Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tried to clean virus, but still unable to connect to Internet


  • Please log in to reply
12 replies to this topic

#1 PicNroll

PicNroll

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 25 September 2012 - 08:59 AM

I have a Windows 7 home Premium PC that may still be infected by a virus, or at the very least, has been affected so that I cannot connect to the Internet via an ethernet cable or wireless. The wireless indicator says that I am connected to my wireless lan, but has the yellow exclamation mark and says "No Internet Access". As part of the process of eliminating my virus to begin with, I ran Combofix in Safe Mode (because the program would not successfully even run in normal Windows mode). One other issue is that my security software (McAfee Security Center) is unable to run real-time scanning. When I attempt to turn on the McAfee Real-Time Scanning, it turns on for a brief moment (maybe 1-2 seconds) and then automatically turns off again.

Can someone please help me fix my issues?
Thank you!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:35 PM

Posted 25 September 2012 - 09:06 AM

Try this

go to

C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE

Right click on it and select run as administrator and run it

Click ok,this should restore the backup hives

Restart the PC and you should be able to connect

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 PicNroll

PicNroll
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 25 September 2012 - 09:15 AM

I ran ERDNT.EXE as admin, then rebooted. I still cannot access the Internet - same issue, connected to Wireless Lan but "No Internet" (other computers on the wireless Lan connect fine). I will download the other programs listed above on another laptop, will transfer to PC and run and follow the rest of the instructions.

Thank you.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:35 PM

Posted 25 September 2012 - 09:17 AM

Uninstall mcafee using this tool

http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe

Restart the PC and see if you're able to connect now

#5 PicNroll

PicNroll
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 25 September 2012 - 10:33 AM

Ok - I uninstalled McAfee and rebooted. I'm now able to get to the Internet - Yay! I'm still following directions from your first post above. Information below:

