Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

browser hijack to merchantcircle.com etc


  • Please log in to reply
14 replies to this topic

#1 wa5ngp

wa5ngp

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 09 October 2012 - 02:42 PM

I am having the same problem listed in

http://www.bleepingcomputer.com/forums/topic470897.html

After doing a search I get hijacked sometimes to the following:

click.scour.com
Livesearchnow.com
Urlseek90.vmn.net
lowdownlist.com
merchantcircle.com (most frequently)

it is not consistent.
last week I changed my dns to opendns and the problem went away for 2 days but then came back.

I am running latest Security Essentials
running W7 on Lenovo W500 with autoupdates on


I have run malwarebytes, tdsskiller, asmwbr, esetsmartin there were some things to clean up but there was NO relief for this browser hijack.

Its time for experts like you to have a look with me. thanks in advance.
don

Edited by wa5ngp, 09 October 2012 - 02:43 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 09 October 2012 - 02:50 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 wa5ngp

wa5ngp
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 09 October 2012 - 04:39 PM

ok, here are the results. After running those I still get the redirect. Here is an example where my browser went after doing a search on dried out play doh.

http://63.209.69.107/search/web/fix+dried+out+play+doh/6678_a10/46573-143565-989-27681/v5

results from
/////////////////////////////////////////////////////////////////////////////////////////////////////
Tdsskiller
16:24:12.0580 1680 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
16:24:13.0173 1680 ============================================================
16:24:13.0173 1680 Current date / time: 2012/10/09 16:24:13.0173
16:24:13.0173 1680 SystemInfo:
16:24:13.0173 1680
16:24:13.0173 1680 OS Version: 6.1.7601 ServicePack: 1.0
16:24:13.0173 1680 Product type: Workstation
16:24:13.0173 1680 ComputerName: TPW7
16:24:13.0173 1680 UserName: don
16:24:13.0173 1680 Windows directory: C:\Windows
16:24:13.0173 1680 System windows directory: C:\Windows
16:24:13.0173 1680 Processor architecture: Intel x86
16:24:13.0173 1680 Number of processors: 2
16:24:13.0173 1680 Page size: 0x1000
16:24:13.0173 1680 Boot type: Normal boot
16:24:13.0173 1680 ============================================================
16:24:14.0307 1680 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
16:24:14.0309 1680 ============================================================
16:24:14.0309 1680 \Device\Harddisk0\DR0:
16:24:14.0312 1680 MBR partitions:
16:24:14.0312 1680 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x11690800
16:24:14.0312 1680 ============================================================
16:24:14.0325 1680 C: <-> \Device\Harddisk0\DR0\Partition1
16:24:14.0325 1680 ============================================================
16:24:14.0325 1680 Initialize success
16:24:14.0325 1680 ============================================================
16:24:24.0845 5688 Deinitialize success

//////////////////////////////////////////////////////////////////////////////////////////////////////////
results from avast
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-09 14:55:44
-----------------------------
14:55:44.313 OS Version: Windows 6.1.7601 Service Pack 1
14:55:44.313 Number of processors: 2 586 0x1706
14:55:44.314 ComputerName: TPW7 UserName: don
14:55:53.635 Initialize success
14:56:02.598 AVAST engine defs: 12100800
14:56:52.402 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:56:52.405 Disk 0 Vendor: HITACHI_HTS723216L9SA60 FC2ZC50A Size: 152627MB BusType: 11
14:56:52.427 Disk 0 MBR read successfully
14:56:52.431 Disk 0 MBR scan
14:56:52.435 Disk 0 Windows 7 default MBR code
14:56:52.439 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 10000 MB offset 2048
14:56:52.459 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 142625 MB offset 20482048
14:56:52.466 Disk 0 scanning sectors +312578048
14:56:52.530 Disk 0 scanning C:\Windows\system32\drivers
14:57:00.057 Service scanning
14:57:10.826 Service MpKsl57415e04 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F45B497C-FAC7-4021-926F-9463769B75DE}\MpKsl57415e04.sys **LOCKED** 32
14:57:24.092 Modules scanning
14:57:32.254 Disk 0 trace - called modules:
14:57:32.265
14:57:32.802 AVAST engine scan C:\
15:08:24.369 Disk 0 MBR has been saved successfully to "C:\Users\don\Desktop\MBR.dat"
15:08:24.377 The log file has been saved successfully to "C:\Users\don\Desktop\aswMBR_oct9.txt"
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
eset did not find anything now although it did find and eliminate this yesterday Oct 8, but it did not solve the redirect problem.

