 September 2012 18:24:03
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 299919765
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A7-DD-99-E0-69-95-58-0D-AB
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{ED802773-CC92-441B-89CA-517799CA4273}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2404:6800:4007:800::1002
74.125.236.32
74.125.236.33
74.125.236.34
74.125.236.35
74.125.236.36
74.125.236.37
74.125.236.38
74.125.236.39
74.125.236.40
74.125.236.41
74.125.236.46


Pinging google.com [74.125.236.41] with 32 bytes of data:
Reply from 74.125.236.41: bytes=32 time=108ms TTL=55
Reply from 74.125.236.41: bytes=32 time=107ms TTL=55

Ping statistics for 74.125.236.41:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 107ms, Maximum = 108ms, Average = 107ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=1393ms TTL=50
Reply from 72.30.38.140: bytes=32 time=1090ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1090ms, Maximum = 1393ms, Average = 1241ms
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=10ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 5ms, Maximum = 10ms, Average = 7ms
===========================================================================
Interface List
22...00 15 83 15 a3 10 ......Bluetooth Device (Personal Area Network) #4
13...e0 69 95 58 0d ab ......Intel® 82578DC Gigabit Network Connection
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 276
192.168.1.2 255.255.255.255 On-link 192.168.1.2 276
192.168.1.255 255.255.255.255 On-link 192.168.1.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 276 fe80::/64 On-link
13 276 fe80::99ba:4a2c:4a47:fef8/128
On-link
1 306 ff00::/8 On-link
13 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/25/2012 06:08:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/25/2012 05:41:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/25/2012 10:31:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/25/2012 10:31:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/25/2012 10:30:06 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (09/25/2012 05:29:11 AM) (Source: Application Hang) (User: )
Description: The program _iu14D2N.tmp version 51.52.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1004

Start Time: 01cd9ab049fba6fc

Termination Time: 0

Application Path: C:\Users\Mehboob\AppData\Local\Temp\_iu14D2N.tmp

Report Id:

Error: (09/25/2012 05:09:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/24/2012 08:49:42 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (09/24/2012 04:02:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/24/2012 04:02:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (09/25/2012 06:21:25 AM) (Source: Service Control Manager) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/25/2012 04:33:31 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (09/25/2012 04:33:30 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (09/25/2012 04:17:14 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/25/2012 04:17:14 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/25/2012 04:17:13 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (09/25/2012 04:17:11 AM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/25/2012 04:17:05 AM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/25/2012 04:17:00 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
discache
KLIF
kneps
spldr
Wanarpv6

Error: (09/25/2012 04:17:00 AM) (Source: DCOM) (User: )
Description: 1084TermService{F9A874B6-F8A8-4D73-B5A8-AB610816828B}


Microsoft Office Sessions:
=========================
Error: (09/25/2012 06:08:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mehboob\Downloads\esetsmartinstaller_enu.exe

Error: (09/25/2012 05:41:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mehboob\Downloads\esetsmartinstaller_enu.exe

Error: (09/25/2012 10:31:39 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files (x86)\Philips\philips spc900nc pc camera\xp64\Tray900.exe

Error: (09/25/2012 10:31:38 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files (x86)\Philips\philips spc900nc pc camera\vista64\Tray900.exe

Error: (09/25/2012 10:30:06 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (09/25/2012 05:29:11 AM) (Source: Application Hang)(User: )
Description: _iu14D2N.tmp51.52.0.0100401cd9ab049fba6fc0C:\Users\Mehboob\AppData\Local\Temp\_iu14D2N.tmp

Error: (09/25/2012 05:09:13 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mehboob\Desktop\raju\esetsmartinstaller_enu.exe

Error: (09/24/2012 08:49:42 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (09/24/2012 04:02:31 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files (x86)\Philips\philips spc900nc pc camera\xp64\Tray900.exe

Error: (09/24/2012 04:02:31 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files (x86)\Philips\philips spc900nc pc camera\vista64\Tray900.exe