09:28:40.0863 4864 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
09:28:41.0409 4864 ============================================================
09:28:41.0409 4864 Current date / time: 2012/09/25 09:28:41.0409
09:28:41.0409 4864 SystemInfo:
09:28:41.0409 4864
09:28:41.0409 4864 OS Version: 6.1.7601 ServicePack: 1.0
09:28:41.0409 4864 Product type: Workstation
09:28:41.0409 4864 ComputerName: STUDY-PC
09:28:41.0409 4864 UserName: Thales
09:28:41.0409 4864 Windows directory: C:\Windows
09:28:41.0409 4864 System windows directory: C:\Windows
09:28:41.0409 4864 Running under WOW64
09:28:41.0409 4864 Processor architecture: Intel x64
09:28:41.0409 4864 Number of processors: 2
09:28:41.0409 4864 Page size: 0x1000
09:28:41.0409 4864 Boot type: Normal boot
09:28:41.0409 4864 ============================================================
09:28:42.0751 4864 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:28:42.0766 4864 Drive \Device\Harddisk2\DR2 - Size: 0x76C00000 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:28:42.0766 4864 ============================================================
09:28:42.0766 4864 \Device\Harddisk0\DR0:
09:28:42.0766 4864 MBR partitions:
09:28:42.0766 4864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x2F17000
09:28:42.0766 4864 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2F2B000, BlocksNum 0x3745A800
09:28:42.0766 4864 \Device\Harddisk2\DR2:
09:28:42.0766 4864 MBR partitions:
09:28:42.0766 4864 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x6, StartLBA 0x40, BlocksNum 0x3B5FC0
09:28:42.0766 4864 ============================================================
09:28:42.0797 4864 C: <-> \Device\Harddisk0\DR0\Partition2
09:28:42.0797 4864 ============================================================
09:28:42.0797 4864 Initialize success
09:28:42.0797 4864 ============================================================
09:28:48.0944 5324 ============================================================
09:28:48.0944 5324 Scan started
09:28:48.0944 5324 Mode: Manual; TDLFS;
09:28:48.0944 5324 ============================================================
09:28:49.0490 5324 ================ Scan system memory ========================
09:28:49.0490 5324 System memory - ok
09:28:49.0490 5324 ================ Scan services =============================
09:28:49.0677 5324 0166111348583023mcinstcleanup - ok
09:28:50.0083 5324 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:28:50.0083 5324 1394ohci - ok
09:28:50.0098 5324 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:28:50.0098 5324 ACPI - ok
09:28:50.0114 5324 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:28:50.0114 5324 AcpiPmi - ok
09:28:50.0223 5324 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
09:28:50.0223 5324 AdobeActiveFileMonitor9.0 - ok
09:28:50.0317 5324 [ 86D0D87CB86588818805CF29E0CA14DF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:28:50.0332 5324 AdobeFlashPlayerUpdateSvc - ok
09:28:50.0379 5324 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:28:50.0395 5324 adp94xx - ok
09:28:50.0442 5324 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:28:50.0442 5324 adpahci - ok
09:28:50.0457 5324 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:28:50.0457 5324 adpu320 - ok
09:28:50.0520 5324 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:28:50.0520 5324 AeLookupSvc - ok
09:28:50.0582 5324 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
09:28:50.0582 5324 AERTFilters - ok
09:28:50.0644 5324 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:28:50.0644 5324 AFD - ok
09:28:50.0691 5324 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:28:50.0691 5324 agp440 - ok
09:28:50.0738 5324 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:28:50.0754 5324 ALG - ok
09:28:50.0769 5324 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:28:50.0769 5324 aliide - ok
09:28:50.0785 5324 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:28:50.0785 5324 amdide - ok
09:28:50.0785 5324 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:28:50.0785 5324 AmdK8 - ok
09:28:50.0816 5324 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:28:50.0816 5324 AmdPPM - ok
09:28:50.0832 5324 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:28:50.0832 5324 amdsata - ok
09:28:50.0847 5324 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:28:50.0863 5324 amdsbs - ok
09:28:50.0863 5324 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:28:50.0863 5324 amdxata - ok
09:28:50.0878 5324 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:28:50.0878 5324 AppID - ok
09:28:50.0894 5324 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:28:50.0894 5324 AppIDSvc - ok
09:28:50.0894 5324 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:28:50.0894 5324 Appinfo - ok
09:28:50.0941 5324 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:28:50.0941 5324 arc - ok
09:28:50.0956 5324 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:28:50.0956 5324 arcsas - ok
09:28:51.0081 5324 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:28:51.0097 5324 aspnet_state - ok
09:28:51.0144 5324 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:28:51.0144 5324 AsyncMac - ok
09:28:51.0206 5324 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:28:51.0206 5324 atapi - ok
09:28:51.0253 5324 [ 7D0398396727195CC73D703001D3CFF4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:28:51.0300 5324 athr - ok
09:28:51.0362 5324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:28:51.0362 5324 AudioEndpointBuilder - ok
09:28:51.0378 5324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:28:51.0378 5324 AudioSrv - ok
09:28:51.0440 5324 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:28:51.0440 5324 AxInstSV - ok
09:28:51.0502 5324 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:28:51.0502 5324 b06bdrv - ok
09:28:51.0518 5324 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:28:51.0518 5324 b57nd60a - ok
09:28:51.0596 5324 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:28:51.0596 5324 BBSvc - ok
09:28:51.0627 5324 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:28:51.0627 5324 BBUpdate - ok
09:28:51.0674 5324 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:28:51.0674 5324 BDESVC - ok
09:28:51.0705 5324 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:28:51.0705 5324 Beep - ok
09:28:51.0783 5324 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:28:51.0799 5324 BFE - ok
09:28:51.0814 5324 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
09:28:51.0830 5324 BITS - ok
09:28:51.0877 5324 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:28:51.0877 5324 blbdrive - ok
09:28:51.0908 5324 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:28:51.0924 5324 bowser - ok
09:28:51.0924 5324 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:28:51.0924 5324 BrFiltLo - ok
09:28:51.0939 5324 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:28:51.0939 5324 BrFiltUp - ok
09:28:51.0939 5324 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:28:51.0955 5324 BridgeMP - ok
09:28:51.0970 5324 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:28:51.0970 5324 Browser - ok
09:28:51.0986 5324 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:28:51.0986 5324 Brserid - ok
09:28:51.0986 5324 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:28:52.0002 5324 BrSerWdm - ok
09:28:52.0002 5324 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:28:52.0002 5324 BrUsbMdm - ok
09:28:52.0002 5324 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:28:52.0002 5324 BrUsbSer - ok
09:28:52.0002 5324 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:28:52.0017 5324 BTHMODEM - ok
09:28:52.0095 5324 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:28:52.0095 5324 bthserv - ok
09:28:52.0095 5324 catchme - ok
09:28:52.0111 5324 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:28:52.0126 5324 cdfs - ok
09:28:52.0158 5324 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:28:52.0173 5324 cdrom - ok
09:28:52.0220 5324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:28:52.0220 5324 CertPropSvc - ok
09:28:52.0236 5324 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:28:52.0236 5324 circlass - ok
09:28:52.0251 5324 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:28:52.0251 5324 CLFS - ok
09:28:52.0329 5324 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:28:52.0329 5324 clr_optimization_v2.0.50727_32 - ok
09:28:52.0360 5324 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:28:52.0360 5324 clr_optimization_v2.0.50727_64 - ok
09:28:52.0454 5324 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:28:52.0485 5324 clr_optimization_v4.0.30319_32 - ok
09:28:52.0532 5324 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:28:52.0532 5324 clr_optimization_v4.0.30319_64 - ok
09:28:52.0594 5324 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:28:52.0594 5324 CmBatt - ok
09:28:52.0594 5324 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:28:52.0594 5324 cmdide - ok
09:28:52.0657 5324 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:28:52.0657 5324 CNG - ok
09:28:52.0672 5324 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:28:52.0672 5324 Compbatt - ok
09:28:52.0704 5324 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:28:52.0704 5324 CompositeBus - ok
09:28:52.0735 5324 COMSysApp - ok
09:28:52.0782 5324 [ A0050420B91E097C178DFC3C0598F67B ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
09:28:52.0782 5324 cphs - ok
09:28:52.0797 5324 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:28:52.0797 5324 crcdisk - ok
09:28:52.0860 5324 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:28:52.0860 5324 CryptSvc - ok
09:28:52.0891 5324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:28:52.0891 5324 DcomLaunch - ok
09:28:52.0922 5324 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:28:52.0922 5324 defragsvc - ok
09:28:53.0000 5324 [ 2050309BAB03DFCEE455DBF913BF91B1 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
09:28:53.0016 5324 DellDigitalDelivery - ok
09:28:53.0031 5324 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:28:53.0031 5324 DfsC - ok
09:28:53.0078 5324 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:28:53.0078 5324 Dhcp - ok
09:28:53.0109 5324 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:28:53.0109 5324 discache - ok
09:28:53.0140 5324 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:28:53.0156 5324 Disk - ok
09:28:53.0187 5324 dlbu_device - ok
09:28:53.0218 5324 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:28:53.0218 5324 Dnscache - ok
09:28:53.0234 5324 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:28:53.0234 5324 dot3svc - ok
09:28:53.0250 5324 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:28:53.0250 5324 DPS - ok
09:28:53.0296 5324 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:28:53.0296 5324 drmkaud - ok
09:28:53.0343 5324 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:28:53.0343 5324 DXGKrnl - ok
09:28:53.0406 5324 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:28:53.0406 5324 EapHost - ok
09:28:53.0468 5324 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:28:53.0530 5324 ebdrv - ok
09:28:53.0546 5324 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:28:53.0546 5324 EFS - ok
09:28:53.0624 5324 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:28:53.0640 5324 ehRecvr - ok
09:28:53.0640 5324 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:28:53.0640 5324 ehSched - ok
09:28:53.0686 5324 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:28:53.0702 5324 elxstor - ok