C:\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined

esetnod32_antivirus
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////


ready for the next assignment. tks Don

Edited by wa5ngp, 09 October 2012 - 04:40 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 09 October 2012 - 05:06 PM

TDSSkiller log is incomplete.Post the complete log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 wa5ngp

wa5ngp
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 09 October 2012 - 06:11 PM

I did not realize that Tdsskiller created 2 files, here is the larger one created earlier that I did not include before.

On the others should I turnoff Microsoft AV first?

///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

17:58:24.0761 4632 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:58:25.0351 4632 ============================================================
17:58:25.0351 4632 Current date / time: 2012/10/09 17:58:25.0351
17:58:25.0351 4632 SystemInfo:
17:58:25.0351 4632
17:58:25.0351 4632 OS Version: 6.1.7601 ServicePack: 1.0
17:58:25.0351 4632 Product type: Workstation
17:58:25.0351 4632 ComputerName: TPW7
17:58:25.0352 4632 UserName: don
17:58:25.0352 4632 Windows directory: C:\Windows
17:58:25.0352 4632 System windows directory: C:\Windows
17:58:25.0352 4632 Processor architecture: Intel x86
17:58:25.0352 4632 Number of processors: 2
17:58:25.0352 4632 Page size: 0x1000
17:58:25.0352 4632 Boot type: Normal boot
17:58:25.0352 4632 ============================================================
17:58:26.0659 4632 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
17:58:26.0661 4632 ============================================================
17:58:26.0661 4632 \Device\Harddisk0\DR0:
17:58:26.0661 4632 MBR partitions:
17:58:26.0661 4632 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x11690800
17:58:26.0661 4632 ============================================================
17:58:26.0686 4632 C: <-> \Device\Harddisk0\DR0\Partition1
17:58:26.0686 4632 ============================================================
17:58:26.0686 4632 Initialize success
17:58:26.0686 4632 ============================================================
18:00:48.0943 4132 ============================================================
18:00:48.0943 4132 Scan started
18:00:48.0943 4132 Mode: Manual; TDLFS;
18:00:48.0943 4132 ============================================================
18:00:49.0140 4132 ================ Scan system memory ========================
18:00:49.0140 4132 System memory - ok
18:00:49.0140 4132 ================ Scan services =============================
18:00:49.0297 4132 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
18:00:49.0299 4132 1394ohci - ok
18:00:49.0322 4132 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:00:49.0326 4132 ACPI - ok
18:00:49.0353 4132 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:00:49.0354 4132 AcpiPmi - ok
18:00:49.0429 4132 [ DEECCADBD25F65D65293A09721B3A447 ] AcPrfMgrSvc C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
18:00:49.0431 4132 AcPrfMgrSvc - ok
18:00:49.0443 4132 [ A7753804C6C66C9C80F4E29659FD721C ] AcSvc C:\Program Files\Lenovo\Access Connections\AcSvc.exe
18:00:49.0448 4132 AcSvc - ok
18:00:49.0527 4132 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:00:49.0529 4132 AdobeARMservice - ok
18:00:49.0595 4132 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:00:49.0597 4132 AdobeFlashPlayerUpdateSvc - ok
18:00:49.0641 4132 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:00:49.0648 4132 adp94xx - ok
18:00:49.0662 4132 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:00:49.0667 4132 adpahci - ok
18:00:49.0691 4132 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:00:49.0694 4132 adpu320 - ok
18:00:49.0716 4132 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:00:49.0718 4132 AeLookupSvc - ok
18:00:49.0745 4132 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:00:49.0750 4132 AFD - ok
18:00:49.0776 4132 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:00:49.0778 4132 agp440 - ok
18:00:49.0806 4132 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:00:49.0808 4132 aic78xx - ok
18:00:49.0830 4132 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:00:49.0832 4132 ALG - ok
18:00:49.0862 4132 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:00:49.0863 4132 aliide - ok
18:00:49.0887 4132 [ D4713285C6F84272635DFE73BD9ED389 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:00:49.0889 4132 AMD External Events Utility - ok
18:00:49.0905 4132 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:00:49.0906 4132 amdagp - ok
18:00:49.0913 4132 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:00:49.0914 4132 amdide - ok
18:00:49.0941 4132 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:00:49.0943 4132 AmdK8 - ok
18:00:50.0057 4132 [ 3A894B97304C06FF46B5E7B6D1936BC3 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
18:00:50.0126 4132 amdkmdag - ok