=========================== Installed Programs ============================

µTorrent (Version: 3.2.0)
ABBYY ScanTo Office 1.0 (Version: 1.00.899.4211)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Apple Application Support (Version: 1.2.1)
Apple Software Update (Version: 2.1.1.116)
Bullzip PDF Printer 7.1.0.1195
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
CanoScan LiDE 110 Scanner Driver
CCleaner (Version: 3.21)
ConvertHelper 2.2
CyberLink PowerDirector 10 (Version: 10.0.0.1012)
CyberLink WaveEditor (Version: 1.0.1.3320)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
DivX Setup (Version: 2.6.1.8)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Foxit PDF Editor (Version: 2.2.1.1119)
Garmin USB Drivers (Version: 2.3.1.0)
Garmin WebUpdater (Version: 2.5.6)
GiliSoft File Lock Pro 4.4 (Version: 4.4)
Google Talk (remove only)
Google Talk Plugin (Version: 3.6.1.9117)
GPL Ghostscript Lite 8.70
Intel® Control Center (Version: 1.2.1.1007)
Intel® Desktop Utilities (Version: 1.0.0)
Intel® Desktop Utilities (Version: 3.1.4)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2141)
Intel® Integrator Assistant (Version: 1.0.0)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Management Engine Interface
Intel® Network Connections 15.3.68.0 (Version: 15.3.68.0)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 35 (Version: 6.0.350)
Java™ 7 (64-bit) (Version: 7.0.0)
Java™ SE Development Kit 7 (64-bit) (Version: 1.7.0.0)
Kaspersky Internet Security 2013 (Version: 13.0.0.3370)
Magic DVD Ripper V6.0.2
Magic ISO Maker v5.5 (build 0281)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 16.0 (x86 en-US) (Version: 16.0)
Mozilla Maintenance Service (Version: 16.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero Burning ROM 10 (Version: 10.2.11000.12.100)
Nero Burning ROM 10 (Version: 10.5.10300)
Nero BurningROM 10 Help (CHM) (Version: 10.5.10100)
Nero BurnRights 10 (Version: 4.2.10300.0.102)
Nero BurnRights 10 Help (CHM) (Version: 10.5.10000)
Nero Control Center 10 (Version: 10.2.10600.0.6)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.17400.8.2)
Nokia Connectivity Cable Driver (Version: 7.1.32.69)
Ontrack EasyRecovery Professional (Version: 6.22.01)
PC Tool for VeryAndroid Contacts Backup 2.2 (Version: 2.2)
Philips SPC 900NC PC Camera
Philips SPC 900NC PC Camera (Version: 1.00.000)
Philips VLounge
PowerDirector (Version: 10.00.0000)
QuickTime (Version: 7.66.71.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6106)
RocketDock 1.3.5
SmartSound Quicktracks 5 (Version: 5.1.8)
Sony Ericsson Update Engine (Version: 2.12.9.24)
Sony Mobile Update Service (Version: 2.12.8.23)
Sony PC Companion 2.10.094 (Version: 2.10.094)
TeamViewer 7 (Version: 7.0.12313)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598289) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Video Thumbnails Maker by Scorp (remove only)
VLC media player 2.0.2 (Version: 2.0.2)
VueScan
Windows 7 Manager (Version: 4.1.3)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
WinPcap 3.1 beta3
WinRAR archiver
Wondershare PDF to Word (Build 3.1.0)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 65%
Total physical RAM: 3893.32 MB
Available physical RAM: 1330.89 MB
Total Pagefile: 7784.83 MB
Available Pagefile: 4621.04 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.15 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:187 GB) (Free:121.5 GB) NTFS
2 Drive d: (Personal) (Fixed) (Total:187 GB) (Free:167.6 GB) NTFS
3 Drive e: (Music) (Fixed) (Total:187 GB) (Free:149.45 GB) NTFS
4 Drive f: (Important) (Fixed) (Total:187 GB) (Free:144.39 GB) NTFS
5 Drive g: () (Fixed) (Total:183.51 GB) (Free:103.72 GB) NTFS
7 Drive i: (FreeAgent Drive) (Fixed) (Total:1863.01 GB) (Free:1155.09 GB) NTFS
8 Drive m: (MY PASSPORT) (Fixed) (Total:465.64 GB) (Free:162.53 GB) FAT32