09:28:53.0702 5324 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:28:53.0702 5324 ErrDev - ok
09:28:53.0733 5324 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:28:53.0733 5324 EventSystem - ok
09:28:53.0749 5324 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:28:53.0749 5324 exfat - ok
09:28:53.0764 5324 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:28:53.0780 5324 fastfat - ok
09:28:53.0827 5324 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:28:53.0827 5324 Fax - ok
09:28:53.0827 5324 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:28:53.0827 5324 fdc - ok
09:28:53.0874 5324 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:28:53.0874 5324 fdPHost - ok
09:28:53.0889 5324 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:28:53.0889 5324 FDResPub - ok
09:28:53.0936 5324 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:28:53.0936 5324 FileInfo - ok
09:28:53.0936 5324 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:28:53.0936 5324 Filetrace - ok
09:28:53.0952 5324 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:28:53.0952 5324 flpydisk - ok
09:28:53.0967 5324 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:28:53.0967 5324 FltMgr - ok
09:28:53.0998 5324 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:28:54.0014 5324 FontCache - ok
09:28:54.0061 5324 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:28:54.0061 5324 FontCache3.0.0.0 - ok
09:28:54.0076 5324 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:28:54.0076 5324 FsDepends - ok
09:28:54.0076 5324 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:28:54.0092 5324 Fs_Rec - ok
09:28:54.0139 5324 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:28:54.0139 5324 fvevol - ok
09:28:54.0170 5324 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:28:54.0186 5324 gagp30kx - ok
09:28:54.0248 5324 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
09:28:54.0248 5324 GamesAppService - ok
09:28:54.0279 5324 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:28:54.0295 5324 gpsvc - ok
09:28:54.0310 5324 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:28:54.0310 5324 hcw85cir - ok
09:28:54.0342 5324 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:28:54.0357 5324 HDAudBus - ok
09:28:54.0373 5324 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:28:54.0373 5324 HidBatt - ok
09:28:54.0373 5324 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:28:54.0373 5324 HidBth - ok
09:28:54.0420 5324 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:28:54.0420 5324 HidIr - ok
09:28:54.0435 5324 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
09:28:54.0435 5324 hidserv - ok
09:28:54.0482 5324 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:28:54.0482 5324 HidUsb - ok
09:28:54.0498 5324 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:28:54.0498 5324 hkmsvc - ok
09:28:54.0544 5324 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:28:54.0544 5324 HomeGroupListener - ok
09:28:54.0576 5324 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:28:54.0576 5324 HomeGroupProvider - ok
09:28:54.0591 5324 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:28:54.0591 5324 HpSAMD - ok
09:28:54.0638 5324 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:28:54.0654 5324 HTTP - ok
09:28:54.0669 5324 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:28:54.0669 5324 hwpolicy - ok
09:28:54.0716 5324 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:28:54.0716 5324 i8042prt - ok
09:28:54.0778 5324 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
09:28:54.0778 5324 iaStor - ok
09:28:54.0825 5324 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:28:54.0825 5324 IAStorDataMgrSvc - ok
09:28:54.0856 5324 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:28:54.0872 5324 iaStorV - ok
09:28:54.0903 5324 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:28:54.0919 5324 idsvc - ok
09:28:55.0106 5324 [ 0638D16029B1C800908D965AC78970C7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:28:55.0278 5324 igfx - ok
09:28:55.0324 5324 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:28:55.0324 5324 iirsp - ok
09:28:55.0356 5324 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:28:55.0371 5324 IKEEXT - ok
09:28:55.0449 5324 [ ACACD1B925D448558C1C9D0258749451 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:28:55.0465 5324 IntcAzAudAddService - ok
09:28:55.0496 5324 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
09:28:55.0496 5324 IntcDAud - ok
09:28:55.0590 5324 [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
09:28:55.0605 5324 Intel® Capability Licensing Service Interface - ok
09:28:55.0621 5324 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:28:55.0621 5324 intelide - ok
09:28:55.0652 5324 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:28:55.0652 5324 intelppm - ok
09:28:55.0699 5324 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:28:55.0699 5324 IPBusEnum - ok
09:28:55.0714 5324 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:28:55.0714 5324 IpFilterDriver - ok
09:28:55.0777 5324 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:28:55.0777 5324 iphlpsvc - ok
09:28:55.0792 5324 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:28:55.0792 5324 IPMIDRV - ok
09:28:55.0808 5324 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:28:55.0808 5324 IPNAT - ok
09:28:55.0839 5324 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:28:55.0839 5324 IRENUM - ok
09:28:55.0855 5324 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:28:55.0855 5324 isapnp - ok
09:28:55.0870 5324 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:28:55.0870 5324 iScsiPrt - ok
09:28:55.0917 5324 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
09:28:55.0933 5324 iusb3hcs - ok
09:28:55.0964 5324 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
09:28:55.0964 5324 iusb3hub - ok
09:28:56.0026 5324 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
09:28:56.0026 5324 iusb3xhc - ok
09:28:56.0073 5324 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:28:56.0073 5324 kbdclass - ok
09:28:56.0104 5324 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:28:56.0104 5324 kbdhid - ok
09:28:56.0120 5324 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:28:56.0120 5324 KeyIso - ok
09:28:56.0151 5324 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:28:56.0151 5324 KSecDD - ok
09:28:56.0167 5324 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:28:56.0167 5324 KSecPkg - ok
09:28:56.0167 5324 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:28:56.0182 5324 ksthunk - ok
09:28:56.0229 5324 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:28:56.0245 5324 KtmRm - ok
09:28:56.0292 5324 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
09:28:56.0307 5324 LanmanServer - ok
09:28:56.0323 5324 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:28:56.0323 5324 LanmanWorkstation - ok
09:28:56.0370 5324 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:28:56.0370 5324 lltdio - ok
09:28:56.0385 5324 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:28:56.0385 5324 lltdsvc - ok
09:28:56.0401 5324 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:28:56.0401 5324 lmhosts - ok
09:28:56.0494 5324 [ 8D82CBBF5A8532D9A21A64BBCB774EE7 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:28:56.0494 5324 LMS - ok
09:28:56.0541 5324 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:28:56.0557 5324 LSI_FC - ok
09:28:56.0557 5324 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:28:56.0557 5324 LSI_SAS - ok
09:28:56.0572 5324 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:28:56.0572 5324 LSI_SAS2 - ok
09:28:56.0572 5324 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:28:56.0572 5324 LSI_SCSI - ok
09:28:56.0588 5324 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:28:56.0588 5324 luafv - ok
09:28:56.0728 5324 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
09:28:56.0822 5324 LVUVC64 - ok
09:28:56.0838 5324 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:28:56.0838 5324 Mcx2Svc - ok
09:28:56.0853 5324 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:28:56.0853 5324 megasas - ok
09:28:56.0900 5324 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:28:56.0900 5324 MegaSR - ok
09:28:56.0947 5324 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:28:56.0947 5324 MEIx64 - ok
09:28:57.0009 5324 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:28:57.0009 5324 MMCSS - ok
09:28:57.0009 5324 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:28:57.0009 5324 Modem - ok
09:28:57.0025 5324 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:28:57.0025 5324 monitor - ok
09:28:57.0040 5324 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:28:57.0040 5324 mouclass - ok
09:28:57.0087 5324 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:28:57.0087 5324 mouhid - ok
09:28:57.0118 5324 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:28:57.0134 5324 mountmgr - ok
09:28:57.0134 5324 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:28:57.0134 5324 mpio - ok
09:28:57.0150 5324 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:28:57.0150 5324 mpsdrv - ok
09:28:57.0181 5324 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:28:57.0181 5324 MpsSvc - ok
09:28:57.0196 5324 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:28:57.0196 5324 MRxDAV - ok
09:28:57.0228 5324 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:28:57.0228 5324 mrxsmb - ok
09:28:57.0243 5324 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:28:57.0243 5324 mrxsmb10 - ok
09:28:57.0259 5324 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:28:57.0259 5324 mrxsmb20 - ok
09:28:57.0274 5324 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:28:57.0290 5324 msahci - ok
09:28:57.0306 5324 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:28:57.0306 5324 msdsm - ok
09:28:57.0321 5324 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:28:57.0337 5324 MSDTC - ok
09:28:57.0352 5324 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:28:57.0352 5324 Msfs - ok
09:28:57.0399 5324 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:28:57.0399 5324 mshidkmdf - ok
09:28:57.0415 5324 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:28:57.0415 5324 msisadrv - ok
09:28:57.0415 5324 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:28:57.0430 5324 MSiSCSI - ok
09:28:57.0430 5324 msiserver - ok
09:28:57.0462 5324 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:28:57.0462 5324 MSKSSRV - ok
09:28:57.0477 5324 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:28:57.0477 5324 MSPCLOCK - ok
09:28:57.0493 5324 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:28:57.0493 5324 MSPQM - ok
09:28:57.0508 5324 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:28:57.0508 5324 MsRPC - ok
09:28:57.0524 5324 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:28:57.0524 5324 mssmbios - ok
09:28:57.0524 5324 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:28:57.0524 5324 MSTEE - ok
09:28:57.0540 5324 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:28:57.0555 5324 MTConfig - ok
09:28:57.0571 5324 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:28:57.0571 5324 Mup - ok
09:28:57.0586 5324 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:28:57.0586 5324 napagent - ok
09:28:57.0649 5324 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:28:57.0649 5324 NativeWifiP - ok
09:28:57.0742 5324 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
09:28:57.0742 5324 NAUpdate - ok
09:28:57.0789 5324 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:28:57.0805 5324 NDIS - ok
