Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus


  • Please log in to reply
20 replies to this topic

#1 MrLimbo

MrLimbo

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 03 October 2012 - 06:48 PM

I've been having ping issues when playing games online and I also get redirected randomly when using Firefox. Malwarebytes detects a couple viruses, but doesn't seem to actually remove them. I really don't know what to do, so any help would be appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:18 PM

Posted 03 October 2012 - 06:48 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 MrLimbo

MrLimbo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 03 October 2012 - 07:00 PM

19:51:00.0545 7948 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
19:51:00.0924 7948 ============================================================
19:51:00.0924 7948 Current date / time: 2012/10/03 19:51:00.0924
19:51:00.0924 7948 SystemInfo:
19:51:00.0924 7948
19:51:00.0924 7948 OS Version: 6.1.7601 ServicePack: 1.0
19:51:00.0924 7948 Product type: Workstation
19:51:00.0925 7948 ComputerName: KATHYRN-PC
19:51:00.0925 7948 UserName: Kathyrn
19:51:00.0925 7948 Windows directory: C:\Windows
19:51:00.0925 7948 System windows directory: C:\Windows
19:51:00.0925 7948 Running under WOW64
19:51:00.0925 7948 Processor architecture: Intel x64
19:51:00.0925 7948 Number of processors: 2
19:51:00.0925 7948 Page size: 0x1000
19:51:00.0925 7948 Boot type: Normal boot
19:51:00.0925 7948 ============================================================
19:51:01.0123 7948 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:51:01.0132 7948 ============================================================
19:51:01.0132 7948 \Device\Harddisk0\DR0:
19:51:01.0144 7948 MBR partitions:
19:51:01.0144 7948 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2710800, BlocksNum 0x32000
19:51:01.0144 7948 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2742800, BlocksNum 0x71FC3DB0
19:51:01.0144 7948 ============================================================
19:51:01.0185 7948 C: <-> \Device\Harddisk0\DR0\Partition2
19:51:01.0185 7948 ============================================================
19:51:01.0185 7948 Initialize success
19:51:01.0185 7948 ============================================================
19:51:20.0843 2336 ============================================================
19:51:20.0843 2336 Scan started
19:51:20.0843 2336 Mode: Manual; TDLFS;
19:51:20.0843 2336 ============================================================
19:51:24.0290 2336 ================ Scan system memory ========================
19:51:24.0290 2336 System memory - ok
19:51:24.0290 2336 ================ Scan services =============================
19:51:24.0418 2336 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:51:24.0420 2336 1394ohci - ok
19:51:24.0447 2336 [ F146E2BA475893DD77B2370DC1211FC6 ] 51618460 C:\Windows\system32\drivers\66149432.sys
19:51:24.0468 2336 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:51:24.0471 2336 ACPI - ok
19:51:24.0490 2336 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:51:24.0490 2336 AcpiPmi - ok
19:51:24.0563 2336 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:51:24.0566 2336 AdobeFlashPlayerUpdateSvc - ok
19:51:24.0599 2336 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:51:24.0603 2336 adp94xx - ok
19:51:24.0619 2336 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:51:24.0622 2336 adpahci - ok
19:51:24.0641 2336 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:51:24.0643 2336 adpu320 - ok
19:51:24.0667 2336 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:51:24.0668 2336 AeLookupSvc - ok
19:51:24.0710 2336 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:51:24.0713 2336 AFD - ok
19:51:24.0737 2336 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:51:24.0738 2336 agp440 - ok
19:51:24.0801 2336 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:51:24.0801 2336 ALG - ok
19:51:24.0815 2336 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:51:24.0816 2336 aliide - ok
19:51:24.0831 2336 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:51:24.0831 2336 amdide - ok
19:51:24.0845 2336 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:51:24.0846 2336 AmdK8 - ok
19:51:24.0865 2336 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:51:24.0866 2336 AmdPPM - ok
19:51:24.0901 2336 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:51:24.0902 2336 amdsata - ok
19:51:24.0917 2336 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:51:24.0919 2336 amdsbs - ok
19:51:24.0940 2336 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:51:24.0940 2336 amdxata - ok
19:51:24.0960 2336 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:51:24.0960 2336 AppID - ok
19:51:24.0999 2336 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:51:25.0000 2336 AppIDSvc - ok
19:51:25.0005 2336 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:51:25.0006 2336 Appinfo - ok
19:51:25.0085 2336 [ 52AD9ED5BD05E7801AF5EFD99652C74F ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
19:51:25.0090 2336 Application Updater - ok
19:51:25.0112 2336 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:51:25.0112 2336 arc - ok
19:51:25.0131 2336 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:51:25.0132 2336 arcsas - ok
19:51:25.0229 2336 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:51:25.0230 2336 aspnet_state - ok
19:51:25.0262 2336 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:51:25.0263 2336 AsyncMac - ok
19:51:25.0280 2336 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:51:25.0281 2336 atapi - ok
19:51:25.0300 2336 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:51:25.0305 2336 AudioEndpointBuilder - ok
19:51:25.0318 2336 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:51:25.0323 2336 AudioSrv - ok
19:51:25.0419 2336 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
19:51:25.0419 2336 avgtp - ok
19:51:25.0447 2336 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:51:25.0449 2336 AxInstSV - ok
19:51:25.0492 2336 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:51:25.0495 2336 b06bdrv - ok
19:51:25.0515 2336 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:51:25.0517 2336 b57nd60a - ok
19:51:25.0601 2336 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:51:25.0603 2336 BBSvc - ok
19:51:25.0666 2336 [ E49110A58A32E9450356686A95DD7763 ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
19:51:25.0672 2336 BCMH43XX - ok
19:51:25.0695 2336 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:51:25.0696 2336 BDESVC - ok
19:51:25.0741 2336 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:51:25.0742 2336 Beep - ok
19:51:25.0761 2336 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:51:25.0762 2336 blbdrive - ok
19:51:25.0824 2336 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:51:25.0825 2336 bowser - ok
19:51:25.0840 2336 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:51:25.0841 2336 BrFiltLo - ok
19:51:25.0852 2336 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:51:25.0852 2336 BrFiltUp - ok
19:51:25.0874 2336 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
19:51:25.0876 2336 Browser - ok
19:51:25.0884 2336 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:51:25.0886 2336 Brserid - ok
19:51:25.0926 2336 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:51:25.0927 2336 BrSerWdm - ok
19:51:25.0935 2336 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:51:25.0936 2336 BrUsbMdm - ok
19:51:25.0951 2336 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:51:25.0951 2336 BrUsbSer - ok
19:51:25.0970 2336 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:51:25.0970 2336 BTHMODEM - ok
19:51:25.0992 2336 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:51:25.0993 2336 bthserv - ok
19:51:26.0008 2336 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:51:26.0010 2336 cdfs - ok
19:51:26.0042 2336 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:51:26.0044 2336 cdrom - ok
19:51:26.0076 2336 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:51:26.0078 2336 CertPropSvc - ok
19:51:26.0129 2336 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:51:26.0129 2336 circlass - ok
19:51:26.0164 2336 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:51:26.0167 2336 CLFS - ok
19:51:26.0208 2336 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:51:26.0209 2336 clr_optimization_v2.0.50727_32 - ok
19:51:26.0241 2336 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:51:26.0242 2336 clr_optimization_v2.0.50727_64 - ok
19:51:26.0312 2336 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:51:26.0313 2336 clr_optimization_v4.0.30319_32 - ok
19:51:26.0339 2336 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:51:26.0340 2336 clr_optimization_v4.0.30319_64 - ok
19:51:26.0355 2336 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:51:26.0356 2336 CmBatt - ok
19:51:26.0370 2336 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:51:26.0370 2336 cmdide - ok
19:51:26.0422 2336 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:51:26.0425 2336 CNG - ok
19:51:26.0440 2336 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:51:26.0441 2336 Compbatt - ok
19:51:26.0479 2336 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:51:26.0482 2336 CompositeBus - ok
19:51:26.0490 2336 COMSysApp - ok
19:51:26.0514 2336 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:51:26.0514 2336 crcdisk - ok
19:51:26.0554 2336 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:51:26.0560 2336 CryptSvc - ok
19:51:26.0672 2336 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:51:26.0676 2336 cvhsvc - ok
19:51:26.0715 2336 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:51:26.0719 2336 DcomLaunch - ok
19:51:26.0758 2336 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:51:26.0760 2336 defragsvc - ok
19:51:26.0782 2336 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:51:26.0783 2336 DfsC - ok
19:51:26.0808 2336 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:51:26.0810 2336 Dhcp - ok
19:51:26.0828 2336 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:51:26.0829 2336 discache - ok
19:51:26.0852 2336 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:51:26.0852 2336 Disk - ok
19:51:26.0890 2336 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:51:26.0891 2336 Dnscache - ok
19:51:26.0902 2336 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:51:26.0905 2336 dot3svc - ok
19:51:26.0921 2336 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:51:26.0922 2336 DPS - ok
19:51:26.0943 2336 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:51:26.0944 2336 drmkaud - ok
19:51:26.0973 2336 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:51:26.0978 2336 DXGKrnl - ok
19:51:27.0005 2336 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:51:27.0007 2336 EapHost - ok
19:51:27.0066 2336 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:51:27.0084 2336 ebdrv - ok
19:51:27.0122 2336 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:51:27.0123 2336 EFS - ok
19:51:27.0181 2336 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:51:27.0185 2336 ehRecvr - ok
19:51:27.0202 2336 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:51:27.0203 2336 ehSched - ok
19:51:27.0228 2336 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:51:27.0232 2336 elxstor - ok
19:51:27.0246 2336 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:51:27.0246 2336 ErrDev - ok
19:51:27.0263 2336 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:51:27.0266 2336 EventSystem - ok
19:51:27.0273 2336 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:51:27.0274 2336 exfat - ok
19:51:27.0331 2336 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:51:27.0332 2336 fastfat - ok
19:51:27.0368 2336 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:51:27.0372 2336 Fax - ok
19:51:27.0388 2336 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:51:27.0389 2336 fdc - ok
19:51:27.0410 2336 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:51:27.0411 2336 fdPHost - ok
19:51:27.0421 2336 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:51:27.0422 2336 FDResPub - ok
19:51:27.0442 2336 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:51:27.0444 2336 FileInfo - ok
19:51:27.0459 2336 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:51:27.0459 2336 Filetrace - ok
19:51:27.0482 2336 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:51:27.0483 2336 flpydisk - ok
19:51:27.0496 2336 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:51:27.0498 2336 FltMgr - ok
19:51:27.0551 2336 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:51:27.0558 2336 FontCache - ok
19:51:27.0630 2336 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:51:27.0631 2336 FontCache3.0.0.0 - ok
19:51:27.0751 2336 [ 52B58A46BEEFB238C580B69FD051CB5B ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
19:51:27.0755 2336 ForceWare Intelligent Application Manager (IAM) - ok
19:51:27.0772 2336 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:51:27.0772 2336 FsDepends - ok
19:51:27.0804 2336 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:51:27.0805 2336 Fs_Rec - ok
19:51:27.0823 2336 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:51:27.0825 2336 fvevol - ok
19:51:27.0843 2336 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:51:27.0844 2336 gagp30kx - ok
19:51:27.0893 2336 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:51:27.0895 2336 GamesAppService - ok
19:51:27.0927 2336 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:51:27.0932 2336 gpsvc - ok
19:51:27.0981 2336 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
19:51:27.0982 2336 GREGService - ok
19:51:28.0023 2336 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:51:28.0023 2336 hamachi - ok
19:51:28.0100 2336 [ 21D24138B736983F6E23823E092E9428 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:51:28.0113 2336 Hamachi2Svc - ok
19:51:28.0141 2336 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:51:28.0142 2336 hcw85cir - ok
19:51:28.0169 2336 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:51:28.0172 2336 HdAudAddService - ok
19:51:28.0204 2336 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:51:28.0205 2336 HDAudBus - ok
19:51:28.0218 2336 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:51:28.0219 2336 HidBatt - ok
19:51:28.0235 2336 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:51:28.0236 2336 HidBth - ok
19:51:28.0251 2336 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:51:28.0252 2336 HidIr - ok
19:51:28.0264 2336 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:51:28.0265 2336 hidserv - ok
19:51:28.0292 2336 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:51:28.0292 2336 HidUsb - ok
19:51:28.0315 2336 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:51:28.0318 2336 hkmsvc - ok
19:51:28.0337 2336 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:51:28.0340 2336 HomeGroupListener - ok
19:51:28.0371 2336 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:51:28.0373 2336 HomeGroupProvider - ok
19:51:28.0393 2336 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:51:28.0394 2336 HpSAMD - ok
19:51:28.0421 2336 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:51:28.0426 2336 HTTP - ok
19:51:28.0446 2336 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:51:28.0446 2336 hwpolicy - ok
19:51:28.0474 2336 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:51:28.0475 2336 i8042prt - ok
19:51:28.0495 2336 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:51:28.0498 2336 iaStorV - ok
19:51:28.0555 2336 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:51:28.0560 2336 idsvc - ok
19:51:28.0652 2336 IDSVia64 - ok
19:51:28.0669 2336 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:51:28.0671 2336 iirsp - ok
19:51:28.0701 2336 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:51:28.0706 2336 IKEEXT - ok
19:51:28.0773 2336 [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:51:28.0787 2336 IntcAzAudAddService - ok
19:51:28.0811 2336 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:51:28.0812 2336 intelide - ok