========================= Users: ========================================

User accounts for \\MEHBOOB-PC

Administrator Guest Mehboob

========================= Restore Points ==================================

14-09-2012 10:46:19 Removed Java 7 Update 7
14-09-2012 10:47:03 Installed Java 7 Update 7
14-09-2012 17:32:07 Removed Windows 7 Manager
14-09-2012 17:42:25 Installed Windows 7 Manager
14-09-2012 17:43:21 Windows 7 Manager v4.1.3 System-Restore Point
18-09-2012 00:51:17 Removed Garmin Communicator Plugin x64
18-09-2012 00:52:39 Removed HP USB Disk Storage Format Tool
19-09-2012 08:24:22 Windows Update
22-09-2012 06:23:32 Windows Update
24-09-2012 09:01:07 Device Driver Package Install: Hamrick Software Imaging devices
25-09-2012 12:07:44 Removed ExtremeCopy.

**** End of log ****



3) FSS
========

Farbar Service Scanner Version: 19-09-2012
Ran by Mehboob (administrator) on 25-09-2012 at 21:04:32
Running from "C:\Users\Mehboob\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****





4) adware cleaner
==================
# AdwCleaner v2.003 - Logfile created 09/25/2012 at 21:09:56
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Mehboob - MEHBOOB-PC
# Boot Mode : Normal
# Running from : C:\Users\Mehboob\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Mehboob\AppData\Local\funmoods-speeddial.crx
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Mehboob\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\f
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Web Assistant

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v16.0 (en-US)

Profile name : default
File : C:\Users\Mehboob\AppData\Roaming\Mozilla\Firefox\Profiles\po93xw15.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3329 octets] - [25/09/2012 21:09:56]

########## EOF - C:\AdwCleaner[S1].txt - [3389 octets] ##########




5) Junkware removal tool
========================
Junkware Removal Tool (JRT) by Thisisu
Version: 1.0.7 (09.24.2012)
OS: Windows 7 Ultimate x64
Ran by Mehboob on 25-09-2012 at 21:50:50.78
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\stats\{336d0c35-8a85-403a-b9d2-65c292c39087}
Successfully deleted: [KEY] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasapi32"
Successfully deleted: [KEY] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasmancs"



*** Files: 0 Detections



*** Folders: 0 Detections



*** Ask Toolbar: - Remnants removed




*** FireFox detected and repaired:

Successfully deleted: [FF .XML SEARCHPLUGINS PROG] "C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml"


The below lines were deleted from [FF prefs.js]

=============================

=============================



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on 25-09-2012 at 21:51:34.31
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 PM

Posted 25 September 2012 - 01:11 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 mehboob8888

mehboob8888
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:13 PM

Posted 25 September 2012 - 01:30 PM

Bunch of logs freaking me out ... Is this serious prob ? will it be solved ? :blink: I still see that redirection page :mellow: anyways logs are below

1) RKill
============

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/25/2012 11:48:46 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ufdsvc.exe (PID: 2256) [WD-HEUR]
* C:\Windows\SysWOW64\drivers\Phibtn.exe (PID: 3224) [WD-HEUR]
* C:\Windows\SysWOW64\drivers\Tray900.exe (PID: 3588) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Mehboob\Desktop\rkill\rkill-09-25-2012-11-48-56.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* iphlpsvc [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/25/2012 11:49:09 PM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)