09:28:57.0805 5324 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:28:57.0805 5324 NdisCap - ok
09:28:57.0852 5324 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:28:57.0852 5324 NdisTapi - ok
09:28:57.0883 5324 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:28:57.0883 5324 Ndisuio - ok
09:28:57.0930 5324 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:28:57.0930 5324 NdisWan - ok
09:28:57.0945 5324 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:28:57.0945 5324 NDProxy - ok
09:28:57.0961 5324 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:28:57.0961 5324 NetBIOS - ok
09:28:57.0976 5324 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:28:57.0976 5324 NetBT - ok
09:28:58.0023 5324 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:28:58.0023 5324 Netlogon - ok
09:28:58.0039 5324 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:28:58.0054 5324 Netman - ok
09:28:58.0101 5324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:28:58.0132 5324 NetMsmqActivator - ok
09:28:58.0148 5324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:28:58.0148 5324 NetPipeActivator - ok
09:28:58.0164 5324 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:28:58.0164 5324 netprofm - ok
09:28:58.0195 5324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:28:58.0195 5324 NetTcpActivator - ok
09:28:58.0195 5324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:28:58.0195 5324 NetTcpPortSharing - ok
09:28:58.0226 5324 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:28:58.0226 5324 nfrd960 - ok
09:28:58.0273 5324 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:28:58.0273 5324 NlaSvc - ok
09:28:58.0398 5324 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
09:28:58.0460 5324 NOBU - ok
09:28:58.0476 5324 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:28:58.0476 5324 Npfs - ok
09:28:58.0507 5324 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:28:58.0507 5324 nsi - ok
09:28:58.0507 5324 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:28:58.0507 5324 nsiproxy - ok
09:28:58.0554 5324 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:28:58.0585 5324 Ntfs - ok
09:28:58.0600 5324 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:28:58.0600 5324 Null - ok
09:28:58.0616 5324 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:28:58.0616 5324 nvraid - ok
09:28:58.0616 5324 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:28:58.0616 5324 nvstor - ok
09:28:58.0632 5324 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:28:58.0632 5324 nv_agp - ok
09:28:58.0647 5324 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:28:58.0647 5324 ohci1394 - ok
09:28:58.0678 5324 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:28:58.0694 5324 ose - ok
09:28:58.0772 5324 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:28:58.0866 5324 osppsvc - ok
09:28:58.0881 5324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:28:58.0881 5324 p2pimsvc - ok
09:28:58.0912 5324 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:28:58.0912 5324 p2psvc - ok
09:28:58.0928 5324 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:28:58.0928 5324 Parport - ok
09:28:58.0959 5324 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:28:58.0959 5324 partmgr - ok
09:28:58.0975 5324 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:28:58.0975 5324 PcaSvc - ok
09:28:59.0006 5324 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:28:59.0006 5324 pci - ok
09:28:59.0022 5324 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:28:59.0022 5324 pciide - ok
09:28:59.0037 5324 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:28:59.0037 5324 pcmcia - ok
09:28:59.0053 5324 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:28:59.0053 5324 pcw - ok
09:28:59.0068 5324 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:28:59.0068 5324 PEAUTH - ok
09:28:59.0131 5324 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:28:59.0131 5324 PerfHost - ok
09:28:59.0162 5324 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:28:59.0193 5324 pla - ok
09:28:59.0271 5324 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:28:59.0287 5324 PlugPlay - ok
09:28:59.0287 5324 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:28:59.0287 5324 PNRPAutoReg - ok
09:28:59.0302 5324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:28:59.0318 5324 PNRPsvc - ok
09:28:59.0334 5324 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:28:59.0334 5324 PolicyAgent - ok
09:28:59.0365 5324 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
09:28:59.0365 5324 Power - ok
09:28:59.0412 5324 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:28:59.0412 5324 PptpMiniport - ok
09:28:59.0427 5324 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:28:59.0427 5324 Processor - ok
09:28:59.0458 5324 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:28:59.0474 5324 ProfSvc - ok
09:28:59.0490 5324 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:28:59.0490 5324 ProtectedStorage - ok
09:28:59.0521 5324 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:28:59.0536 5324 Psched - ok
09:28:59.0552 5324 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:28:59.0552 5324 PxHlpa64 - ok
09:28:59.0599 5324 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:28:59.0614 5324 ql2300 - ok
09:28:59.0630 5324 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:28:59.0630 5324 ql40xx - ok
09:28:59.0646 5324 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:28:59.0646 5324 QWAVE - ok
09:28:59.0661 5324 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:28:59.0661 5324 QWAVEdrv - ok
09:28:59.0661 5324 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:28:59.0661 5324 RasAcd - ok
09:28:59.0708 5324 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:28:59.0708 5324 RasAgileVpn - ok
09:28:59.0724 5324 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:28:59.0724 5324 RasAuto - ok
09:28:59.0724 5324 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:28:59.0739 5324 Rasl2tp - ok
09:28:59.0755 5324 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:28:59.0755 5324 RasMan - ok
09:28:59.0770 5324 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:28:59.0770 5324 RasPppoe - ok
09:28:59.0770 5324 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:28:59.0786 5324 RasSstp - ok
09:28:59.0802 5324 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:28:59.0802 5324 rdbss - ok
09:28:59.0817 5324 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:28:59.0817 5324 rdpbus - ok
09:28:59.0864 5324 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:28:59.0864 5324 RDPCDD - ok
09:28:59.0880 5324 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:28:59.0880 5324 RDPENCDD - ok
09:28:59.0926 5324 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:28:59.0926 5324 RDPREFMP - ok
09:28:59.0942 5324 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:28:59.0958 5324 RDPWD - ok
09:28:59.0989 5324 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:28:59.0989 5324 rdyboost - ok
09:29:00.0004 5324 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:29:00.0004 5324 RemoteAccess - ok
09:29:00.0020 5324 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:29:00.0036 5324 RemoteRegistry - ok
09:29:00.0036 5324 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:29:00.0036 5324 RpcEptMapper - ok
09:29:00.0051 5324 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:29:00.0051 5324 RpcLocator - ok
09:29:00.0082 5324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:29:00.0082 5324 RpcSs - ok
09:29:00.0098 5324 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:29:00.0098 5324 rspndr - ok
09:29:00.0160 5324 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:29:00.0176 5324 RTL8167 - ok
09:29:00.0176 5324 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:29:00.0176 5324 SamSs - ok
09:29:00.0207 5324 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:29:00.0207 5324 sbp2port - ok
09:29:00.0223 5324 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:29:00.0223 5324 SCardSvr - ok
09:29:00.0238 5324 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:29:00.0238 5324 scfilter - ok
09:29:00.0270 5324 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:29:00.0285 5324 Schedule - ok
09:29:00.0316 5324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:29:00.0316 5324 SCPolicySvc - ok
09:29:00.0332 5324 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:29:00.0332 5324 SDRSVC - ok
09:29:00.0379 5324 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:29:00.0379 5324 secdrv - ok
09:29:00.0379 5324 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:29:00.0394 5324 seclogon - ok
09:29:00.0394 5324 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
09:29:00.0394 5324 SENS - ok
09:29:00.0441 5324 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:29:00.0441 5324 SensrSvc - ok
09:29:00.0472 5324 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:29:00.0472 5324 Serenum - ok
09:29:00.0519 5324 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:29:00.0519 5324 Serial - ok
09:29:00.0535 5324 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:29:00.0535 5324 sermouse - ok
09:29:00.0550 5324 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:29:00.0550 5324 SessionEnv - ok
09:29:00.0566 5324 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:29:00.0566 5324 sffdisk - ok
09:29:00.0566 5324 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:29:00.0566 5324 sffp_mmc - ok
09:29:00.0566 5324 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:29:00.0566 5324 sffp_sd - ok
09:29:00.0566 5324 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:29:00.0582 5324 sfloppy - ok
09:29:00.0628 5324 [ 4215C271D6E6898C3F4DABAB4F387DC9 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
09:29:00.0675 5324 SftService - ok
09:29:00.0722 5324 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:29:00.0738 5324 SharedAccess - ok
09:29:00.0753 5324 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:29:00.0753 5324 ShellHWDetection - ok
09:29:00.0800 5324 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:29:00.0800 5324 SiSRaid2 - ok
09:29:00.0800 5324 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:29:00.0816 5324 SiSRaid4 - ok
09:29:00.0878 5324 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:29:00.0878 5324 SkypeUpdate - ok
09:29:00.0925 5324 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:29:00.0925 5324 Smb - ok
09:29:00.0972 5324 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:29:00.0972 5324 SNMPTRAP - ok
09:29:00.0987 5324 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:29:00.0987 5324 spldr - ok
09:29:01.0003 5324 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:29:01.0003 5324 Spooler - ok
09:29:01.0081 5324 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:29:01.0128 5324 sppsvc - ok
09:29:01.0143 5324 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:29:01.0143 5324 sppuinotify - ok
09:29:01.0159 5324 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:29:01.0159 5324 srv - ok
09:29:01.0174 5324 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:29:01.0174 5324 srv2 - ok
09:29:01.0206 5324 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:29:01.0206 5324 srvnet - ok
09:29:01.0206 5324 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:29:01.0221 5324 SSDPSRV - ok
09:29:01.0221 5324 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:29:01.0237 5324 SstpSvc - ok
09:29:01.0252 5324 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:29:01.0252 5324 stexstor - ok