19:51:28.0832 2336 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:51:28.0832 2336 intelppm - ok
19:51:28.0852 2336 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:51:28.0853 2336 IPBusEnum - ok
19:51:28.0872 2336 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:51:28.0873 2336 IpFilterDriver - ok
19:51:28.0884 2336 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:51:28.0885 2336 IPMIDRV - ok
19:51:28.0905 2336 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:51:28.0905 2336 IPNAT - ok
19:51:28.0928 2336 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:51:28.0929 2336 IRENUM - ok
19:51:28.0962 2336 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:51:28.0963 2336 isapnp - ok
19:51:29.0361 2336 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:51:29.0362 2336 iScsiPrt - ok
19:51:29.0441 2336 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:51:29.0442 2336 kbdclass - ok
19:51:29.0490 2336 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:51:29.0491 2336 kbdhid - ok
19:51:29.0511 2336 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:51:29.0513 2336 KeyIso - ok
19:51:29.0684 2336 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:51:29.0685 2336 KSecDD - ok
19:51:29.0716 2336 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:51:29.0717 2336 KSecPkg - ok
19:51:29.0739 2336 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:51:29.0739 2336 ksthunk - ok
19:51:29.0762 2336 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:51:29.0766 2336 KtmRm - ok
19:51:29.0790 2336 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:51:29.0793 2336 LanmanServer - ok
19:51:29.0826 2336 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:51:29.0829 2336 LanmanWorkstation - ok
19:51:30.0014 2336 [ 4CCC8AABE7880C56BA10043B8FBCA3EB ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
19:51:30.0055 2336 LeapFrog Connect Device Service - ok
19:51:30.0080 2336 [ 797289607A5EBF31353AA5EAD141F872 ] Leapfrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
19:51:30.0081 2336 Leapfrog-USBLAN - ok
19:51:30.0151 2336 [ 6BCEE9C766815BFFF89DE7D81AF34CE1 ] Live Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
19:51:30.0152 2336 Live Updater Service - ok
19:51:30.0191 2336 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:51:30.0192 2336 lltdio - ok
19:51:30.0216 2336 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:51:30.0219 2336 lltdsvc - ok
19:51:30.0236 2336 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:51:30.0237 2336 lmhosts - ok
19:51:30.0328 2336 [ 98B0FCC176DFB711B67651BECB88C445 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
19:51:30.0330 2336 LMIGuardianSvc - ok
19:51:30.0345 2336 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
19:51:30.0346 2336 LMIInfo - ok
19:51:30.0367 2336 [ B712511029CBD68645A90A241FD6AE43 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
19:51:30.0368 2336 LMIMaint - ok
19:51:30.0404 2336 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
19:51:30.0404 2336 lmimirr - ok
19:51:30.0426 2336 LMIRfsClientNP - ok
19:51:30.0444 2336 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
19:51:30.0445 2336 LMIRfsDriver - ok
19:51:30.0464 2336 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
19:51:30.0467 2336 LogMeIn - ok
19:51:30.0518 2336 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:51:30.0519 2336 LSI_FC - ok
19:51:30.0532 2336 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:51:30.0533 2336 LSI_SAS - ok
19:51:30.0553 2336 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:51:30.0554 2336 LSI_SAS2 - ok
19:51:30.0572 2336 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:51:30.0572 2336 LSI_SCSI - ok
19:51:30.0609 2336 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:51:30.0610 2336 luafv - ok
19:51:30.0651 2336 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:51:30.0651 2336 MBAMProtector - ok
19:51:30.0739 2336 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:51:30.0741 2336 MBAMScheduler - ok
19:51:30.0790 2336 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:51:30.0794 2336 MBAMService - ok
19:51:30.0818 2336 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:51:30.0819 2336 Mcx2Svc - ok
19:51:30.0835 2336 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:51:30.0836 2336 megasas - ok
19:51:30.0858 2336 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:51:30.0860 2336 MegaSR - ok
19:51:30.0879 2336 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:51:30.0881 2336 MMCSS - ok
19:51:30.0896 2336 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:51:30.0897 2336 Modem - ok
19:51:30.0925 2336 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:51:30.0926 2336 monitor - ok
19:51:30.0941 2336 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:51:30.0942 2336 mouclass - ok
19:51:30.0973 2336 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:51:30.0973 2336 mouhid - ok
19:51:30.0992 2336 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:51:30.0993 2336 mountmgr - ok
19:51:31.0025 2336 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:51:31.0025 2336 MozillaMaintenance - ok
19:51:31.0043 2336 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:51:31.0045 2336 mpio - ok
19:51:31.0060 2336 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:51:31.0061 2336 mpsdrv - ok
19:51:31.0085 2336 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:51:31.0086 2336 MRxDAV - ok
19:51:31.0119 2336 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:51:31.0120 2336 mrxsmb - ok
19:51:31.0137 2336 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:51:31.0139 2336 mrxsmb10 - ok
19:51:31.0158 2336 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:51:31.0159 2336 mrxsmb20 - ok
19:51:31.0178 2336 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:51:31.0179 2336 msahci - ok
19:51:31.0199 2336 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:51:31.0201 2336 msdsm - ok
19:51:31.0218 2336 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:51:31.0220 2336 MSDTC - ok
19:51:31.0252 2336 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:51:31.0253 2336 Msfs - ok
19:51:31.0270 2336 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:51:31.0271 2336 mshidkmdf - ok
19:51:31.0290 2336 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:51:31.0290 2336 msisadrv - ok
19:51:31.0318 2336 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:51:31.0320 2336 MSiSCSI - ok
19:51:31.0325 2336 msiserver - ok
19:51:31.0348 2336 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:51:31.0349 2336 MSKSSRV - ok
19:51:31.0365 2336 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:51:31.0366 2336 MSPCLOCK - ok
19:51:31.0379 2336 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:51:31.0380 2336 MSPQM - ok
19:51:31.0411 2336 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:51:31.0413 2336 MsRPC - ok
19:51:31.0426 2336 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:51:31.0426 2336 mssmbios - ok
19:51:31.0440 2336 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:51:31.0441 2336 MSTEE - ok
19:51:31.0452 2336 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:51:31.0452 2336 MTConfig - ok
19:51:31.0471 2336 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:51:31.0471 2336 Mup - ok
19:51:31.0505 2336 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:51:31.0510 2336 napagent - ok
19:51:31.0551 2336 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:51:31.0553 2336 NativeWifiP - ok
19:51:31.0631 2336 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
19:51:31.0634 2336 NAUpdate - ok
19:51:31.0658 2336 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:51:31.0664 2336 NDIS - ok
19:51:31.0701 2336 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:51:31.0702 2336 NdisCap - ok
19:51:31.0743 2336 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:51:31.0744 2336 NdisTapi - ok
19:51:31.0771 2336 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:51:31.0772 2336 Ndisuio - ok
19:51:31.0791 2336 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:51:31.0792 2336 NdisWan - ok
19:51:31.0819 2336 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:51:31.0820 2336 NDProxy - ok
19:51:31.0841 2336 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:51:31.0842 2336 NetBIOS - ok
19:51:31.0859 2336 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:51:31.0861 2336 NetBT - ok
19:51:31.0884 2336 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:51:31.0885 2336 Netlogon - ok
19:51:31.0915 2336 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:51:31.0919 2336 Netman - ok
19:51:31.0963 2336 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:51:31.0965 2336 NetMsmqActivator - ok
19:51:31.0971 2336 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:51:31.0972 2336 NetPipeActivator - ok
19:51:31.0983 2336 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:51:31.0986 2336 netprofm - ok
19:51:31.0992 2336 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:51:31.0993 2336 NetTcpActivator - ok
19:51:31.0999 2336 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:51:32.0000 2336 NetTcpPortSharing - ok
19:51:32.0031 2336 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:51:32.0032 2336 nfrd960 - ok
19:51:32.0055 2336 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:51:32.0058 2336 NlaSvc - ok
19:51:32.0089 2336 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\Windows\system32\DRIVERS\npf.sys
19:51:32.0090 2336 NPF - ok
19:51:32.0103 2336 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:51:32.0104 2336 Npfs - ok
19:51:32.0116 2336 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:51:32.0118 2336 nsi - ok
19:51:32.0138 2336 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:51:32.0138 2336 nsiproxy - ok
19:51:32.0183 2336 [ 20E179A7FE78B37A02D30C4D34C870E7 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
19:51:32.0185 2336 nSvcIp - ok
19:51:32.0246 2336 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:51:32.0257 2336 Ntfs - ok
19:51:32.0297 2336 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:51:32.0297 2336 Null - ok
19:51:32.0325 2336 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
19:51:32.0327 2336 NVENETFD - ok
19:51:32.0573 2336 [ 4628FA8F0CC0D509BC14A223E99D36F3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:51:32.0651 2336 nvlddmkm - ok
19:51:32.0703 2336 [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
19:51:32.0706 2336 NVNET - ok
19:51:32.0747 2336 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:51:32.0749 2336 nvraid - ok
19:51:32.0788 2336 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:51:32.0789 2336 nvstor - ok
19:51:32.0816 2336 [ 1E45F96342429D63DC30E0D9117DA3D8 ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
19:51:32.0818 2336 nvstor64 - ok
19:51:32.0844 2336 [ 703F996312202D84663F7C8584ACAF55 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:51:32.0846 2336 nvsvc - ok
19:51:32.0854 2336 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:51:32.0855 2336 nv_agp - ok
19:51:32.0861 2336 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:51:32.0862 2336 ohci1394 - ok
19:51:32.0925 2336 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:51:32.0926 2336 ose - ok
19:51:33.0069 2336 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:51:33.0096 2336 osppsvc - ok
19:51:33.0128 2336 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:51:33.0131 2336 p2pimsvc - ok
19:51:33.0150 2336 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:51:33.0154 2336 p2psvc - ok
19:51:33.0171 2336 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:51:33.0172 2336 Parport - ok
19:51:33.0203 2336 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:51:33.0204 2336 partmgr - ok
19:51:33.0221 2336 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:51:33.0224 2336 PcaSvc - ok
19:51:33.0238 2336 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:51:33.0239 2336 pci - ok
19:51:33.0254 2336 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:51:33.0254 2336 pciide - ok
19:51:33.0262 2336 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:51:33.0263 2336 pcmcia - ok
19:51:33.0282 2336 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:51:33.0283 2336 pcw - ok
19:51:33.0309 2336 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:51:33.0313 2336 PEAUTH - ok
19:51:33.0388 2336 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:51:33.0389 2336 PerfHost - ok
19:51:33.0447 2336 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:51:33.0456 2336 pla - ok
19:51:33.0515 2336 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:51:33.0520 2336 PlugPlay - ok
19:51:33.0525 2336 PnkBstrA - ok
19:51:33.0553 2336 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:51:33.0554 2336 PNRPAutoReg - ok
19:51:33.0563 2336 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:51:33.0566 2336 PNRPsvc - ok
19:51:33.0594 2336 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:51:33.0598 2336 PolicyAgent - ok
19:51:33.0613 2336 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:51:33.0616 2336 Power - ok
19:51:33.0633 2336 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:51:33.0634 2336 PptpMiniport - ok
19:51:33.0681 2336 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:51:33.0682 2336 Processor - ok
19:51:33.0721 2336 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:51:33.0725 2336 ProfSvc - ok
19:51:33.0740 2336 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:51:33.0741 2336 ProtectedStorage - ok
19:51:33.0784 2336 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:51:33.0785 2336 Psched - ok
19:51:33.0826 2336 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:51:33.0836 2336 ql2300 - ok
19:51:33.0844 2336 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:51:33.0845 2336 ql40xx - ok
19:51:33.0881 2336 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:51:33.0884 2336 QWAVE - ok
19:51:33.0909 2336 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:51:33.0910 2336 QWAVEdrv - ok
19:51:33.0917 2336 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:51:33.0917 2336 RasAcd - ok
19:51:33.0941 2336 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:51:33.0942 2336 RasAgileVpn - ok
19:51:33.0963 2336 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:51:33.0965 2336 RasAuto - ok
19:51:33.0980 2336 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:51:33.0981 2336 Rasl2tp - ok
19:51:34.0000 2336 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:51:34.0004 2336 RasMan - ok
19:51:34.0017 2336 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:51:34.0018 2336 RasPppoe - ok
19:51:34.0031 2336 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:51:34.0032 2336 RasSstp - ok
19:51:34.0059 2336 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:51:34.0061 2336 rdbss - ok
19:51:34.0074 2336 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:51:34.0075 2336 rdpbus - ok
19:51:34.0087 2336 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:51:34.0088 2336 RDPCDD - ok
19:51:34.0118 2336 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:51:34.0118 2336 RDPENCDD - ok
19:51:34.0131 2336 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:51:34.0131 2336 RDPREFMP - ok
19:51:34.0166 2336 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:51:34.0168 2336 RDPWD - ok
19:51:34.0187 2336 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:51:34.0188 2336 rdyboost - ok
19:51:34.0219 2336 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:51:34.0221 2336 RemoteAccess - ok
19:51:34.0239 2336 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:51:34.0242 2336 RemoteRegistry - ok
19:51:34.0271 2336 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:51:34.0273 2336 RpcEptMapper - ok
19:51:34.0306 2336 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:51:34.0307 2336 RpcLocator - ok
19:51:34.0332 2336 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:51:34.0337 2336 RpcSs - ok
19:51:34.0360 2336 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:51:34.0361 2336 rspndr - ok
19:51:34.0381 2336 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:51:34.0382 2336 SamSs - ok