2) Autoruns
============

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files\microsoft office\office14\bcssync.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AVP" "Kaspersky Anti-Virus" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\avp.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "googletalk" "Google Talk" "Google" "c:\program files (x86)\google\google talk\googletalk.exe"
+ "ipTray.exe" "Tray application for Intel® Desktop Utilities" "Intel® Corporation" "c:\program files (x86)\intel\intel desktop utilities\iptray.exe"
+ "PhiBtn" "Snapshot and Launch button application" "Philips" "c:\windows\syswow64\drivers\phibtn.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TrayMin900" "System Tray Application" "Philips" "c:\windows\syswow64\drivers\tray900.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Internet Explorer" "" "" "File not found: start"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\mehboob\appdata\local\facebook\update\facebookupdate.exe"
+ "Messenger (Yahoo!)" "Yahoo! Messenger" "Yahoo! Inc." "c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe"
+ "RocketDock" "" "" "c:\program files (x86)\rocketdock\rocketdock.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "Sony PC Companion" "Sony PC Companion" "Sony" "c:\program files (x86)\sony\sony pc companion\pccompanion.exe"
+ "uTorrent" "µTorrent" "BitTorrent, Inc." "c:\program files (x86)\utorrent\utorrent.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gili File Lock Pro(64)" "Gili File Lock Pro ContextMenu Module" "GiliSoft International LLC" "c:\program files (x86)\gilisoft\file lock pro\gilifileshell64.dll"
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\x64\shellex.dll"
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files (x86)\magiciso\misosh64.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "ABBYYS2OContextMenuExtension" "ABBYY ScanTo Office Shell Extension" "ABBYY (BIT Software)" "c:\program files (x86)\abbyy scanto office 1.0\stoshellextension.dll"
+ "Gili FileLock Pro" "Gili File Lock Pro ContextMenu Module" "GiliSoft International LLC" "c:\program files (x86)\gilisoft\file lock pro\gilifileshell.dll"
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\shellex.dll"
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gili File Lock Pro(64)" "Gili File Lock Pro ContextMenu Module" "GiliSoft International LLC" "c:\program files (x86)\gilisoft\file lock pro\gilifileshell64.dll"
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\x64\shellex.dll"
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files (x86)\magiciso\misosh64.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gili FileLock Pro" "Gili File Lock Pro ContextMenu Module" "GiliSoft International LLC" "c:\program files (x86)\gilisoft\file lock pro\gilifileshell.dll"
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\shellex.dll"
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gili File Lock Pro(64)" "Gili File Lock Pro ContextMenu Module" "GiliSoft International LLC" "c:\program files (x86)\gilisoft\file lock pro\gilifileshell64.dll"
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\x64\shellex.dll"
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files (x86)\magiciso\misosh64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gili FileLock Pro" "Gili File Lock Pro ContextMenu Module" "GiliSoft International LLC" "c:\program files (x86)\gilisoft\file lock pro\gilifileshell.dll"
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\shellex.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "FLockObj Class" "FileLockPlugin Module" "" "c:\program files (x86)\gilisoft\file lock pro\folderlockplugin64.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Safe Money Plugin" "Safe Money Plugin" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\x64\ieext\onlinebanking\online_banking_bho.dll"
+ "URL Advisor Plugin" "URL Advisor Plugin" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\x64\ieext\urladvisor\klwtbbho.dll"
+ "Virtual Keyboard Plugin" "Virtual Keyboard Plugin" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\x64\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "FLockObj Class" "FileLockPlugin Module" "" "c:\program files (x86)\gilisoft\file lock pro\folderlockplugin.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Safe Money Plugin" "Safe Money Plugin" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\ieext\onlinebanking\online_banking_bho.dll"
+ "URL Advisor Plugin" "URL Advisor Plugin" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll"
+ "Virtual Keyboard Plugin" "Virtual Keyboard Plugin" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Virtual Keyboard" "Virtual Keyboard Plugin" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\x64\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "URLs c&heck" "URL Advisor Plugin" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\x64\ieext\urladvisor\klwtbbho.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Virtual Keyboard" "Virtual Keyboard Plugin" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "URLs c&heck" "URL Advisor Plugin" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1450948210-3987488556-3774242164-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\mehboob\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1450948210-3987488556-3774242164-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\mehboob\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1450948210-3987488556-3774242164-1000Core" "" "" "File not found: C:\Users\Mehboob\AppData\Local\Google\Update\GoogleUpdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1450948210-3987488556-3774242164-1000UA" "" "" "File not found: C:\Users\Mehboob\AppData\Local\Google\Update\GoogleUpdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\{FA79E03E-513C-4398-B8AE-7E6048E12735}" "" "" "File not found: C:\Users\Mehboob\Downloads\FacebookVideoCallSetup_v1.2.203.0.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AVP" "Provides computer protection against viruses, dangerous software, network attacks, internet fraud and spam." "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2013\avp.exe"