18:00:50.0159 4132 [ 8E1023B042F6502CC83308FB1EBF5AA2 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:00:50.0160 4132 amdkmdap - ok
18:00:50.0180 4132 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:00:50.0181 4132 AmdPPM - ok
18:00:50.0205 4132 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:00:50.0207 4132 amdsata - ok
18:00:50.0236 4132 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:00:50.0239 4132 amdsbs - ok
18:00:50.0249 4132 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:00:50.0250 4132 amdxata - ok
18:00:50.0274 4132 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:00:50.0275 4132 AppID - ok
18:00:50.0314 4132 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:00:50.0315 4132 AppIDSvc - ok
18:00:50.0327 4132 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
18:00:50.0328 4132 Appinfo - ok
18:00:50.0377 4132 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:00:50.0379 4132 Apple Mobile Device - ok
18:00:50.0407 4132 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:00:50.0410 4132 AppMgmt - ok
18:00:50.0419 4132 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
18:00:50.0421 4132 arc - ok
18:00:50.0441 4132 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:00:50.0443 4132 arcsas - ok
18:00:50.0541 4132 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:00:50.0542 4132 aspnet_state - ok
18:00:50.0566 4132 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:00:50.0567 4132 AsyncMac - ok
18:00:50.0590 4132 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:00:50.0591 4132 atapi - ok
18:00:50.0715 4132 [ 3A894B97304C06FF46B5E7B6D1936BC3 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:00:50.0784 4132 atikmdag - ok
18:00:50.0830 4132 [ 7C9E8F49ABF92176A11539001E2D24D5 ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
18:00:50.0833 4132 ATSwpWDF - ok
18:00:50.0873 4132 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:00:50.0880 4132 AudioEndpointBuilder - ok
18:00:50.0890 4132 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:00:50.0892 4132 Audiosrv - ok
18:00:50.0922 4132 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:00:50.0924 4132 AxInstSV - ok
18:00:50.0955 4132 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
18:00:50.0962 4132 b06bdrv - ok
18:00:50.0993 4132 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:00:50.0996 4132 b57nd60x - ok
18:00:51.0048 4132 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
18:00:51.0052 4132 BBSvc - ok
18:00:51.0074 4132 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:00:51.0076 4132 BDESVC - ok
18:00:51.0089 4132 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:00:51.0090 4132 Beep - ok
18:00:51.0130 4132 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:00:51.0138 4132 BFE - ok
18:00:51.0172 4132 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
18:00:51.0182 4132 BITS - ok
18:00:51.0209 4132 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:00:51.0210 4132 blbdrive - ok
18:00:51.0262 4132 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:00:51.0268 4132 Bonjour Service - ok
18:00:51.0293 4132 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:00:51.0294 4132 bowser - ok
18:00:51.0316 4132 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:00:51.0317 4132 BrFiltLo - ok
18:00:51.0328 4132 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:00:51.0329 4132 BrFiltUp - ok
18:00:51.0359 4132 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:00:51.0361 4132 BridgeMP - ok
18:00:51.0386 4132 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:00:51.0388 4132 Browser - ok
18:00:51.0401 4132 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:00:51.0405 4132 Brserid - ok
18:00:51.0418 4132 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:00:51.0420 4132 BrSerWdm - ok
18:00:51.0431 4132 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:00:51.0432 4132 BrUsbMdm - ok
18:00:51.0443 4132 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:00:51.0444 4132 BrUsbSer - ok
18:00:51.0490 4132 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:00:51.0491 4132 BthEnum - ok
18:00:51.0507 4132 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:00:51.0509 4132 BTHMODEM - ok
18:00:51.0531 4132 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:00:51.0533 4132 BthPan - ok
18:00:51.0569 4132 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:00:51.0575 4132 BTHPORT - ok
18:00:51.0610 4132 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:00:51.0612 4132 bthserv - ok
18:00:51.0627 4132 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:00:51.0629 4132 BTHUSB - ok
18:00:51.0732 4132 catchme - ok
18:00:51.0754 4132 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:00:51.0755 4132 cdfs - ok
18:00:51.0785 4132 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:00:51.0787 4132 cdrom - ok
18:00:51.0792 4132 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:00:51.0794 4132 CertPropSvc - ok
18:00:51.0822 4132 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
18:00:51.0823 4132 circlass - ok