19:51:34.0399 2336 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:51:34.0404 2336 sbp2port - ok
19:51:34.0427 2336 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:51:34.0430 2336 SCardSvr - ok
19:51:34.0478 2336 [ C81EB41E9FFC35560E5025891DC01A6E ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
19:51:34.0479 2336 SCDEmu - ok
19:51:34.0495 2336 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:51:34.0495 2336 scfilter - ok
19:51:34.0527 2336 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:51:34.0535 2336 Schedule - ok
19:51:34.0576 2336 [ 6011CDF54BB6F4C69F38FACCDAD73D7E ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys
19:51:34.0577 2336 SCMNdisP - ok
19:51:34.0601 2336 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:51:34.0602 2336 SCPolicySvc - ok
19:51:34.0634 2336 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:51:34.0636 2336 SDRSVC - ok
19:51:34.0711 2336 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:51:34.0713 2336 SeaPort - ok
19:51:35.0042 2336 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:51:35.0043 2336 secdrv - ok
19:51:35.0063 2336 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:51:35.0064 2336 seclogon - ok
19:51:35.0081 2336 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:51:35.0083 2336 SENS - ok
19:51:35.0100 2336 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:51:35.0102 2336 SensrSvc - ok
19:51:35.0107 2336 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:51:35.0108 2336 Serenum - ok
19:51:35.0131 2336 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:51:35.0132 2336 Serial - ok
19:51:35.0150 2336 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:51:35.0151 2336 sermouse - ok
19:51:35.0181 2336 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:51:35.0183 2336 SessionEnv - ok
19:51:35.0203 2336 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:51:35.0204 2336 sffdisk - ok
19:51:35.0214 2336 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:51:35.0215 2336 sffp_mmc - ok
19:51:35.0224 2336 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:51:35.0225 2336 sffp_sd - ok
19:51:35.0234 2336 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:51:35.0235 2336 sfloppy - ok
19:51:35.0282 2336 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
19:51:35.0287 2336 Sftfs - ok
19:51:35.0360 2336 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:51:35.0363 2336 sftlist - ok
19:51:35.0393 2336 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:51:35.0395 2336 Sftplay - ok
19:51:35.0412 2336 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:51:35.0413 2336 Sftredir - ok
19:51:35.0431 2336 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
19:51:35.0432 2336 Sftvol - ok
19:51:35.0450 2336 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:51:35.0452 2336 sftvsa - ok
19:51:35.0477 2336 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:51:35.0490 2336 ShellHWDetection - ok
19:51:35.0498 2336 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:51:35.0498 2336 SiSRaid2 - ok
19:51:35.0508 2336 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:51:35.0509 2336 SiSRaid4 - ok
19:51:35.0563 2336 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:51:35.0564 2336 Smb - ok
19:51:35.0613 2336 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:51:35.0614 2336 SNMPTRAP - ok
19:51:35.0633 2336 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:51:35.0634 2336 spldr - ok
19:51:35.0650 2336 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
19:51:35.0655 2336 Spooler - ok
19:51:35.0734 2336 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:51:35.0760 2336 sppsvc - ok
19:51:35.0780 2336 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:51:35.0782 2336 sppuinotify - ok
19:51:35.0789 2336 SRTSPX - ok
19:51:35.0827 2336 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:51:35.0831 2336 srv - ok
19:51:35.0845 2336 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:51:35.0848 2336 srv2 - ok
19:51:35.0897 2336 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:51:35.0899 2336 srvnet - ok
19:51:35.0919 2336 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:51:35.0922 2336 SSDPSRV - ok
19:51:35.0943 2336 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:51:35.0945 2336 SstpSvc - ok
19:51:35.0996 2336 Steam Client Service - ok
19:51:36.0023 2336 [ A52DDA7F28FF685AD63D77FE0549707E ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:51:36.0027 2336 Stereo Service - ok
19:51:36.0036 2336 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:51:36.0037 2336 stexstor - ok
19:51:36.0068 2336 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:51:36.0073 2336 stisvc - ok
19:51:36.0093 2336 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:51:36.0094 2336 swenum - ok
19:51:36.0118 2336 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:51:36.0122 2336 swprv - ok
19:51:36.0133 2336 SymDS - ok
19:51:36.0142 2336 SymEFA - ok
19:51:36.0152 2336 SymEvent - ok
19:51:36.0191 2336 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:51:36.0201 2336 SysMain - ok
19:51:36.0239 2336 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:51:36.0241 2336 TabletInputService - ok
19:51:36.0279 2336 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
19:51:36.0280 2336 tap0901t - ok
19:51:36.0300 2336 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:51:36.0304 2336 TapiSrv - ok
19:51:36.0324 2336 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:51:36.0326 2336 TBS - ok
19:51:36.0408 2336 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:51:36.0420 2336 Tcpip - ok
19:51:36.0475 2336 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:51:36.0486 2336 TCPIP6 - ok
19:51:36.0512 2336 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:51:36.0513 2336 tcpipreg - ok
19:51:36.0534 2336 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:51:36.0534 2336 TDPIPE - ok
19:51:36.0556 2336 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:51:36.0557 2336 TDTCP - ok
19:51:36.0580 2336 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:51:36.0581 2336 tdx - ok
19:51:36.0601 2336 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:51:36.0602 2336 TermDD - ok
19:51:36.0637 2336 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:51:36.0642 2336 TermService - ok
19:51:36.0662 2336 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:51:36.0664 2336 Themes - ok
19:51:36.0699 2336 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:51:36.0700 2336 THREADORDER - ok
19:51:36.0757 2336 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:51:36.0759 2336 TrkWks - ok
19:51:36.0801 2336 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:51:36.0802 2336 TrustedInstaller - ok
19:51:36.0823 2336 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:51:36.0825 2336 tssecsrv - ok
19:51:36.0847 2336 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:51:36.0848 2336 TsUsbFlt - ok
19:51:36.0866 2336 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:51:36.0866 2336 TsUsbGD - ok
19:51:36.0880 2336 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:51:36.0881 2336 tunnel - ok
19:51:36.0946 2336 [ 3DB1CE045A552161EF7252988752C65F ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
19:51:36.0951 2336 TunngleService - ok
19:51:36.0971 2336 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:51:36.0972 2336 uagp35 - ok
19:51:37.0007 2336 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:51:37.0010 2336 udfs - ok
19:51:37.0031 2336 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:51:37.0033 2336 UI0Detect - ok
19:51:37.0061 2336 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:51:37.0062 2336 uliagpkx - ok
19:51:37.0082 2336 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:51:37.0083 2336 umbus - ok
19:51:37.0103 2336 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:51:37.0103 2336 UmPass - ok
19:51:37.0133 2336 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:51:37.0136 2336 upnphost - ok
19:51:37.0174 2336 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:51:37.0175 2336 usbccgp - ok
19:51:37.0200 2336 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:51:37.0201 2336 usbcir - ok
19:51:37.0230 2336 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:51:37.0230 2336 usbehci - ok
19:51:37.0279 2336 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:51:37.0281 2336 usbhub - ok
19:51:37.0300 2336 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:51:37.0301 2336 usbohci - ok
19:51:37.0310 2336 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:51:37.0311 2336 usbprint - ok
19:51:37.0336 2336 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:51:37.0337 2336 USBSTOR - ok
19:51:37.0361 2336 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:51:37.0361 2336 usbuhci - ok
19:51:37.0376 2336 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:51:37.0378 2336 UxSms - ok
19:51:37.0385 2336 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:51:37.0387 2336 VaultSvc - ok
19:51:37.0404 2336 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:51:37.0404 2336 vdrvroot - ok
19:51:37.0433 2336 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:51:37.0437 2336 vds - ok
19:51:37.0453 2336 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:51:37.0454 2336 vga - ok
19:51:37.0474 2336 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:51:37.0476 2336 VgaSave - ok
19:51:37.0490 2336 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:51:37.0492 2336 vhdmp - ok
19:51:37.0512 2336 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:51:37.0512 2336 viaide - ok
19:51:37.0540 2336 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:51:37.0541 2336 volmgr - ok
19:51:37.0562 2336 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:51:37.0565 2336 volmgrx - ok
19:51:37.0614 2336 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:51:37.0617 2336 volsnap - ok
19:51:37.0642 2336 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:51:37.0643 2336 vsmraid - ok
19:51:37.0693 2336 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:51:37.0726 2336 VSS - ok
19:51:37.0863 2336 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
19:51:37.0868 2336 vToolbarUpdater12.2.6 - ok
19:51:37.0889 2336 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:51:37.0890 2336 vwifibus - ok
19:51:37.0923 2336 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:51:37.0924 2336 vwififlt - ok
19:51:37.0940 2336 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:51:37.0945 2336 W32Time - ok
19:51:37.0990 2336 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:51:37.0991 2336 WacomPen - ok
19:51:38.0011 2336 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:51:38.0012 2336 WANARP - ok
19:51:38.0019 2336 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:51:38.0020 2336 Wanarpv6 - ok
19:51:38.0101 2336 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:51:38.0109 2336 WatAdminSvc - ok
19:51:38.0156 2336 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:51:38.0166 2336 wbengine - ok
19:51:38.0201 2336 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:51:38.0204 2336 WbioSrvc - ok
19:51:38.0227 2336 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:51:38.0230 2336 wcncsvc - ok
19:51:38.0251 2336 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:51:38.0253 2336 WcsPlugInService - ok
19:51:38.0265 2336 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:51:38.0266 2336 Wd - ok
19:51:38.0289 2336 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:51:38.0293 2336 Wdf01000 - ok
19:51:38.0311 2336 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:51:38.0313 2336 WdiServiceHost - ok
19:51:38.0319 2336 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:51:38.0321 2336 WdiSystemHost - ok
19:51:38.0379 2336 [ 5941B8AA229C6E5D7924919D3EDE0843 ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
19:51:38.0381 2336 Web Assistant Updater - ok
19:51:38.0405 2336 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:51:38.0408 2336 WebClient - ok
19:51:38.0457 2336 [ 688399FF25A4012AF16DA2E5C3DAF050 ] WebOptimizer C:\Windows\system32\dmwu.exe
19:51:38.0465 2336 WebOptimizer - ok
19:51:38.0513 2336 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:51:38.0517 2336 Wecsvc - ok
19:51:38.0542 2336 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:51:38.0544 2336 wercplsupport - ok
19:51:38.0563 2336 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:51:38.0565 2336 WerSvc - ok
19:51:38.0581 2336 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:51:38.0581 2336 WfpLwf - ok
19:51:38.0595 2336 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:51:38.0596 2336 WIMMount - ok
19:51:38.0607 2336 WinHttpAutoProxySvc - ok
19:51:38.0664 2336 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:51:38.0667 2336 Winmgmt - ok
19:51:38.0717 2336 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:51:38.0732 2336 WinRM - ok
19:51:38.0808 2336 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:51:38.0809 2336 WinUsb - ok
19:51:38.0838 2336 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:51:38.0846 2336 Wlansvc - ok
19:51:38.0910 2336 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:51:38.0910 2336 wlcrasvc - ok
19:51:39.0010 2336 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:51:39.0023 2336 wlidsvc - ok
19:51:39.0044 2336 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:51:39.0045 2336 WmiAcpi - ok
19:51:39.0099 2336 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:51:39.0101 2336 wmiApSrv - ok
19:51:39.0137 2336 WMPNetworkSvc - ok
19:51:39.0160 2336 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:51:39.0162 2336 WPCSvc - ok
19:51:39.0178 2336 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:51:39.0180 2336 WPDBusEnum - ok
19:51:39.0208 2336 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:51:39.0209 2336 ws2ifsl - ok
19:51:39.0215 2336 WSearch - ok
19:51:39.0298 2336 [ D0697918519A4CF059C2C7E3B9E93A53 ] WSWNA3100 C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
19:51:39.0300 2336 WSWNA3100 - ok
19:51:39.0318 2336 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:51:39.0319 2336 WudfPf - ok
19:51:39.0357 2336 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:51:39.0359 2336 WUDFRd - ok
19:51:39.0384 2336 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:51:39.0387 2336 wudfsvc - ok
19:51:39.0407 2336 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:51:39.0410 2336 WwanSvc - ok
19:51:39.0433 2336 ================ Scan global ===============================
19:51:39.0465 2336 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:51:39.0501 2336 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:51:39.0509 2336 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:51:39.0537 2336 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:51:39.0566 2336 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
19:51:39.0570 2336 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
19:51:39.0570 2336 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
19:51:39.0571 2336 ================ Scan MBR ==================================
19:51:39.0575 2336 [ 70E629B51C16B3C007730C6AE57144C9 ] \Device\Harddisk0\DR0
19:51:39.0575 2336 Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:51:39.0625 2336 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
19:51:39.0625 2336 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
19:51:39.0693 2336 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:51:39.0693 2336 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:51:39.0694 2336 ================ Scan VBR ==================================
19:51:39.0697 2336 [ B7CAEC7C8BC77644351F08C502C2CB2A ] \Device\Harddisk0\DR0\Partition1
19:51:39.0699 2336 \Device\Harddisk0\DR0\Partition1 - ok
19:51:39.0703 2336 [ 80CE2CD362B2AC67F67980991AB1F004 ] \Device\Harddisk0\DR0\Partition2
19:51:39.0704 2336 \Device\Harddisk0\DR0\Partition2 - ok
19:51:39.0706 2336 ============================================================
19:51:39.0706 2336 Scan finished
19:51:39.0706 2336 ============================================================
19:51:39.0721 2892 Detected object count: 3
19:51:39.0721 2892 Actual detected object count: 3