09:29:01.0268 5324 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:29:01.0268 5324 stisvc - ok
09:29:01.0284 5324 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:29:01.0284 5324 swenum - ok
09:29:01.0299 5324 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:29:01.0315 5324 swprv - ok
09:29:01.0346 5324 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:29:01.0362 5324 SysMain - ok
09:29:01.0377 5324 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:29:01.0377 5324 TabletInputService - ok
09:29:01.0393 5324 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:29:01.0393 5324 TapiSrv - ok
09:29:01.0393 5324 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:29:01.0393 5324 TBS - ok
09:29:01.0486 5324 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:29:01.0518 5324 Tcpip - ok
09:29:01.0549 5324 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:29:01.0564 5324 TCPIP6 - ok
09:29:01.0580 5324 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:29:01.0580 5324 tcpipreg - ok
09:29:01.0596 5324 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:29:01.0596 5324 TDPIPE - ok
09:29:01.0627 5324 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:29:01.0627 5324 TDTCP - ok
09:29:01.0674 5324 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:29:01.0674 5324 tdx - ok
09:29:01.0689 5324 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:29:01.0689 5324 TermDD - ok
09:29:01.0705 5324 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:29:01.0720 5324 TermService - ok
09:29:01.0736 5324 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:29:01.0736 5324 Themes - ok
09:29:01.0752 5324 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:29:01.0752 5324 THREADORDER - ok
09:29:01.0767 5324 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:29:01.0767 5324 TrkWks - ok
09:29:01.0814 5324 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:29:01.0814 5324 TrustedInstaller - ok
09:29:01.0830 5324 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:29:01.0830 5324 tssecsrv - ok
09:29:01.0876 5324 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:29:01.0876 5324 TsUsbFlt - ok
09:29:01.0892 5324 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:29:01.0892 5324 TsUsbGD - ok
09:29:01.0939 5324 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:29:01.0939 5324 tunnel - ok
09:29:01.0954 5324 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:29:01.0954 5324 uagp35 - ok
09:29:01.0954 5324 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:29:01.0970 5324 udfs - ok
09:29:02.0001 5324 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:29:02.0001 5324 UI0Detect - ok
09:29:02.0001 5324 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:29:02.0001 5324 uliagpkx - ok
09:29:02.0017 5324 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:29:02.0017 5324 umbus - ok
09:29:02.0017 5324 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:29:02.0017 5324 UmPass - ok
09:29:02.0126 5324 [ 875A3B86D821151C84A4DFD40309C72D ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:29:02.0142 5324 UNS - ok
09:29:02.0157 5324 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:29:02.0173 5324 upnphost - ok
09:29:02.0220 5324 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:29:02.0220 5324 usbaudio - ok
09:29:02.0235 5324 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:29:02.0235 5324 usbccgp - ok
09:29:02.0282 5324 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:29:02.0282 5324 usbcir - ok
09:29:02.0298 5324 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:29:02.0298 5324 usbehci - ok
09:29:02.0344 5324 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:29:02.0360 5324 usbhub - ok
09:29:02.0360 5324 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:29:02.0376 5324 usbohci - ok
09:29:02.0391 5324 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:29:02.0391 5324 usbprint - ok
09:29:02.0438 5324 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:29:02.0438 5324 usbscan - ok
09:29:02.0454 5324 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:29:02.0454 5324 USBSTOR - ok
09:29:02.0469 5324 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:29:02.0469 5324 usbuhci - ok
09:29:02.0485 5324 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:29:02.0500 5324 usbvideo - ok
09:29:02.0516 5324 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:29:02.0516 5324 UxSms - ok
09:29:02.0547 5324 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:29:02.0563 5324 VaultSvc - ok
09:29:02.0594 5324 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:29:02.0594 5324 vdrvroot - ok
09:29:02.0625 5324 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:29:02.0625 5324 vds - ok
09:29:02.0641 5324 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:29:02.0641 5324 vga - ok
09:29:02.0641 5324 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:29:02.0641 5324 VgaSave - ok
09:29:02.0672 5324 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:29:02.0672 5324 vhdmp - ok
09:29:02.0672 5324 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:29:02.0672 5324 viaide - ok
09:29:02.0688 5324 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:29:02.0688 5324 volmgr - ok
09:29:02.0703 5324 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:29:02.0703 5324 volmgrx - ok
09:29:02.0719 5324 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:29:02.0719 5324 volsnap - ok
09:29:02.0766 5324 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:29:02.0766 5324 vsmraid - ok
09:29:02.0797 5324 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:29:02.0828 5324 VSS - ok
09:29:02.0844 5324 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:29:02.0844 5324 vwifibus - ok
09:29:02.0890 5324 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:29:02.0890 5324 vwififlt - ok
09:29:02.0937 5324 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:29:02.0937 5324 vwifimp - ok
09:29:02.0953 5324 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:29:02.0953 5324 W32Time - ok
09:29:02.0968 5324 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:29:02.0968 5324 WacomPen - ok
09:29:03.0000 5324 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:29:03.0015 5324 WANARP - ok
09:29:03.0015 5324 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:29:03.0015 5324 Wanarpv6 - ok
09:29:03.0109 5324 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:29:03.0140 5324 WatAdminSvc - ok
09:29:03.0171 5324 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:29:03.0187 5324 wbengine - ok
09:29:03.0202 5324 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:29:03.0202 5324 WbioSrvc - ok
09:29:03.0234 5324 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:29:03.0234 5324 wcncsvc - ok
09:29:03.0249 5324 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:29:03.0249 5324 WcsPlugInService - ok
09:29:03.0265 5324 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:29:03.0265 5324 Wd - ok
09:29:03.0327 5324 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
09:29:03.0327 5324 WDC_SAM - ok
09:29:03.0343 5324 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:29:03.0358 5324 Wdf01000 - ok
09:29:03.0374 5324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:29:03.0374 5324 WdiServiceHost - ok
09:29:03.0374 5324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:29:03.0374 5324 WdiSystemHost - ok
09:29:03.0390 5324 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:29:03.0405 5324 WebClient - ok
09:29:03.0421 5324 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:29:03.0421 5324 Wecsvc - ok
09:29:03.0436 5324 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:29:03.0436 5324 wercplsupport - ok
09:29:03.0452 5324 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:29:03.0452 5324 WerSvc - ok
09:29:03.0483 5324 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:29:03.0483 5324 WfpLwf - ok
09:29:03.0514 5324 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:29:03.0514 5324 WimFltr - ok
09:29:03.0530 5324 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:29:03.0546 5324 WIMMount - ok
09:29:03.0577 5324 WinDefend - ok
09:29:03.0592 5324 WinHttpAutoProxySvc - ok
09:29:03.0639 5324 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:29:03.0639 5324 Winmgmt - ok
09:29:03.0686 5324 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:29:03.0717 5324 WinRM - ok
09:29:03.0780 5324 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:29:03.0795 5324 Wlansvc - ok
09:29:03.0858 5324 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:29:03.0858 5324 wlcrasvc - ok
09:29:03.0936 5324 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:29:03.0982 5324 wlidsvc - ok
09:29:03.0998 5324 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:29:03.0998 5324 WmiAcpi - ok
09:29:04.0014 5324 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:29:04.0029 5324 wmiApSrv - ok
09:29:04.0076 5324 WMPNetworkSvc - ok
09:29:04.0123 5324 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:29:04.0123 5324 WPCSvc - ok
09:29:04.0123 5324 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:29:04.0138 5324 WPDBusEnum - ok
09:29:04.0154 5324 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:29:04.0154 5324 ws2ifsl - ok
09:29:04.0154 5324 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
09:29:04.0170 5324 wscsvc - ok
09:29:04.0170 5324 WSearch - ok
09:29:04.0216 5324 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:29:04.0248 5324 wuauserv - ok
09:29:04.0263 5324 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:29:04.0263 5324 WudfPf - ok
09:29:04.0310 5324 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:29:04.0310 5324 WUDFRd - ok
09:29:04.0326 5324 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:29:04.0326 5324 wudfsvc - ok
09:29:04.0341 5324 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:29:04.0341 5324 WwanSvc - ok
09:29:04.0372 5324 [ 47EB29D06DC0B3C1D19B0B19BBBAD81F ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
09:29:04.0372 5324 ZAtheros Wlan Agent - ok
09:29:04.0404 5324 ================ Scan global ===============================
09:29:04.0435 5324 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:29:04.0466 5324 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:29:04.0466 5324 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:29:04.0482 5324 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:29:04.0497 5324 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:29:04.0513 5324 [Global] - ok
09:29:04.0513 5324 ================ Scan MBR ==================================
09:29:04.0513 5324 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:29:04.0778 5324 \Device\Harddisk0\DR0 - ok
09:29:04.0778 5324 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk2\DR2
09:29:05.0262 5324 \Device\Harddisk2\DR2 - ok
09:29:05.0262 5324 ================ Scan VBR ==================================
09:29:05.0262 5324 [ 91CD43491E707C2F7E63A0E0B1C87A40 ] \Device\Harddisk0\DR0\Partition1
09:29:05.0262 5324 \Device\Harddisk0\DR0\Partition1 - ok
09:29:05.0293 5324 [ AB61D91FB274176E053363CCA3AF4AE4 ] \Device\Harddisk0\DR0\Partition2
09:29:05.0293 5324 \Device\Harddisk0\DR0\Partition2 - ok
09:29:05.0293 5324 [ BAB8CD93188DAACBBA175A2FD7AB4D1E ] \Device\Harddisk2\DR2\Partition1
09:29:05.0293 5324 \Device\Harddisk2\DR2\Partition1 - ok
09:29:05.0293 5324 ============================================================
09:29:05.0293 5324 Scan finished
09:29:05.0293 5324 ============================================================
09:29:05.0308 4956 Detected object count: 0
09:29:05.0308 4956 Actual detected object count: 0