+ "IduService" "Manages IDU component communication and alerts" "Intel® Corporation" "c:\program files (x86)\intel\intel desktop utilities\iduserv.exe"
+ "IJPLMSVC" "Collects log data from the IJ printer and manages data transmission." "" "c:\program files (x86)\canon\ijplm\ijplmsvc.exe"
+ "Intel® Desktop Boards FSC Application Service" "Supports the instrumentation of the Sensors and Fan Speed Controllers utilized on Intel® Desktop Boards." "Intel Corporation" "c:\program files (x86)\intel\fsc\fscappserv.exe"
+ "KMService" "Software licensing service" "" "c:\windows\syswow64\srvany.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "ose64" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RichVideo64" "RichVideo Module" "" "c:\program files\cyberlink\shared files\richvideo64.exe"
+ "Sony PC Companion" "Provides support for Sony PC Companion Core and Services." "Avanquest Software" "c:\program files (x86)\sony\sony pc companion\pccservice.exe"
+ "TeamViewer7" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files (x86)\teamviewer\version7\teamviewer_service.exe"
+ "UFDSVC" "UFD Command Service" "Generic" "c:\windows\syswow64\ufdsvc.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BthAvrcp" "Bluetooth Remote Control Driver" "CSR, plc" "c:\windows\system32\drivers\bthavrcp.sys"
+ "camdrv42" "" "" "c:\windows\system32\drivers\camdrv42.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "e1kexpress" "Intel® Gigabit Adapter NDIS 6.x driver" "Intel Corporation" "c:\windows\system32\drivers\e1k62x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "FileLock" "File Lock Kernel Modual" "Gili Soft Inc." "c:\windows\system32\drivers\filelock.sys"
+ "ggflt" "SEMC USB Flash Driver Filter" "Sony Ericsson Mobile Communications" "c:\windows\system32\drivers\ggflt.sys"
+ "ggsemc" "SEMC USB Flash Driver" "Sony Ericsson Mobile Communications" "c:\windows\system32\drivers\ggsemc.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "KL1" "Kaspersky Unified Driver" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\kl1.sys"
+ "kl2" "Kaspersky Unified Driver" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\kl2.sys"
+ "KLIF" "Kaspersky Lab Interceptor and Filter" "Kaspersky Lab" "c:\windows\system32\drivers\klif.sys"
+ "KLIM6" "Kaspersky Anti-Virus NDIS 6 Filter" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\klim6.sys"
+ "klkbdflt" "Kaspersky Lab Keyboard Class Filter" "Kaspersky Lab" "c:\windows\system32\drivers\klkbdflt.sys"
+ "klmouflt" "Kaspersky Lab Mouse Class Filter" "Kaspersky Lab" "c:\windows\system32\drivers\klmouflt.sys"
+ "kltdi" "Network filtering component" "Kaspersky Lab" "c:\windows\system32\drivers\kltdi.sys"
+ "kneps" "KNEPS Power" "Kaspersky Lab" "c:\windows\system32\drivers\kneps.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nmwcd" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmbx64.sys"
+ "NPF" "" "" "File not found: system32\drivers\npf.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "osaio" "OSA I/O Port Driver" "OSA Technologies, An Avocent Company" "c:\windows\system32\drivers\osaio.sys"
+ "pwdrvio" "" "" "c:\windows\system32\pwdrvio.sys"
+ "pwdspio" "" "" "c:\windows\system32\pwdspio.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "Synth3dVsc" "" "" "File not found: System32\drivers\synth3dvsc.sys"
+ "tsusbhub" "@%SystemRoot%\system32\drivers\tsusbhub.sys,-2" "" "File not found: system32\drivers\tsusbhub.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Arcsoft AC3 Audio Decoder" "ArcSoft AC3 Audio Decoder" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\ac3dec.ax"
+ "Arcsoft DV Transition" "DV Transition Buffer" "Arcsoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\dvtransition.ax"
+ "Arcsoft MPEG Audio Decoder" "ArcSoft MPEG Audio Decoder" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\mpgaudio.ax"
+ "Arcsoft Mpeg Encoder Filter" "" "ArcSoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\arcmpegcodec.ax"
+ "ArcSoft Mpeg Mplex Filter" "MplexFilter" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\arcmplexfilter.ax"
+ "Arcsoft Mpeg Mplex Filter" "MplexFilter" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\mplexfilter.ax"
+ "ArcSoft MPEG Splitter" "MPGSplitter Filter" "ArcSoft Co. (hangzhou, PRC)" "c:\program files (x86)\common files\arcsoft\mpeg engine\arcspl.ax"
+ "ArcSoft MPEG Video Decoder" "ArcSoft Mpeg Video Decoder Filter" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\mpgvideo.ax"
+ "Arcsoft Mpeg2Audio Encoder" "Mpeg2AudioEncoder" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\mpeg2audioencoder.ax"
+ "Arcsoft Realtime Capture Encoder Filter" "Arc Real time Capture Encoder Filter" "Arcsoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\arccaptureencoder.ax"
+ "Arcsoft Source Buffer Filter" "Device Source Buffer Filter" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\srcbuffer.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "Snapshot" "Arcsoft Snapshot Filter 1.0" "Arcsoft Corporation" "c:\program files (x86)\common files\arcsoft\shared filters\arcsnap.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Bullzip PDF Print Monitor" "Bullzip PDF Writer" "Bullzip" "c:\windows\system32\bzpdf.dll"
"C:\Users\Mehboob\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Kaspersky Gadget" "Состояние защиты вашего компьютера." "Лаборатория Касперского" "C:\Program Files\Windows Sidebar\Shared Gadgets\Kaspersky13.Gadget\Gadget.xml"
+ "Talking Clock" "Finally a clock that really 'tells' the time!" "Home Cooked Gadgets" "C:\Users\Mehboob\AppData\Local\Microsoft\Windows Sidebar\Gadgets\TalkingClock.gadget\Gadget.xml"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 PM