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:18 PM

Posted 03 October 2012 - 07:08 PM

19:51:39.0570 2336 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
19:51:39.0625 2336 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
19:51:39.0693 2336 \Device\Harddisk0\DR0 ( TDSS File System ) - warning


Run TDSSkiller again and select

Virus.Win64.ZAccess.b -CURE
Rootkit.Boot.Pihar.c -CURE
TDSS File System -DELETE

Run TDSSkiller again and post the new log

#5 MrLimbo

MrLimbo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 03 October 2012 - 07:22 PM

20:16:49.0968 3676 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:16:49.0984 3676 ============================================================
20:16:49.0984 3676 Current date / time: 2012/10/03 20:16:49.0984
20:16:49.0984 3676 SystemInfo:
20:16:49.0984 3676
20:16:49.0984 3676 OS Version: 6.1.7601 ServicePack: 1.0
20:16:49.0984 3676 Product type: Workstation
20:16:49.0984 3676 ComputerName: KATHYRN-PC
20:16:49.0984 3676 UserName: Kathyrn
20:16:49.0984 3676 Windows directory: C:\Windows
20:16:49.0984 3676 System windows directory: C:\Windows
20:16:49.0984 3676 Running under WOW64
20:16:49.0984 3676 Processor architecture: Intel x64
20:16:49.0984 3676 Number of processors: 2
20:16:49.0984 3676 Page size: 0x1000
20:16:49.0984 3676 Boot type: Normal boot
20:16:49.0984 3676 ============================================================
20:16:53.0182 3676 BG loaded
20:16:53.0603 3676 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:16:53.0619 3676 ============================================================
20:16:53.0619 3676 \Device\Harddisk0\DR0:
20:16:53.0619 3676 MBR partitions:
20:16:53.0619 3676 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2710800, BlocksNum 0x32000
20:16:53.0619 3676 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2742800, BlocksNum 0x71FC3DB0
20:16:53.0619 3676 ============================================================
20:16:53.0634 3676 C: <-> \Device\Harddisk0\DR0\Partition2
20:16:53.0634 3676 ============================================================
20:16:53.0634 3676 Initialize success
20:16:53.0634 3676 ============================================================
20:17:11.0590 3868 ============================================================
20:17:11.0590 3868 Scan started
20:17:11.0590 3868 Mode: Manual;
20:17:11.0590 3868 ============================================================
20:17:17.0820 3868 ================ Scan system memory ========================
20:17:17.0820 3868 System memory - ok
20:17:17.0820 3868 ================ Scan services =============================
20:17:19.0474 3868 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:17:19.0490 3868 1394ohci - ok
20:17:19.0646 3868 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:17:19.0677 3868 ACPI - ok
20:17:19.0864 3868 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:17:19.0864 3868 AcpiPmi - ok
20:17:21.0440 3868 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:17:21.0471 3868 AdobeFlashPlayerUpdateSvc - ok
20:17:21.0580 3868 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:17:21.0596 3868 adp94xx - ok
20:17:21.0845 3868 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:17:21.0861 3868 adpahci - ok
20:17:21.0923 3868 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:17:21.0923 3868 adpu320 - ok
20:17:22.0064 3868 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:17:22.0064 3868 AeLookupSvc - ok
20:17:22.0204 3868 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:17:22.0204 3868 AFD - ok
20:17:22.0329 3868 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:17:22.0344 3868 agp440 - ok
20:17:22.0422 3868 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:17:22.0422 3868 ALG - ok
20:17:22.0532 3868 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:17:22.0594 3868 aliide - ok
20:17:22.0672 3868 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:17:22.0703 3868 amdide - ok
20:17:22.0719 3868 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:17:22.0734 3868 AmdK8 - ok
20:17:22.0781 3868 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:17:22.0781 3868 AmdPPM - ok
20:17:22.0859 3868 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:17:22.0922 3868 amdsata - ok
20:17:22.0984 3868 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:17:22.0984 3868 amdsbs - ok
20:17:23.0000 3868 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:17:23.0031 3868 amdxata - ok
20:17:23.0062 3868 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:17:23.0109 3868 AppID - ok
20:17:23.0140 3868 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:17:23.0140 3868 AppIDSvc - ok
20:17:23.0171 3868 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:17:23.0171 3868 Appinfo - ok
20:17:23.0327 3868 [ 52AD9ED5BD05E7801AF5EFD99652C74F ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
20:17:23.0343 3868 Application Updater - ok
20:17:23.0374 3868 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:17:23.0374 3868 arc - ok
20:17:23.0405 3868 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:17:23.0405 3868 arcsas - ok
20:17:23.0530 3868 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:17:23.0546 3868 aspnet_state - ok
20:17:23.0608 3868 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:17:23.0624 3868 AsyncMac - ok
20:17:23.0780 3868 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:17:23.0780 3868 atapi - ok
20:17:23.0826 3868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:17:23.0842 3868 AudioEndpointBuilder - ok
20:17:23.0904 3868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:17:23.0904 3868 AudioSrv - ok
20:17:23.0951 3868 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
20:17:23.0951 3868 avgtp - ok
20:17:23.0998 3868 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:17:23.0998 3868 AxInstSV - ok
20:17:24.0029 3868 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:17:24.0029 3868 b06bdrv - ok
20:17:24.0076 3868 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:17:24.0076 3868 b57nd60a - ok
20:17:24.0154 3868 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:17:24.0201 3868 BBSvc - ok
20:17:24.0731 3868 [ E49110A58A32E9450356686A95DD7763 ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
20:17:24.0747 3868 BCMH43XX - ok
20:17:24.0903 3868 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:17:24.0903 3868 BDESVC - ok
20:17:24.0996 3868 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:17:24.0996 3868 Beep - ok
20:17:25.0152 3868 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:17:25.0152 3868 blbdrive - ok
20:17:25.0324 3868 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:17:25.0324 3868 bowser - ok
20:17:25.0511 3868 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:17:25.0527 3868 BrFiltLo - ok
20:17:25.0574 3868 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:17:25.0589 3868 BrFiltUp - ok
20:17:25.0901 3868 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
20:17:25.0901 3868 Browser - ok
20:17:25.0995 3868 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:17:26.0057 3868 Brserid - ok
20:17:26.0073 3868 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:17:26.0088 3868 BrSerWdm - ok
20:17:26.0182 3868 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:17:26.0213 3868 BrUsbMdm - ok
20:17:26.0276 3868 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:17:26.0291 3868 BrUsbSer - ok
20:17:26.0369 3868 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:17:26.0385 3868 BTHMODEM - ok
20:17:26.0572 3868 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:17:26.0572 3868 bthserv - ok
20:17:26.0650 3868 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:17:26.0666 3868 cdfs - ok
20:17:26.0915 3868 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:17:26.0915 3868 cdrom - ok
20:17:27.0430 3868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:17:27.0430 3868 CertPropSvc - ok
20:17:27.0539 3868 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:17:27.0555 3868 circlass - ok
20:17:27.0648 3868 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:17:27.0664 3868 CLFS - ok
20:17:27.0945 3868 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:17:28.0194 3868 clr_optimization_v2.0.50727_32 - ok
20:17:28.0257 3868 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:17:28.0413 3868 clr_optimization_v2.0.50727_64 - ok
20:17:29.0286 3868 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:17:29.0770 3868 clr_optimization_v4.0.30319_32 - ok
20:17:29.0926 3868 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:17:30.0710 3868 clr_optimization_v4.0.30319_64 - ok
20:17:30.0881 3868 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:17:30.0928 3868 CmBatt - ok
20:17:30.0959 3868 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:17:30.0991 3868 cmdide - ok
20:17:31.0115 3868 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:17:31.0131 3868 CNG - ok
20:17:31.0225 3868 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:17:31.0240 3868 Compbatt - ok
20:17:31.0303 3868 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:17:31.0303 3868 CompositeBus - ok
20:17:31.0334 3868 COMSysApp - ok
20:17:31.0349 3868 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:17:31.0349 3868 crcdisk - ok
20:17:31.0490 3868 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:17:31.0490 3868 CryptSvc - ok
20:17:31.0786 3868 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:17:31.0802 3868 cvhsvc - ok
20:17:32.0129 3868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:17:32.0129 3868 DcomLaunch - ok
20:17:32.0239 3868 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:17:32.0285 3868 defragsvc - ok
20:17:32.0379 3868 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:17:32.0379 3868 DfsC - ok
20:17:32.0592 3868 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:17:32.0592 3868 Dhcp - ok
20:17:32.0670 3868 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:17:32.0670 3868 discache - ok
20:17:32.0763 3868 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:17:32.0779 3868 Disk - ok
20:17:33.0013 3868 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:17:33.0013 3868 Dnscache - ok
20:17:33.0091 3868 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:17:33.0107 3868 dot3svc - ok
20:17:33.0200 3868 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:17:33.0200 3868 DPS - ok
20:17:33.0325 3868 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:17:33.0356 3868 drmkaud - ok
20:17:33.0606 3868 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:17:33.0637 3868 DXGKrnl - ok
20:17:33.0684 3868 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:17:33.0684 3868 EapHost - ok
20:17:34.0620 3868 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:17:34.0713 3868 ebdrv - ok
20:17:34.0823 3868 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:17:34.0823 3868 EFS - ok
20:17:35.0228 3868 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:17:35.0259 3868 ehRecvr - ok
20:17:35.0337 3868 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:17:35.0337 3868 ehSched - ok
20:17:35.0478 3868 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:17:35.0478 3868 elxstor - ok
20:17:35.0509 3868 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:17:35.0509 3868 ErrDev - ok
20:17:35.0681 3868 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:17:35.0696 3868 EventSystem - ok
20:17:35.0883 3868 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:17:35.0946 3868 exfat - ok
20:17:35.0993 3868 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:17:36.0071 3868 fastfat - ok
20:17:36.0102 3868 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:17:36.0102 3868 Fax - ok
20:17:36.0164 3868 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:17:36.0180 3868 fdc - ok
20:17:36.0242 3868 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:17:36.0242 3868 fdPHost - ok
20:17:36.0305 3868 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:17:36.0320 3868 FDResPub - ok
20:17:36.0351 3868 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:17:36.0351 3868 FileInfo - ok
20:17:36.0383 3868 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:17:36.0383 3868 Filetrace - ok
20:17:36.0461 3868 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:17:36.0461 3868 flpydisk - ok
20:17:36.0570 3868 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:17:36.0570 3868 FltMgr - ok
20:17:37.0131 3868 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:17:37.0163 3868 FontCache - ok
20:17:37.0459 3868 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:17:37.0584 3868 FontCache3.0.0.0 - ok
20:17:38.0582 3868 [ 52B58A46BEEFB238C580B69FD051CB5B ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
20:17:38.0613 3868 ForceWare Intelligent Application Manager (IAM) - ok
20:17:38.0754 3868 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:17:38.0754 3868 FsDepends - ok
20:17:38.0832 3868 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:17:38.0941 3868 Fs_Rec - ok
20:17:39.0206 3868 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:17:39.0206 3868 fvevol - ok
20:17:39.0284 3868 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:17:39.0362 3868 gagp30kx - ok
20:17:39.0596 3868 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:17:39.0815 3868 GamesAppService - ok
20:17:39.0986 3868 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:17:40.0002 3868 gpsvc - ok
20:17:40.0283 3868 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
20:17:40.0283 3868 GREGService - ok
20:17:40.0345 3868 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
20:17:40.0345 3868 hamachi - ok
20:17:41.0651 3868 [ 21D24138B736983F6E23823E092E9428 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:17:41.0675 3868 Hamachi2Svc - ok
20:17:41.0826 3868 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:17:41.0849 3868 hcw85cir - ok
20:17:42.0033 3868 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:17:42.0071 3868 HdAudAddService - ok
20:17:42.0139 3868 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:17:42.0140 3868 HDAudBus - ok
20:17:42.0178 3868 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:17:42.0182 3868 HidBatt - ok
20:17:42.0212 3868 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:17:42.0231 3868 HidBth - ok
20:17:42.0244 3868 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:17:42.0247 3868 HidIr - ok
20:17:42.0307 3868 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:17:42.0308 3868 hidserv - ok
20:17:42.0335 3868 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:17:42.0335 3868 HidUsb - ok
20:17:42.0440 3868 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:17:42.0441 3868 hkmsvc - ok
20:17:42.0482 3868 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:17:42.0484 3868 HomeGroupListener - ok
20:17:42.0532 3868 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:17:42.0534 3868 HomeGroupProvider - ok
20:17:42.0569 3868 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:17:42.0572 3868 HpSAMD - ok
20:17:42.0660 3868 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:17:42.0664 3868 HTTP - ok
20:17:42.0714 3868 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:17:42.0714 3868 hwpolicy - ok
20:17:42.0759 3868 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:17:42.0760 3868 i8042prt - ok
20:17:42.0832 3868 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:17:42.0837 3868 iaStorV - ok
20:17:42.0957 3868 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:17:43.0006 3868 idsvc - ok
20:17:43.0034 3868 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:17:43.0047 3868 iirsp - ok
20:17:43.0146 3868 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:17:43.0152 3868 IKEEXT - ok
20:17:43.0410 3868 [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:17:43.0422 3868 IntcAzAudAddService - ok
20:17:43.0472 3868 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:17:43.0474 3868 intelide - ok