===============================================================================================================

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-25 09:37:39
-----------------------------
09:37:39.346 OS Version: Windows x64 6.1.7601 Service Pack 1
09:37:39.346 Number of processors: 2 586 0x2A07
09:37:39.347 ComputerName: STUDY-PC UserName: Thales
09:37:41.698 Initialize success
09:38:57.977 AVAST engine defs: 12092500
09:39:17.535 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:39:17.538 Disk 0 Vendor: ST500DM0 KC45 Size: 476940MB BusType: 3
09:39:17.540 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000007b
09:39:17.543 Disk 2 Vendor: Size: 476940MB BusType: 0
09:39:17.569 Disk 0 MBR read successfully
09:39:17.572 Disk 0 MBR scan
09:39:17.577 Disk 0 Windows VISTA default MBR code
09:39:17.581 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
09:39:17.586 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 24110 MB offset 81920
09:39:17.599 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 452789 MB offset 49459200
09:39:17.625 Disk 0 scanning C:\Windows\system32\drivers
09:39:24.929 Service scanning
09:39:40.966 Modules scanning
09:39:40.974 Disk 0 trace - called modules:
09:39:41.003 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
09:39:41.008 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045f2060]
09:39:41.013 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> [0xfffffa8004193710]
09:39:41.018 5 ACPI.sys[fffff88000f887a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004196050]
09:39:42.562 AVAST engine scan C:\Windows
09:39:44.436 AVAST engine scan C:\Windows\system32
09:41:47.705 AVAST engine scan C:\Windows\system32\drivers
09:41:56.063 AVAST engine scan C:\Users\Thales
09:46:18.653 AVAST engine scan C:\ProgramData
09:48:56.282 Scan finished successfully
09:49:17.688 Disk 0 MBR has been saved successfully to "C:\clean\MBR.dat"
09:49:17.692 The log file has been saved successfully to "C:\clean\aswMBR.txt"