Posted 25 September 2012 - 02:05 PM

Bunch of logs freaking me out ... Is this serious prob ? will it be solved ? :blink: I still see that redirection page :mellow: anyways logs are below


I'm not seeing anything suspicious

Which browser has this redirect?

#9 mehboob8888

mehboob8888
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:13 PM

Posted 25 September 2012 - 02:21 PM

Mozilla FireFox as i mention its only happening when i refresh/reload the extratorrent.com,

Steps :

1. www.extratorrent.com
2. clicking on some movie which opens the page related to the movie HERE STARTS : if i just refesh/ reload in case of delay in display page IT REDIRECTS to " http://8.26.70.252/see/display.php?q=free%20movies&affid=extratorrent&subid=exityield&p=2&r=0 "


Now I was wondering this page display something else this time " Parse error: syntax error, unexpected T_ENDIF in /var/www/see/public_html/layout_standard.php on line 43 "

before i use to get some free streaming video downloads blah blah blah links in the redirected page

Hope some of given tools has killed its display

I have no problems with Internet explorer 9 its just working fine with extratorrent.com .... but Firefox is great browser and its happening with it ... i want to get rid of this redirect page display from Firefox :(

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 PM

Posted 25 September 2012 - 02:25 PM

Try this

Export your bookmarks from firefox

http://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

After exporting it

Uninstall firefox

Makesure to checkmark Remove my personal data option

Reinstall firefox and import your bookmarks

Let me know how it goes

#11 mehboob8888

mehboob8888
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:13 PM

Posted 25 September 2012 - 02:40 PM

uninstalled Firefox

re-installed official version 15 of Firefox

Still same prob :( after 4th attempt

http://8.26.70.252/see/display.php?q=movie%20downloads&affid=extratorrent&subid=exityield&p=2&r=0


" Parse error: syntax error, unexpected T_ENDIF in /var/www/see/public_html/layout_standard.php on line 43 "

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 PM

Posted 25 September 2012 - 02:47 PM

If redirects happens only on extratorrent I think the problem is with the site itself.We have even reinstalled firefox so there is nothing malicious.

If you're still doubtful, lets take a deeper look

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#13 mehboob8888

mehboob8888
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:13 PM

Posted 25 September 2012 - 03:07 PM

Before we go deeper with the logs and new topic,

i want to give clear picture regarding my description

i hope site extratorrent is not problem.

Summary
=========

1) Mozilla FireFox extratorrent.com(got Problem) Refresh/Reload redirected to http://8.26.70.252/....

2) IE extratorrent.com (its working fine) Refresh/Reload sticks with extratorrent page (works fine)

why is this happening with only Firefox browser ?

can i have any quick fix about it ?

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 PM

Posted 25 September 2012 - 03:33 PM

I dont think there is a QUICK FIX

Create a new topic with proper logs

good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users