20:17:43.0524 3868 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
20:17:43.0526 3868 intelppm - ok
20:17:43.0564 3868 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:17:43.0566 3868 IPBusEnum - ok
20:17:43.0590 3868 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:17:43.0595 3868 IpFilterDriver - ok
20:17:43.0626 3868 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:17:43.0721 3868 IPMIDRV - ok
20:17:43.0930 3868 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:17:43.0948 3868 IPNAT - ok
20:17:44.0021 3868 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:17:44.0021 3868 IRENUM - ok
20:17:44.0062 3868 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:17:44.0068 3868 isapnp - ok
20:17:44.0130 3868 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:17:44.0172 3868 iScsiPrt - ok
20:17:44.0209 3868 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:17:44.0209 3868 kbdclass - ok
20:17:44.0274 3868 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:17:44.0294 3868 kbdhid - ok
20:17:44.0346 3868 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:17:44.0347 3868 KeyIso - ok
20:17:44.0402 3868 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:17:44.0414 3868 KSecDD - ok
20:17:44.0459 3868 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:17:44.0463 3868 KSecPkg - ok
20:17:44.0506 3868 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:17:44.0507 3868 ksthunk - ok
20:17:44.0558 3868 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:17:44.0598 3868 KtmRm - ok
20:17:44.0676 3868 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:17:44.0679 3868 LanmanServer - ok
20:17:44.0693 3868 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:17:44.0695 3868 LanmanWorkstation - ok
20:17:45.0338 3868 [ 4CCC8AABE7880C56BA10043B8FBCA3EB ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
20:17:45.0379 3868 LeapFrog Connect Device Service - ok
20:17:45.0430 3868 [ 797289607A5EBF31353AA5EAD141F872 ] Leapfrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
20:17:45.0434 3868 Leapfrog-USBLAN - ok
20:17:45.0582 3868 [ 6BCEE9C766815BFFF89DE7D81AF34CE1 ] Live Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
20:17:45.0584 3868 Live Updater Service - ok
20:17:45.0699 3868 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:17:45.0700 3868 lltdio - ok
20:17:45.0804 3868 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:17:45.0823 3868 lltdsvc - ok
20:17:45.0844 3868 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:17:45.0845 3868 lmhosts - ok
20:17:46.0023 3868 [ 98B0FCC176DFB711B67651BECB88C445 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
20:17:46.0025 3868 LMIGuardianSvc - ok
20:17:46.0070 3868 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
20:17:46.0071 3868 LMIInfo - ok
20:17:46.0139 3868 [ B712511029CBD68645A90A241FD6AE43 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
20:17:46.0140 3868 LMIMaint - ok
20:17:46.0195 3868 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
20:17:46.0196 3868 lmimirr - ok
20:17:46.0239 3868 LMIRfsClientNP - ok
20:17:46.0261 3868 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
20:17:46.0262 3868 LMIRfsDriver - ok
20:17:46.0293 3868 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
20:17:46.0296 3868 LogMeIn - ok
20:17:46.0343 3868 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:17:46.0356 3868 LSI_FC - ok
20:17:46.0375 3868 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:17:46.0390 3868 LSI_SAS - ok
20:17:46.0411 3868 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:17:46.0428 3868 LSI_SAS2 - ok
20:17:46.0446 3868 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:17:46.0462 3868 LSI_SCSI - ok
20:17:46.0493 3868 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:17:46.0493 3868 luafv - ok
20:17:46.0542 3868 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:17:46.0542 3868 MBAMProtector - ok
20:17:46.0752 3868 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:17:46.0754 3868 MBAMScheduler - ok
20:17:46.0939 3868 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:17:46.0943 3868 MBAMService - ok
20:17:46.0967 3868 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:17:46.0971 3868 Mcx2Svc - ok
20:17:47.0014 3868 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:17:47.0044 3868 megasas - ok
20:17:47.0438 3868 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:17:47.0481 3868 MegaSR - ok
20:17:47.0528 3868 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:17:47.0530 3868 MMCSS - ok
20:17:47.0570 3868 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:17:47.0575 3868 Modem - ok
20:17:47.0683 3868 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:17:47.0683 3868 monitor - ok
20:17:47.0840 3868 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:17:47.0841 3868 mouclass - ok
20:17:48.0046 3868 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:17:48.0047 3868 mouhid - ok
20:17:48.0107 3868 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:17:48.0108 3868 mountmgr - ok
20:17:48.0415 3868 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:17:48.0557 3868 MozillaMaintenance - ok
20:17:48.0625 3868 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:17:48.0733 3868 mpio - ok
20:17:48.0791 3868 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:17:48.0815 3868 mpsdrv - ok
20:17:48.0877 3868 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:17:48.0943 3868 MRxDAV - ok
20:17:49.0048 3868 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:17:49.0049 3868 mrxsmb - ok
20:17:49.0107 3868 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:17:49.0109 3868 mrxsmb10 - ok
20:17:49.0164 3868 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:17:49.0166 3868 mrxsmb20 - ok
20:17:49.0192 3868 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:17:49.0222 3868 msahci - ok
20:17:49.0271 3868 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:17:49.0280 3868 msdsm - ok
20:17:49.0300 3868 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:17:49.0348 3868 MSDTC - ok
20:17:49.0391 3868 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:17:49.0392 3868 Msfs - ok
20:17:49.0517 3868 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:17:49.0517 3868 mshidkmdf - ok
20:17:49.0546 3868 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:17:49.0577 3868 msisadrv - ok
20:17:49.0634 3868 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:17:49.0778 3868 MSiSCSI - ok
20:17:49.0787 3868 msiserver - ok
20:17:49.0829 3868 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:17:49.0831 3868 MSKSSRV - ok
20:17:49.0853 3868 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:17:49.0862 3868 MSPCLOCK - ok
20:17:49.0993 3868 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:17:50.0001 3868 MSPQM - ok
20:17:50.0035 3868 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:17:50.0075 3868 MsRPC - ok
20:17:50.0115 3868 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:17:50.0115 3868 mssmbios - ok
20:17:50.0154 3868 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:17:50.0163 3868 MSTEE - ok
20:17:50.0182 3868 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:17:50.0192 3868 MTConfig - ok
20:17:50.0218 3868 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:17:50.0219 3868 Mup - ok
20:17:50.0315 3868 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:17:50.0319 3868 napagent - ok
20:17:50.0380 3868 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:17:50.0382 3868 NativeWifiP - ok
20:17:50.0457 3868 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
20:17:50.0460 3868 NAUpdate - ok
20:17:50.0525 3868 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
20:17:50.0530 3868 NDIS - ok
20:17:50.0547 3868 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:17:50.0549 3868 NdisCap - ok
20:17:50.0582 3868 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:17:50.0582 3868 NdisTapi - ok
20:17:50.0616 3868 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:17:50.0617 3868 Ndisuio - ok
20:17:50.0654 3868 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:17:50.0655 3868 NdisWan - ok
20:17:50.0683 3868 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:17:50.0684 3868 NDProxy - ok
20:17:50.0721 3868 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:17:50.0722 3868 NetBIOS - ok
20:17:50.0783 3868 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:17:50.0785 3868 NetBT - ok
20:17:50.0806 3868 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:17:50.0807 3868 Netlogon - ok
20:17:50.0867 3868 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:17:50.0870 3868 Netman - ok
20:17:50.0919 3868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:17:50.0957 3868 NetMsmqActivator - ok
20:17:50.0973 3868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:17:50.0974 3868 NetPipeActivator - ok
20:17:51.0002 3868 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:17:51.0005 3868 netprofm - ok
20:17:51.0012 3868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:17:51.0014 3868 NetTcpActivator - ok
20:17:51.0022 3868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:17:51.0023 3868 NetTcpPortSharing - ok
20:17:51.0044 3868 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:17:51.0058 3868 nfrd960 - ok
20:17:51.0087 3868 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:17:51.0090 3868 NlaSvc - ok
20:17:51.0152 3868 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\Windows\system32\DRIVERS\npf.sys
20:17:51.0155 3868 NPF - ok
20:17:51.0183 3868 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:17:51.0184 3868 Npfs - ok
20:17:51.0213 3868 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:17:51.0214 3868 nsi - ok
20:17:51.0234 3868 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:17:51.0235 3868 nsiproxy - ok
20:17:51.0297 3868 [ 20E179A7FE78B37A02D30C4D34C870E7 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
20:17:51.0299 3868 nSvcIp - ok
20:17:51.0404 3868 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:17:51.0448 3868 Ntfs - ok
20:17:51.0477 3868 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:17:51.0477 3868 Null - ok
20:17:51.0514 3868 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
20:17:51.0518 3868 NVENETFD - ok
20:17:52.0427 3868 [ 4628FA8F0CC0D509BC14A223E99D36F3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:17:52.0564 3868 nvlddmkm - ok
20:17:52.0696 3868 [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
20:17:52.0698 3868 NVNET - ok
20:17:52.0745 3868 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:17:52.0747 3868 nvraid - ok
20:17:52.0785 3868 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:17:52.0787 3868 nvstor - ok
20:17:52.0813 3868 [ 1E45F96342429D63DC30E0D9117DA3D8 ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
20:17:52.0814 3868 nvstor64 - ok
20:17:52.0849 3868 [ 703F996312202D84663F7C8584ACAF55 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:17:52.0851 3868 nvsvc - ok
20:17:52.0873 3868 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:17:52.0875 3868 nv_agp - ok
20:17:52.0881 3868 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:17:52.0882 3868 ohci1394 - ok
20:17:52.0930 3868 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:17:52.0966 3868 ose - ok
20:17:53.0113 3868 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:17:53.0183 3868 osppsvc - ok
20:17:53.0647 3868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:17:53.0650 3868 p2pimsvc - ok
20:17:53.0681 3868 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:17:53.0685 3868 p2psvc - ok
20:17:53.0731 3868 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:17:53.0765 3868 Parport - ok
20:17:53.0961 3868 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:17:53.0962 3868 partmgr - ok
20:17:54.0088 3868 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:17:54.0090 3868 PcaSvc - ok
20:17:54.0423 3868 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:17:54.0478 3868 pci - ok
20:17:54.0587 3868 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:17:54.0637 3868 pciide - ok
20:17:54.0725 3868 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:17:54.0750 3868 pcmcia - ok
20:17:54.0769 3868 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:17:54.0771 3868 pcw - ok
20:17:54.0828 3868 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:17:54.0832 3868 PEAUTH - ok
20:17:55.0333 3868 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:17:55.0334 3868 PerfHost - ok
20:17:55.0740 3868 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:17:55.0756 3868 pla - ok
20:17:56.0081 3868 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:17:56.0088 3868 PlugPlay - ok
20:17:56.0159 3868 PnkBstrA - ok
20:17:56.0190 3868 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:17:56.0191 3868 PNRPAutoReg - ok
20:17:56.0302 3868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:17:56.0305 3868 PNRPsvc - ok
20:17:56.0357 3868 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:17:56.0366 3868 PolicyAgent - ok
20:17:56.0391 3868 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:17:56.0393 3868 Power - ok
20:17:56.0443 3868 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:17:56.0444 3868 PptpMiniport - ok
20:17:56.0466 3868 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:17:56.0468 3868 Processor - ok
20:17:56.0523 3868 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:17:56.0525 3868 ProfSvc - ok
20:17:56.0541 3868 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:17:56.0543 3868 ProtectedStorage - ok
20:17:56.0569 3868 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:17:56.0570 3868 Psched - ok
20:17:56.0694 3868 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:17:56.0745 3868 ql2300 - ok
20:17:56.0758 3868 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:17:56.0763 3868 ql40xx - ok
20:17:56.0799 3868 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:17:56.0801 3868 QWAVE - ok
20:17:56.0833 3868 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:17:56.0833 3868 QWAVEdrv - ok
20:17:56.0853 3868 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:17:56.0854 3868 RasAcd - ok
20:17:56.0895 3868 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:17:56.0895 3868 RasAgileVpn - ok
20:17:56.0914 3868 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:17:56.0916 3868 RasAuto - ok
20:17:56.0957 3868 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:17:56.0958 3868 Rasl2tp - ok
20:17:56.0988 3868 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:17:56.0991 3868 RasMan - ok
20:17:57.0026 3868 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:17:57.0027 3868 RasPppoe - ok
20:17:57.0057 3868 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:17:57.0058 3868 RasSstp - ok
20:17:57.0125 3868 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:17:57.0127 3868 rdbss - ok
20:17:57.0167 3868 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:17:57.0169 3868 rdpbus - ok
20:17:57.0180 3868 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:17:57.0181 3868 RDPCDD - ok
20:17:57.0211 3868 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:17:57.0211 3868 RDPENCDD - ok
20:17:57.0224 3868 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:17:57.0224 3868 RDPREFMP - ok
20:17:57.0260 3868 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:17:57.0262 3868 RDPWD - ok
20:17:57.0281 3868 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:17:57.0284 3868 rdyboost - ok
20:17:57.0320 3868 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:17:57.0322 3868 RemoteAccess - ok
20:17:57.0372 3868 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:17:57.0374 3868 RemoteRegistry - ok
20:17:57.0394 3868 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:17:57.0395 3868 RpcEptMapper - ok
20:17:57.0415 3868 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:17:57.0416 3868 RpcLocator - ok