============================================================================================================

I ran ESET online scanner, but the results said "No Threats Found".

Thanks,
PicNroll

#6 PicNroll

PicNroll
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 25 September 2012 - 12:00 PM

I'm assuming that I am now "clean" and good to go ... many thanks! As a last question, is it ok for me to reinstall the McAfee SecurityCenter software that came with my Dell (and for which I bought a subscription)?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:35 PM

Posted 25 September 2012 - 01:08 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

#8 PicNroll

PicNroll
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 25 September 2012 - 02:25 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.25.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Thales :: STUDY-PC [administrator]

9/25/2012 1:27:40 PM
mbam-log-2012-09-25 (13-27-40).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 326667
Time elapsed: 36 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
=================================================================================


MiniToolBox by Farbar Version: 23-07-2012
Ran by Thales (administrator) on 25-09-2012 at 14:06:26
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1506 802.11b/g/n (2.4GHz) = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Study-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 2A-ED-B9-27-93-3C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : triad.rr.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : D4-BE-D9-E5-53-4C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1506 802.11b/g/n (2.4GHz)
Physical Address. . . . . . . . . : 08-ED-B9-27-93-3C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9140:2c90:2af0:4fb6%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.109(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, September 25, 2012 12:06:56 PM
Lease Expires . . . . . . . . . . : Wednesday, September 26, 2012 1:24:49 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 185134521
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-2F-56-06-D4-BE-D9-E5-53-4C
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{971D326E-EDB8-4B1D-9629-DFB23BC6B834}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:c04:16ce:5190:d7b3(Preferred)
Link-local IPv6 Address . . . . . : fe80::c04:16ce:5190:d7b3%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: my.router
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4002:c05::8a
74.125.137.102
74.125.137.113
74.125.137.138
74.125.137.139
74.125.137.100
74.125.137.101


Pinging google.com [74.125.137.101] with 32 bytes of data:
Reply from 74.125.137.101: bytes=32 time=21ms TTL=48
Reply from 74.125.137.101: bytes=32 time=21ms TTL=48

Ping statistics for 74.125.137.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 21ms, Maximum = 21ms, Average = 21ms
Server: my.router
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=1079ms TTL=52
Reply from 72.30.38.140: bytes=32 time=995ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 995ms, Maximum = 1079ms, Average = 1037ms
Server: my.router
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...2a ed b9 27 93 3c ......Microsoft Virtual WiFi Miniport Adapter
12...d4 be d9 e5 53 4c ......Realtek PCIe GBE Family Controller
11...08 ed b9 27 93 3c ......Dell Wireless 1506 802.11b/g/n (2.4GHz)
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.109 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.109 281
192.168.1.109 255.255.255.255 On-link 192.168.1.109 281
192.168.1.255 255.255.255.255 On-link 192.168.1.109 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.109 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.109 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:9d38:6ab8:c04:16ce:5190:d7b3/128
On-link
11 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::c04:16ce:5190:d7b3/128
On-link
11 281 fe80::9140:2c90:2af0:4fb6/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/25/2012 01:01:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/25/2012 00:59:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/25/2012 00:58:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/25/2012 00:08:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/25/2012 00:07:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: 016611~1.EXE, version: 6.6.104.0, time stamp: 0x4f0afdf5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x3b657669
Faulting process id: 0x5a4
Faulting application start time: 0x016611~1.EXE0
Faulting application path: 016611~1.EXE1
Faulting module path: 016611~1.EXE2
Report Id: 016611~1.EXE3

Error: (09/25/2012 09:51:02 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/25/2012 09:51:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/25/2012 09:28:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/25/2012 09:27:14 AM) (Source: Application Error) (User: )
Description: Faulting application name: 016611~1.EXE, version: 6.6.104.0, time stamp: 0x4f0afdf5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x3b657669
Faulting process id: 0x570
Faulting application start time: 0x016611~1.EXE0
Faulting application path: 016611~1.EXE1
Faulting module path: 016611~1.EXE2
Report Id: 016611~1.EXE3

Error: (09/25/2012 09:16:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/25/2012 00:09:15 PM) (Source: Service Control Manager) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/25/2012 00:07:13 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Application Installer Cleanup (0166111348583023) service terminated unexpectedly. It has done this 1 time(s).

Error: (09/25/2012 00:05:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f020b: Logitech - Communication Device, Streaming Media and Broadcast - Logitech USB Camera (QuickCam S7500).

Error: (09/25/2012 00:03:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f020b: Logitech - Communication Device, Streaming Media and Broadcast - Logitech Mic (QuickCam S7500).

Error: (09/25/2012 09:29:20 AM) (Source: Service Control Manager) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/25/2012 09:27:17 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Application Installer Cleanup (0166111348583023) service terminated unexpectedly. It has done this 1 time(s).

Error: (09/25/2012 09:12:35 AM) (Source: Service Control Manager) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/25/2012 08:50:09 AM) (Source: Service Control Manager) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/25/2012 08:47:40 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:44:51 AM on ?9/?25/?2012 was unexpected.

Error: (09/24/2012 09:02:51 PM) (Source: Service Control Manager) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (09/25/2012 01:01:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\clean\esetsmartinstaller_enu.exe

Error: (09/25/2012 00:59:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/25/2012 00:58:14 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (09/25/2012 00:08:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/25/2012 00:07:08 PM) (Source: Application Error)(User: )
Description: 016611~1.EXE6.6.104.04f0afdf5unknown0.0.0.000000000c00000053b6576695a401cd9b4028dfbe11C:\Users\Thales\AppData\Local\Temp\016611~1.EXEunknown6fc59e01-0733-11e2-aa5b-d4bed9e5534c

Error: (09/25/2012 09:51:02 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\clean\esetsmartinstaller_enu.exe

Error: (09/25/2012 09:51:01 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\clean\esetsmartinstaller_enu.exe

Error: (09/25/2012 09:28:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/25/2012 09:27:14 AM) (Source: Application Error)(User: )
Description: 016611~1.EXE6.6.104.04f0afdf5unknown0.0.0.000000000c00000053b65766957001cd9b29d2c0df13C:\Users\Thales\AppData\Local\Temp\016611~1.EXEunknown1936de57-071d-11e2-a796-d4bed9e5534c

Error: (09/25/2012 09:16:33 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\clean\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

Adobe AIR (Version: 2.6.0.19120)
Adobe Community Help (Version: 3.2.1)
Adobe Community Help (Version: 3.2.1.650)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.0.765.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blio (Version: 2.3.7140)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Consumer In-Home Service Agreement (Version: 2.0.0)
Cozi (Version: 1.0.6505.38692)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.67)
Dell DataSafe Local Backup (Version: 9.4.67)
Dell DataSafe Online (Version: 2.1.19634)
Dell Digital Delivery (Version: 1.7.4502.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.6.225.0)
Dell Photo AIO Printer 942
Dell PhotoStage (Version: 1.5.0.130)
Dell Stage (Version: 1.6.301.0)
Dell Stage Remote (Version: 2.0.0.43)
Dell Support Center (Version: 3.2.6032.55)
Dell VideoStage (Version: 1.3.0.2513)
Dell Wireless Driver Installation (Version: 9.0)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
eBay (Version: 1.4.0)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
Escape Whisper Valley ™ (Version: 2.2.0.95)
ESET Online Scanner v3
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Fury (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Google Chrome (Version: 21.0.1180.89)
High-Definition Video Playback (Version: 11.1.11500.4.273)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.0.0.1351)
Intel® Processor Graphics (Version: 8.15.10.2598)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
Intel® Trusted Connect Service Client (Version: 1.23.216.0)
Jewel Quest (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Luxor (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Nero 10 Movie ThemePack Basic (Version: 10.6.10000.1.0)
Nero Control Center 10 (Version: 10.6.13000.0.11)
Nero ControlCenter 10 Help (CHM) (Version: 10.2.10800)
Nero Core Components 10 (Version: 2.0.20500.9.16)
Nero Update (Version: 11.0.11500.28.0)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Realtek High Definition Audio Driver (Version: 6.0.1.6554)
Samantha Swift (Version: 2.2.0.95)
Skype™ 5.10 (Version: 5.10.116)
SyncUP (Version: 1.12.11200.10.102)
SyncUP (Version: 10.2.16100)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Wedding Dash - Ready, Aim, Love! (Version: 2.2.0.95)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Dell Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zinio Reader 4 (Version: 4.2.4164)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 3974.16 MB
Available physical RAM: 2347.27 MB
Total Pagefile: 7946.52 MB
Available Pagefile: 5295.49 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.02 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:442.18 GB) (Free:395.14 GB) NTFS