20:17:57.0458 3868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:17:57.0462 3868 RpcSs - ok
20:17:57.0486 3868 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:17:57.0487 3868 rspndr - ok
20:17:57.0516 3868 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:17:57.0517 3868 SamSs - ok
20:17:57.0550 3868 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:17:57.0572 3868 sbp2port - ok
20:17:57.0616 3868 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:17:57.0618 3868 SCardSvr - ok
20:17:57.0782 3868 [ C81EB41E9FFC35560E5025891DC01A6E ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
20:17:57.0783 3868 SCDEmu - ok
20:17:57.0815 3868 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:17:57.0815 3868 scfilter - ok
20:17:57.0883 3868 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:17:57.0896 3868 Schedule - ok
20:17:57.0969 3868 [ 6011CDF54BB6F4C69F38FACCDAD73D7E ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys
20:17:58.0000 3868 SCMNdisP - ok
20:17:58.0035 3868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:17:58.0036 3868 SCPolicySvc - ok
20:17:58.0076 3868 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:17:58.0078 3868 SDRSVC - ok
20:17:58.0171 3868 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:17:58.0173 3868 SeaPort - ok
20:17:58.0210 3868 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:17:58.0211 3868 secdrv - ok
20:17:58.0231 3868 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:17:58.0232 3868 seclogon - ok
20:17:58.0249 3868 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:17:58.0251 3868 SENS - ok
20:17:58.0276 3868 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:17:58.0278 3868 SensrSvc - ok
20:17:58.0312 3868 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:17:58.0313 3868 Serenum - ok
20:17:58.0349 3868 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:17:58.0352 3868 Serial - ok
20:17:58.0368 3868 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:17:58.0370 3868 sermouse - ok
20:17:58.0407 3868 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:17:58.0409 3868 SessionEnv - ok
20:17:58.0554 3868 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:17:58.0886 3868 sffdisk - ok
20:17:58.0891 3868 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:17:58.0892 3868 sffp_mmc - ok
20:17:58.0903 3868 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:17:58.0904 3868 sffp_sd - ok
20:17:58.0927 3868 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:17:58.0928 3868 sfloppy - ok
20:17:59.0007 3868 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:17:59.0012 3868 Sftfs - ok
20:17:59.0163 3868 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:17:59.0166 3868 sftlist - ok
20:17:59.0247 3868 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:17:59.0249 3868 Sftplay - ok
20:17:59.0271 3868 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:17:59.0272 3868 Sftredir - ok
20:17:59.0298 3868 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:17:59.0299 3868 Sftvol - ok
20:17:59.0318 3868 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:17:59.0320 3868 sftvsa - ok
20:17:59.0428 3868 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:17:59.0431 3868 ShellHWDetection - ok
20:17:59.0438 3868 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:17:59.0439 3868 SiSRaid2 - ok
20:17:59.0446 3868 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:17:59.0448 3868 SiSRaid4 - ok
20:17:59.0480 3868 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:17:59.0537 3868 Smb - ok
20:17:59.0563 3868 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:17:59.0565 3868 SNMPTRAP - ok
20:17:59.0584 3868 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:17:59.0585 3868 spldr - ok
20:17:59.0625 3868 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
20:17:59.0629 3868 Spooler - ok
20:18:00.0068 3868 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:18:00.0087 3868 sppsvc - ok
20:18:00.0133 3868 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:18:00.0149 3868 sppuinotify - ok
20:18:00.0211 3868 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:18:00.0211 3868 srv - ok
20:18:00.0414 3868 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:18:00.0414 3868 srv2 - ok
20:18:00.0523 3868 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:18:00.0523 3868 srvnet - ok
20:18:00.0586 3868 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:18:00.0586 3868 SSDPSRV - ok
20:18:00.0617 3868 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:18:00.0617 3868 SstpSvc - ok
20:18:00.0648 3868 Steam Client Service - ok
20:18:00.0773 3868 [ A52DDA7F28FF685AD63D77FE0549707E ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:18:00.0773 3868 Stereo Service - ok
20:18:00.0789 3868 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:18:00.0804 3868 stexstor - ok
20:18:00.0867 3868 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:18:00.0882 3868 stisvc - ok
20:18:00.0898 3868 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:18:00.0898 3868 swenum - ok
20:18:00.0929 3868 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:18:00.0929 3868 swprv - ok
20:18:01.0007 3868 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:18:01.0007 3868 SysMain - ok
20:18:01.0038 3868 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:18:01.0038 3868 TabletInputService - ok
20:18:01.0069 3868 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
20:18:01.0069 3868 tap0901t - ok
20:18:01.0101 3868 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:18:01.0101 3868 TapiSrv - ok
20:18:01.0132 3868 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:18:01.0132 3868 TBS - ok
20:18:01.0210 3868 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:18:01.0257 3868 Tcpip - ok
20:18:01.0350 3868 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:18:01.0366 3868 TCPIP6 - ok
20:18:01.0413 3868 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:18:01.0413 3868 tcpipreg - ok
20:18:01.0444 3868 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:18:01.0459 3868 TDPIPE - ok
20:18:01.0506 3868 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:18:01.0522 3868 TDTCP - ok
20:18:01.0537 3868 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:18:01.0537 3868 tdx - ok
20:18:01.0553 3868 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:18:01.0553 3868 TermDD - ok
20:18:01.0647 3868 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:18:01.0647 3868 TermService - ok
20:18:01.0678 3868 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:18:01.0678 3868 Themes - ok
20:18:01.0709 3868 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:18:01.0709 3868 THREADORDER - ok
20:18:01.0756 3868 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:18:01.0756 3868 TrkWks - ok
20:18:01.0849 3868 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:18:01.0849 3868 TrustedInstaller - ok
20:18:01.0881 3868 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:18:01.0881 3868 tssecsrv - ok
20:18:01.0927 3868 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:18:01.0927 3868 TsUsbFlt - ok
20:18:01.0974 3868 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:18:01.0974 3868 TsUsbGD - ok
20:18:02.0037 3868 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:18:02.0037 3868 tunnel - ok
20:18:02.0193 3868 [ 3DB1CE045A552161EF7252988752C65F ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
20:18:02.0208 3868 TunngleService - ok
20:18:02.0224 3868 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:18:02.0224 3868 uagp35 - ok
20:18:02.0286 3868 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:18:02.0302 3868 udfs - ok
20:18:02.0364 3868 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:18:02.0364 3868 UI0Detect - ok
20:18:02.0364 3868 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:18:02.0380 3868 uliagpkx - ok
20:18:02.0411 3868 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:18:02.0411 3868 umbus - ok
20:18:02.0427 3868 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:18:02.0442 3868 UmPass - ok
20:18:02.0489 3868 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:18:02.0489 3868 upnphost - ok
20:18:02.0536 3868 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:18:02.0551 3868 usbccgp - ok
20:18:02.0598 3868 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:18:02.0614 3868 usbcir - ok
20:18:02.0645 3868 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:18:02.0645 3868 usbehci - ok
20:18:02.0723 3868 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:18:02.0723 3868 usbhub - ok
20:18:02.0754 3868 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:18:02.0754 3868 usbohci - ok
20:18:02.0785 3868 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:18:02.0801 3868 usbprint - ok
20:18:02.0832 3868 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:18:02.0832 3868 USBSTOR - ok
20:18:02.0863 3868 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:18:02.0879 3868 usbuhci - ok
20:18:02.0941 3868 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:18:02.0941 3868 UxSms - ok
20:18:02.0973 3868 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:18:02.0973 3868 VaultSvc - ok
20:18:03.0019 3868 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:18:03.0019 3868 vdrvroot - ok
20:18:03.0113 3868 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:18:03.0113 3868 vds - ok
20:18:03.0144 3868 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:18:03.0144 3868 vga - ok
20:18:03.0175 3868 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:18:03.0175 3868 VgaSave - ok
20:18:03.0191 3868 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:18:03.0207 3868 vhdmp - ok
20:18:03.0222 3868 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:18:03.0238 3868 viaide - ok
20:18:03.0253 3868 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:18:03.0253 3868 volmgr - ok
20:18:03.0285 3868 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:18:03.0285 3868 volmgrx - ok
20:18:03.0316 3868 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:18:03.0316 3868 volsnap - ok
20:18:03.0347 3868 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:18:03.0347 3868 vsmraid - ok
20:18:03.0456 3868 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:18:03.0456 3868 VSS - ok
20:18:03.0628 3868 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
20:18:03.0643 3868 vToolbarUpdater12.2.6 - ok
20:18:03.0659 3868 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:18:03.0659 3868 vwifibus - ok
20:18:03.0690 3868 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:18:03.0690 3868 vwififlt - ok
20:18:03.0706 3868 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:18:03.0706 3868 W32Time - ok
20:18:03.0737 3868 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:18:03.0753 3868 WacomPen - ok
20:18:03.0784 3868 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:18:03.0784 3868 WANARP - ok
20:18:03.0784 3868 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:18:03.0799 3868 Wanarpv6 - ok
20:18:03.0924 3868 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:18:03.0940 3868 WatAdminSvc - ok
20:18:04.0096 3868 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:18:04.0111 3868 wbengine - ok
20:18:04.0143 3868 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:18:04.0143 3868 WbioSrvc - ok
20:18:04.0158 3868 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:18:04.0158 3868 wcncsvc - ok
20:18:04.0189 3868 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:18:04.0189 3868 WcsPlugInService - ok
20:18:04.0221 3868 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:18:04.0252 3868 Wd - ok
20:18:04.0267 3868 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:18:04.0267 3868 Wdf01000 - ok
20:18:04.0283 3868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:18:04.0283 3868 WdiServiceHost - ok
20:18:04.0299 3868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:18:04.0299 3868 WdiSystemHost - ok
20:18:04.0439 3868 [ 5941B8AA229C6E5D7924919D3EDE0843 ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
20:18:04.0439 3868 Web Assistant Updater - ok
20:18:04.0470 3868 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:18:04.0470 3868 WebClient - ok
20:18:04.0720 3868 [ 688399FF25A4012AF16DA2E5C3DAF050 ] WebOptimizer C:\Windows\system32\dmwu.exe
20:18:04.0720 3868 WebOptimizer - ok
20:18:04.0751 3868 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:18:04.0751 3868 Wecsvc - ok
20:18:04.0782 3868 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:18:04.0782 3868 wercplsupport - ok
20:18:04.0829 3868 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:18:04.0829 3868 WerSvc - ok
20:18:04.0845 3868 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:18:04.0845 3868 WfpLwf - ok
20:18:04.0876 3868 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:18:04.0876 3868 WIMMount - ok
20:18:04.0891 3868 WinHttpAutoProxySvc - ok
20:18:04.0954 3868 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:18:04.0954 3868 Winmgmt - ok
20:18:05.0079 3868 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:18:05.0094 3868 WinRM - ok
20:18:05.0172 3868 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:18:05.0172 3868 WinUsb - ok
20:18:05.0219 3868 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:18:05.0235 3868 Wlansvc - ok
20:18:05.0313 3868 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:18:05.0328 3868 wlcrasvc - ok
20:18:05.0453 3868 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:18:05.0469 3868 wlidsvc - ok
20:18:05.0484 3868 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:18:05.0484 3868 WmiAcpi - ok
20:18:05.0515 3868 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:18:05.0515 3868 wmiApSrv - ok
20:18:05.0547 3868 WMPNetworkSvc - ok
20:18:05.0578 3868 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:18:05.0593 3868 WPCSvc - ok
20:18:05.0625 3868 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:18:05.0625 3868 WPDBusEnum - ok
20:18:05.0687 3868 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:18:05.0687 3868 ws2ifsl - ok
20:18:05.0687 3868 WSearch - ok
20:18:05.0827 3868 [ D0697918519A4CF059C2C7E3B9E93A53 ] WSWNA3100 C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
20:18:05.0827 3868 WSWNA3100 - ok
20:18:05.0859 3868 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:18:05.0859 3868 WudfPf - ok
20:18:05.0905 3868 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:18:05.0905 3868 WUDFRd - ok
20:18:05.0937 3868 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:18:05.0952 3868 wudfsvc - ok
20:18:06.0015 3868 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:18:06.0015 3868 WwanSvc - ok
20:18:06.0061 3868 ================ Scan global ===============================
20:18:06.0077 3868 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:18:06.0124 3868 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:18:06.0139 3868 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:18:06.0171 3868 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:18:06.0217 3868 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:18:06.0217 3868 [Global] - ok
20:18:06.0233 3868 ================ Scan MBR ==================================
20:18:06.0249 3868 [ 70E629B51C16B3C007730C6AE57144C9 ] \Device\Harddisk0\DR0
20:18:08.0557 3868 \Device\Harddisk0\DR0 - ok
20:18:08.0557 3868 ================ Scan VBR ==================================
20:18:08.0557 3868 [ B7CAEC7C8BC77644351F08C502C2CB2A ] \Device\Harddisk0\DR0\Partition1
20:18:08.0635 3868 \Device\Harddisk0\DR0\Partition1 - ok
20:18:08.0698 3868 [ 80CE2CD362B2AC67F67980991AB1F004 ] \Device\Harddisk0\DR0\Partition2
20:18:08.0823 3868 \Device\Harddisk0\DR0\Partition2 - ok
20:18:08.0823 3868 ============================================================
20:18:08.0823 3868 Scan finished
20:18:08.0823 3868 ============================================================
20:18:08.0838 1312 Detected object count: 0
20:18:08.0838 1312 Actual detected object count: 0

#6 MrLimbo

MrLimbo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 03 October 2012 - 07:43 PM

So problem solved?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:18 PM

Posted 03 October 2012 - 08:37 PM

Follow my instructions :)

#8 MrLimbo

MrLimbo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 03 October 2012 - 09:24 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-03 21:58:41
-----------------------------
21:58:41.758 OS Version: Windows x64 6.1.7601 Service Pack 1
21:58:41.758 Number of processors: 2 586 0x603
21:58:41.758 ComputerName: KATHYRN-PC UserName: Kathyrn
21:58:46.500 Initialize success
22:04:25.567 AVAST engine defs: 12100302
22:04:44.841 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006a
22:04:44.841 Disk 0 Vendor: ST310005 JC45 Size: 953869MB BusType: 3
22:04:44.881 Disk 0 MBR read successfully
22:04:44.881 Disk 0 MBR scan
22:04:44.891 Disk 0 unknown MBR code
22:04:44.921 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 20000 MB offset 2048
22:04:44.941 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 40962048
22:04:44.951 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 933767 MB offset 41166848
22:04:44.981 Disk 0 scanning C:\Windows\system32\drivers
22:04:54.679 Service scanning
22:05:16.977 Modules scanning
22:05:16.997 Disk 0 trace - called modules:
22:05:17.017 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
22:05:17.347 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80032f9060]
22:05:17.347 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8002b54b50]
22:05:17.357 5 ACPI.sys[fffff88000f8f7a1] -> nt!IofCallDriver -> \Device\0000006a[0xfffffa80030c5060]
22:05:18.507 AVAST engine scan C:\Windows
22:05:21.491 AVAST engine scan C:\Windows\system32
22:08:23.499 AVAST engine scan C:\Windows\system32\drivers
22:08:36.336 AVAST engine scan C:\Users\Kathyrn
22:19:35.148 AVAST engine scan C:\ProgramData
22:21:00.327 Scan finished successfully
22:23:45.925 Disk 0 MBR has been saved successfully to "C:\Users\Kathyrn\Documents\MBR.dat"
22:23:45.929 The log file has been saved successfully to "C:\Users\Kathyrn\Documents\aswMBR.txt"

#9 MrLimbo

MrLimbo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 03 October 2012 - 10:33 PM

C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.11 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.12 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.13 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.14 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.15 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.16 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.17 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:18 PM

Posted 04 October 2012 - 05:23 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#11 MrLimbo

MrLimbo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 04 October 2012 - 02:12 PM

alwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.02.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kathyrn :: KATHYRN-PC [administrator]

10/4/2012 1:02:46 PM
mbam-log-2012-10-04 (13-02-46).txt

Scan type: Full scan (C:\|D:\|E:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 591627
Time elapsed: 2 hour(s), 3 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 11
C:\TDSSKiller_Quarantine\03.10.2012_19.27.48\zasubsys0000\zafs0000\tsk0000.dta (Trojan.0access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\03.10.2012_19.27.48\zasubsys0000\zafs0000\tsk0001.dta (Trojan.Zaccess) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\03.10.2012_19.27.48\zasubsys0000\zafs0000\tsk0006.dta (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\03.10.2012_19.27.48\zasubsys0000\zafs0000\tsk0007.dta (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\03.10.2012_19.27.48\zasubsys0000\zafs0000\tsk0008.dta (Rootkit.0Access.64) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\03.10.2012_19.51.00\zasubsys0000\zafs0000\tsk0000.dta (Trojan.0access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\03.10.2012_19.51.00\zasubsys0000\zafs0000\tsk0001.dta (Trojan.Zaccess) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\03.10.2012_19.51.00\zasubsys0000\zafs0000\tsk0006.dta (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\03.10.2012_19.51.00\zasubsys0000\zafs0000\tsk0007.dta (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\03.10.2012_19.51.00\zasubsys0000\zafs0000\tsk0008.dta (Rootkit.0Access.64) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

Edited by MrLimbo, 04 October 2012 - 02:13 PM.


#12 MrLimbo

MrLimbo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 04 October 2012 - 02:19 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Kathyrn (administrator) on 04-10-2012 at 15:15:13
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

NVIDIA nForce 10/100/1000 Mbps Ethernet = Local Area Connection (Disconnected)
Wireless N-300 USB Adapter WNA3100 = Wireless Network Connection (Connected)
Hamachi Network Interface = Local Area Connection 2 (Connected)
TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="Local Area Connection 2" address=169.254.63.1 mask=255.255.255.0
add address name="Local Area Connection" address=192.168.137.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Kathyrn-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Tunngle:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)
Physical Address. . . . . . . . . : 00-FF-D4-92-80-7C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Wireless N-300 USB Adapter WNA3100
Physical Address. . . . . . . . . : E0-46-9A-B3-AC-47
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9c8d:e8f:5e09:22d3%12(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, October 04, 2012 3:04:50 PM
Lease Expires . . . . . . . . . . : Friday, October 05, 2012 3:04:50 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 316688026
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-59-01-B4-F8-0F-41-39-C9-6C
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
Physical Address. . . . . . . . . : F8-0F-41-39-C9-6C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-05-6F-6C-1F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8858:332b:d8ef:b699%16(Preferred)
IPv4 Address. . . . . . . . . . . : 5.111.108.31(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : Wednesday, October 03, 2012 8:12:09 PM
Lease Expires . . . . . . . . . . : Thursday, October 03, 2013 8:14:16 PM
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 5.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 461011326
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-59-01-B4-F8-0F-41-39-C9-6C
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Reusable ISATAP Interface {8403C896-CE59-4BAC-8A8F-C9051FF8D9E3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{08CC6DA5-65CA-4108-9CB0-12CC2310BA57}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D6FBA6F4-9DDF-4424-B31D-E32BF8B68EDB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 2607:f8b0:4006:802::1002
74.125.226.224
74.125.226.232
74.125.226.227
74.125.226.225
74.125.226.238
74.125.226.229
74.125.226.226
74.125.226.228
74.125.226.230
74.125.226.231
74.125.226.233


Pinging google.com [74.125.226.233] with 32 bytes of data:
Reply from 74.125.226.233: bytes=32 time=115ms TTL=54
Reply from 74.125.226.233: bytes=32 time=125ms TTL=54

Ping statistics for 74.125.226.233:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 115ms, Maximum = 125ms, Average = 120ms
Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=260ms TTL=49
Reply from 98.138.253.109: bytes=32 time=175ms TTL=49

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 175ms, Maximum = 260ms, Average = 217ms
Server: UnKnown
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
21...00 ff d4 92 80 7c ......TAP-Win32 Adapter V9 (Tunngle)
12...e0 46 9a b3 ac 47 ......Wireless N-300 USB Adapter WNA3100
11...f8 0f 41 39 c9 6c ......NVIDIA nForce 10/100/1000 Mbps Ethernet
16...7a 79 05 6f 6c 1f ......Hamachi Network Interface
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.2 30
5.0.0.0 255.0.0.0 On-link 5.111.108.31 9256
5.111.108.31 255.255.255.255 On-link 5.111.108.31 9256
5.255.255.255 255.255.255.255 On-link 5.111.108.31 9256
10.0.0.0 255.255.255.0 On-link 10.0.0.2 286
10.0.0.2 255.255.255.255 On-link 10.0.0.2 286
10.0.0.255 255.255.255.255 On-link 10.0.0.2 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 5.111.108.31 9256
224.0.0.0 240.0.0.0 On-link 10.0.0.2 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 5.111.108.31 9256
255.255.255.255 255.255.255.255 On-link 10.0.0.2 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
16 276 fe80::/64 On-link
12 286 fe80::/64 On-link
16 276 fe80::8858:332b:d8ef:b699/128
On-link
12 286 fe80::9c8d:e8f:5e09:22d3/128
On-link
1 306 ff00::/8 On-link
16 276 ff00::/8 On-link
12 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/04/2012 03:05:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 15.0.1.4631, time stamp: 0x5047f9c5
Faulting module name: xul.dll, version: 15.0.1.4631, time stamp: 0x5047f93b
Exception code: 0xc0000005
Fault offset: 0x0010e567
Faulting process id: 0xe804
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (10/04/2012 03:29:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/03/2012 10:24:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/03/2012 10:24:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/03/2012 08:22:32 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (10/03/2012 08:13:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2012 07:24:48 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
The system cannot find the file specified.
.