========================= Users: ========================================

User accounts for \\STUDY-PC

Administrator Guest Thales

========================= Restore Points ==================================

16-08-2012 08:00:23 Windows Update
23-08-2012 13:55:01 Scheduled Checkpoint
30-08-2012 16:11:57 Scheduled Checkpoint
05-09-2012 08:00:19 Windows Update
12-09-2012 16:36:28 Scheduled Checkpoint
13-09-2012 08:00:29 Windows Update
20-09-2012 21:56:30 Scheduled Checkpoint
22-09-2012 08:00:11 Windows Update
25-09-2012 00:54:09 ComboFix created restore point
25-09-2012 17:03:00 Windows Update
25-09-2012 17:13:14 Windows Update

**** End of log ****
===========================================================================================

Farbar Service Scanner Version: 19-09-2012
Ran by Thales (administrator) on 25-09-2012 at 14:07:58
Running from "C:\clean"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
=======================================================================================


# AdwCleaner v2.003 - Logfile created 09/25/2012 at 14:09:47
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Thales - STUDY-PC
# Boot Mode : Normal
# Running from : C:\clean\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Thales\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [818 octets] - [25/09/2012 14:08:48]
AdwCleaner[S1].txt - [1367 octets] - [25/09/2012 14:09:47]

########## EOF - C:\AdwCleaner[S1].txt - [1427 octets] ##########

================================================================================================


Junkware Removal Tool (JRT) by Thisisu
Version: 1.0.7 (09.24.2012)
OS: Windows 7 Home Premium x64
Ran by Thales on Tue 09/25/2012 at 14:25:15.76
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}



*** Files: 0 Detections



*** Folders: 0 Detections



*** Ask Toolbar: - Remnants removed







*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Tue 09/25/2012 at 14:25:24.09
End of Report

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:35 PM

Posted 25 September 2012 - 02:28 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#10 PicNroll

PicNroll
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 25 September 2012 - 02:34 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/25/2012 02:31:19 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 09/25/2012 02:31:27 PM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)
=========================================================================


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "DellStage" "Dell Stage" "" "c:\program files (x86)\dell stage\dell stage\stage_primary.exe"
+ "DLBUCATS" "Timer DLL" "" "c:\windows\system32\spool\drivers\x64\3\dlbutime.dll"
+ "dlbumon.exe" "Lexmark Device Monitor" "Lexmark International, Inc." "c:\program files (x86)\dell photo aio printer 942\dlbumon.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "MemoryCardManager" "Memory Card Manager Executable" "" "c:\program files (x86)\dell photo aio printer 942\memcard.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rtkngui64.exe"
+ "Stage Remote" "Stage Remote Manager" "" "c:\program files (x86)\dell\stage remote\stageremote.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AccuWeatherWidget" "AccuWeather.com desktop weather widget" "" "c:\program files (x86)\dell stage\dell stage\accuweather\accuweather.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 10.0\reader\reader_sl.exe"
+ "Dell DataSafe Online" "Dell DataSafe Online Service" "Dell, Inc." "c:\program files (x86)\dell\dell datasafe online\nobuclient.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "IMSS" "PIcon startup utility" "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\imss\piconstartup.exe"
+ "NeroLauncher" "" "" "c:\program files (x86)\nero\syncup\nerolauncher.exe"
+ "USB3MON" "Intel® USB 3.0 Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel® usb 3.0 extensible host controller driver\application\iusb3mon.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\thales\appdata\local\google\update\googleupdate.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-455119228-422200243-3671852512-1000Core" "Google Installer" "Google Inc." "c:\users\thales\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-455119228-422200243-3671852512-1000UA" "Google Installer" "Google Inc." "c:\users\thales\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "0166111348583023mcinstcleanup" "McAfee Installer" "McAfee, Inc." "c:\users\thales\appdata\local\temp\0166111348583023mcinst.exe"
+ "AdobeActiveFileMonitor9.0" "Tracks files that are managed by Elements Organizer" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\photoshopelementsfileagent.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "cphs" "Intel® Content Protection HECI Service - enables communication with the Content Protection FW" "Intel Corporation" "c:\windows\syswow64\intelcphecisvc.exe"
+ "DellDigitalDelivery" "Downloads and installs the applications that you purchased with your computer." "Dell Products, LP." "c:\program files (x86)\dell digital delivery\deliveryservice.exe"
+ "dlbu_device" "Printer Communication System" " " "c:\windows\system32\dlbucoms.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "Intel® Capability Licensing Service Interface" "Version: 1.23.216.0" "Intel® Corporation" "c:\program files\intel\icls client\heciserver.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NAUpdate" "Provides access to Nero application updates and manages Nero applications." "Nero AG" "c:\program files (x86)\nero\update\nasvc.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "NOBU" "Dell DataSafe Online Service" "Dell, Inc." "c:\program files (x86)\dell\dell datasafe online\nobuagent.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks SAS" "c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "ZAtheros Wlan Agent" "Atheros agent for Wlan" "Atheros" "c:\program files (x86)\dell wireless\ath_wlanagent.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "catchme" "" "" "File not found: C:\cf\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "iusb3hcs" "Intel® USB 3.0 Host Controller Switch Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3hcs.sys"
+ "iusb3hub" "Intel® USB 3.0 Hub Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3hub.sys"
+ "iusb3xhc" "Intel® USB 3.0 eXtensible Host Controller Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3xhc.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LVUVC64" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows\system32\drivers\lvuvc64.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcod64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\syswow64\lvcodec2.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept VC-1 Decoder" "VC-1 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "MainConcept (Broadcast) AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_bc_dec_avc_ds.ax"
+ "MainConcept AAC Decoder" "AAC audio decoder filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_aac_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_avc_ds.ax"
+ "MainConcept DV Dif Parser" "DV Dif Parser DS Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_parser_dv_ds.ax"
+ "MainConcept DV Video Decoder" "DirectShow DVCPro Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv_ds.ax"
+ "MainConcept DV-Demultiplexer" "DV-Splitter DS Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_dv_ds.ax"
+ "MainConcept DVCPro 50 Video Decoder" "DirectShow DVCPro50 Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv50_ds.ax"
+ "MainConcept DVCPro HD Video Decoder" "DirectShow DVCProHD Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv100_ds.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept VC-1 Decoder" "VC-1 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Track1Filter" "Adobe Photoshop Elements 9.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\track1filter.dll"
+ "Track2Filter" "Adobe Photoshop Elements 9.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\track2filter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Dell 942 Port" "Printer Communication System" " " "c:\windows\system32\dlbulmpm.dll"
+ "Photo AIO Printer 942 Port" "Printer Communication System" " " "c:\windows\system32\dlbulmpm.dll"

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:35 PM

Posted 25 September 2012 - 02:40 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP-http://support.microsoft.com/kb/310405

Vista & windows 7-http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#12 PicNroll

PicNroll
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 25 September 2012 - 02:43 PM

Thanks to all - you guys really are awesome!

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:35 PM

Posted 25 September 2012 - 02:47 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users