Error: (10/03/2012 07:24:48 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
The system cannot find the file specified.
.

Error: (10/03/2012 07:24:48 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
The system cannot find the file specified.
.

Error: (10/03/2012 07:23:53 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x18b4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (10/04/2012 02:54:31 AM) (Source: DCOM) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (10/03/2012 08:14:37 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (10/03/2012 08:14:37 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (10/03/2012 08:12:20 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (10/03/2012 08:12:18 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (10/03/2012 08:12:15 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/03/2012 07:07:08 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (10/03/2012 07:07:08 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (10/03/2012 07:06:19 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (10/03/2012 07:06:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (10/04/2012 03:05:01 PM) (Source: Application Error)(User: )
Description: firefox.exe15.0.1.46315047f9c5xul.dll15.0.1.46315047f93bc00000050010e567e80401cda25f627958c8C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll657386e4-0e56-11e2-b820-943bfcc20cd9

Error: (10/04/2012 03:29:28 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/03/2012 10:24:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kathyrn\Downloads\esetsmartinstaller_enu.exe

Error: (10/03/2012 10:24:36 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kathyrn\Downloads\esetsmartinstaller_enu.exe

Error: (10/03/2012 08:22:32 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (10/03/2012 08:13:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2012 07:24:48 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
The system cannot find the file specified.

Error: (10/03/2012 07:24:48 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
The system cannot find the file specified.

Error: (10/03/2012 07:24:48 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
The system cannot find the file specified.

Error: (10/03/2012 07:23:53 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c318b401cda1be155f07a0\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\ntdll.dll64f9ef50-0db1-11e2-917a-abe904b2aedb


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
18 Wheels of Steel: Haulin' (Version: )
1ClickDownloader (Version: 2.1 Build 26473)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.278)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Agatha Christie - 4:50 from Paddington (Version: 2.2.0.95)
Age of Empires III (Version: 1.00.0000)
American Conquest - Fight Back
ARMA: Cold War Assault
Ask Toolbar Updater (Version: 1.2.0.20007)
AVG Security Toolbar (Version: 12.2.5.32)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.0.610.0)
Brytenwalda version 1.396 (Version: 1.396)
Build-a-lot 2 (Version: 2.2.0.95)
Build Your Own Net Dream (remove only)
Bullet Run
Call of Cthulhu: Dark Corners of the Earth
Cheat Engine 6.1
Chuzzle Deluxe (Version: 2.2.0.95)
Cossacks II: Battle for Europe
Counter-Strike: Source
Crusader Kings II
D3DX10 (Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DivX Setup (Version: 2.6.1.8)
Dora's World Adventure (Version: 2.2.0.95)
Dual-Core Optimizer (Version: 1.1.4.0169)
eBay Worldwide (Version: 2.1.0901)
eMachines Games (Version: 1.0.2.4)
eMachines Recovery Management (Version: 5.00.3002)
eMachines Registration (Version: 1.03.3003)
eMachines ScreenSaver (Version: 1.1.0221.2011)
eMachines Updater (Version: 1.02.3005)
ESET Online Scanner v3
Europa Barbarorum 1.2
Europa Universalis III
Evernote v. 4.5.1 (Version: 4.5.1.5451)
Final Drive: Nitro (Version: 2.2.0.95)
Floris Mod Pack 2.533
Fooz Kids (Version: 3.0.8)
Fooz Kids Platform (Version: 2.1)
Fraps (remove only)
FTL version 1.01 (Version: 1.01)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
GameFly (Version: 1.0.1805)
Garry's Mod
Google Chrome (Version: 22.0.1229.79)
Gothic 3 - Forsaken Gods (Version: 1.85.22737.36)
Grand Theft Auto: San Andreas
Hotkey Utility (Version: 2.05.3014)
Identity Card (Version: 1.00.3006)
Inbox Toolbar (Version: 2.0.0.13)
Incredibar Toolbar on IE
Internet TV for Windows Media Center (Version: 4.2.2.0)
IObit Toolbar v6.3 (Version: 6.3)
Jagged Alliance - Back in Action Demo
Jagged Alliance 2 (Version: 1.1.2.0)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 3 (Version: 7.0.30)
Jewel Quest Heritage (Version: 2.2.0.95)
Jibbin version March 2010 (Version: March 2010)
Junk Mail filter update (Version: 15.4.3502.0922)
LeapFrog Connect (Version: 4.0.33.15045)
LeapFrog LeapPad Explorer Plugin (Version: 4.1.7.15314)
Left 4 Dead 2
LogMeIn (Version: 4.1.2450)
LogMeIn Hamachi (Version: 2.1.0.210)
Mafia
Mall Tycoon 3
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Medieval II: Total War
Men of War: Assault Squad
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Mount & Blade: Warband
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
Namco All-Stars: PAC-MAN (Version: 2.2.0.95)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.5.10000)
Nero Express 10 (Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10300)
Nero StartSmart 10 (Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (Version: 10.5.10000)
Nero Update (Version: 1.0.0018)
NETGEAR WNA3100 wireless USB 2.0 adapter (Version: 1.01.206)
NOOK for PC (Version: 2.5.1.237)
North&South First Manassas (Version: 0.2b)
Notepad++ (Version: 6.1.2)
NVIDIA Display Control Panel (Version: 1.10)
NVIDIA Drivers (Version: 1.10.57.35)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7316)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6684)
OpenAL
Origin (Version: 8.6.0.357)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
PowerISO (Version: 5.0)
PunkBuster Services (Version: 0.993)
Rainmeter (Version: 2.4 beta r1617)
Realtek High Definition Audio Driver (Version: 6.0.1.6045)
Rome: Total War Gold Edition
RTKXI (Version: 1.00.0000)
Skype™ 5.0 (Version: 5.0.152)
Sniper Elite
Star Wars: The Old Republic (Version: 1.00)
Steam (Version: 1.0.0.0)
Sword of Damocles: Warlords 3.92 (Version: 3.92)
System Requirements Lab CYRI (Version: 4.5.1.0)
Team Fortress 2
TeamSpeak 3 Client (Version: 3.0.8.1)
Terraria
The Movies™ (Version: 1.0)
The Movies™ Stunts & Effects (Version: 1.0)
The Movies™ Stunts & Effects (Version: 1.2)
The Peloponnesian War 0.5 (Version: 0.5)
The Sims Medieval (Version: 1.0.0)
The Sims™ 3 (Version: 1.17.60)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Late Night (Version: 6.0.81)
The Spirit Engine 2 (Version: 1.06)
The Walking Dead
Thief - Deadly Shadows (Version: 1.0.0.1)
Thief 2 The Metal Age 1.18
Times Reader (Version: 2.055)
Torchlight (Version: 2.2.0.95)
Total War: SHOGUN 2
Tunngle beta
UltraISO Premium V9.52
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
Vampire - The Masquerade Bloodlines (Version: 1.00.0000)
Vampire - The Masquerade Bloodlines (Version: 1.2)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
VLC media player 1.1.11 (Version: 1.1.11)
War of the Roses Beta
Web Assistant 2.0.0.485 (Version: 2.0.0.485)
Web Optimizer (Version: 2.0.0.2)
Welcome Center (Version: 1.02.3504)
WildTangent Games App (eMachines Games) (Version: 4.0.3.57)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
Yontoo 1.10.02 (Version: 1.10.02)
Zuma's Revenge (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 88%
Total physical RAM: 2815.37 MB
Available physical RAM: 328.32 MB
Total Pagefile: 5628.93 MB
Available Pagefile: 2379.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3956.39 MB

========================= Partitions: =====================================

1 Drive c: (eMachines) (Fixed) (Total:911.88 GB) (Free:583.41 GB) NTFS
2 Drive d: (Sims3) (CDROM) (Total:5.54 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\KATHYRN-PC

Administrator Guest Kathyrn

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

03-10-2012 23:01:37 Removed Crusader Kings
03-10-2012 23:10:03 Removed GTA2
03-10-2012 23:22:57 Removed Norton Online Backup
03-10-2012 23:24:47 Removed Password Breaker
04-10-2012 02:55:15 avast! Free Antivirus Setup
04-10-2012 02:56:11 avast! Free Antivirus Setup

**** End of log ****

#13 MrLimbo

MrLimbo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 04 October 2012 - 02:21 PM

Farbar Service Scanner Version: 19-09-2012
Ran by Kathyrn (administrator) on 04-10-2012 at 15:20:57
Running from "C:\Users\Kathyrn\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#14 MrLimbo

MrLimbo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 04 October 2012 - 02:27 PM

# AdwCleaner v2.003 - Logfile created 10/04/2012 at 15:23:05
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Kathyrn - KATHYRN-PC
# Boot Mode : Normal
# Running from : C:\Users\Kathyrn\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Application Updater
Stopped & Deleted : Web Assistant Updater

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Kathyrn\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Program Files (x86)\Inbox Toolbar
Folder Deleted : C:\Program Files (x86)\incredibar.com
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Kathyrn\AppData\Local\APN
Folder Deleted : C:\Users\Kathyrn\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Kathyrn\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Deleted : C:\Users\Kathyrn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Folder Deleted : C:\Users\Kathyrn\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Deleted : C:\Users\Kathyrn\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Kathyrn\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\Kathyrn\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Kathyrn\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\Kathyrn\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Kathyrn\AppData\Roaming\Mozilla\Firefox\Profiles\b7uudoyu.default\extensions\inboxcomtoolbar@inbox.com
Folder Deleted : C:\Users\Kathyrn\AppData\Roaming\Mozilla\Firefox\Profiles\b7uudoyu.default\Inbox Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Inbox Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.AppServer
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.IBX404
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.JSServer
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\Inbox Toolbar
Key Deleted : HKLM\Software\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SweetIm
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxToolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb128?a=6OyFc10Gho&i=26 --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Kathyrn\AppData\Roaming\Mozilla\Firefox\Profiles\b7uudoyu.default\prefs.js

Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.startup.homepage", "hxxp://www.ask.com/?l=dis&o=14196");

-\\ Google Chrome v22.0.1229.79

File : C:\Users\Kathyrn\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.15] : homepage = "hxxp://www.ask.com/?l=dis&o=14196cr",
Deleted [l.52] : icon_url = "hxxps://isearch.avg.com/favicon.ico",
Deleted [l.55] : keyword = "isearch.avg.com",
Deleted [l.58] : search_url = "hxxps://isearch.avg.com/search?cid={146D77AD-E9E3-4B8E-B2B9-D043A3FFF807}&mid=7c0c6720aca347d0aed111e1dbb655ec-116de1039e5c3b2617413d567ffa93fc329a32bd&lang=en&ds=st011&pr=sa&d=2012-03-30 15:47:24&v=12.2.5.32&sap=dsp&q={searchTerms}",
Deleted [l.1504] : homepage = "hxxp://www.ask.com/?l=dis&o=14196cr",

*************************

AdwCleaner[S1].txt - [21949 octets] - [04/10/2012 15:23:05]

########## EOF - C:\AdwCleaner[S1].txt - [22010 octets] ##########

#15 MrLimbo

MrLimbo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 04 October 2012 - 02:41 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.2.3 (10.03.2012)
OS: Windows 7 Home Premium x64
Ran by Kathyrn on Thu 10/04/2012 at 15:40:31.23
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\stats\{336d0c35-8a85-403a-b9d2-65c292c39087}
Successfully deleted: [KEY] "hkey_current_user\software\im"
Successfully deleted: [KEY] "hkey_current_user\software\incredimail"
Successfully deleted: [KEY] "hkey_current_user\software\microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-1203905027-535942623-569308429-1000\software\web assistant"



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Thu 10/04/2012 at 15:40:51.35
End of Report




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users