18:00:51.0852 4132 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:00:51.0855 4132 CLFS - ok
18:00:51.0906 4132 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:00:51.0908 4132 clr_optimization_v2.0.50727_32 - ok
18:00:51.0953 4132 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:00:51.0956 4132 clr_optimization_v4.0.30319_32 - ok
18:00:51.0984 4132 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:00:51.0985 4132 CmBatt - ok
18:00:52.0007 4132 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:00:52.0008 4132 cmdide - ok
18:00:52.0044 4132 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
18:00:52.0049 4132 CNG - ok
18:00:52.0093 4132 [ 225E3E97021D72067AB359A295BF8C6F ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
18:00:52.0100 4132 CnxtHdAudService - ok
18:00:52.0128 4132 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:00:52.0128 4132 Compbatt - ok
18:00:52.0162 4132 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:00:52.0164 4132 CompositeBus - ok
18:00:52.0177 4132 COMSysApp - ok
18:00:52.0188 4132 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:00:52.0189 4132 crcdisk - ok
18:00:52.0228 4132 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:00:52.0229 4132 CryptSvc - ok
18:00:52.0249 4132 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
18:00:52.0255 4132 CSC - ok
18:00:52.0284 4132 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
18:00:52.0293 4132 CscService - ok
18:00:52.0320 4132 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:00:52.0323 4132 DcomLaunch - ok
18:00:52.0355 4132 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:00:52.0358 4132 defragsvc - ok
18:00:52.0386 4132 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:00:52.0387 4132 DfsC - ok
18:00:52.0415 4132 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:00:52.0420 4132 Dhcp - ok
18:00:52.0436 4132 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:00:52.0437 4132 discache - ok
18:00:52.0470 4132 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
18:00:52.0470 4132 Disk - ok
18:00:52.0485 4132 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
18:00:52.0487 4132 dmvsc - ok
18:00:52.0504 4132 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:00:52.0507 4132 Dnscache - ok
18:00:52.0530 4132 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:00:52.0534 4132 dot3svc - ok
18:00:52.0561 4132 [ 6D279BB0DE1D8E34F454E1B353F4D738 ] DozeHDD C:\Windows\system32\DRIVERS\DozeHDD.sys
18:00:52.0562 4132 DozeHDD - ok
18:00:52.0626 4132 [ A4ECDD165B0F7EE9E44A569881F4CA6D ] DozeSvc C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
18:00:52.0631 4132 DozeSvc - ok
18:00:52.0644 4132 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:00:52.0646 4132 DPS - ok
18:00:52.0667 4132 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:00:52.0668 4132 drmkaud - ok
18:00:52.0696 4132 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:00:52.0700 4132 DXGKrnl - ok
18:00:52.0724 4132 [ C90CE29DF8B9836CC6514CE9F53D0EB5 ] e1yexpress C:\Windows\system32\DRIVERS\e1y6032.sys
18:00:52.0726 4132 e1yexpress - ok
18:00:52.0740 4132 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:00:52.0743 4132 EapHost - ok
18:00:52.0817 4132 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
18:00:52.0862 4132 ebdrv - ok
18:00:52.0896 4132 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:00:52.0897 4132 EFS - ok
18:00:52.0945 4132 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:00:52.0953 4132 ehRecvr - ok
18:00:52.0963 4132 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:00:52.0965 4132 ehSched - ok
18:00:52.0991 4132 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:00:52.0998 4132 elxstor - ok
18:00:53.0020 4132 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:00:53.0021 4132 ErrDev - ok
18:00:53.0062 4132 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:00:53.0067 4132 EventSystem - ok
18:00:53.0082 4132 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:00:53.0085 4132 exfat - ok
18:00:53.0093 4132 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:00:53.0096 4132 fastfat - ok
18:00:53.0123 4132 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:00:53.0132 4132 Fax - ok
18:00:53.0158 4132 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
18:00:53.0160 4132 fdc - ok
18:00:53.0163 4132 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:00:53.0165 4132 fdPHost - ok
18:00:53.0179 4132 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:00:53.0180 4132 FDResPub - ok
18:00:53.0196 4132 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:00:53.0196 4132 FileInfo - ok
18:00:53.0200 4132 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:00:53.0201 4132 Filetrace - ok
18:00:53.0212 4132 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:00:53.0214 4132 flpydisk - ok
18:00:53.0235 4132 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:00:53.0238 4132 FltMgr - ok
18:00:53.0264 4132 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
18:00:53.0277 4132 FontCache - ok
18:00:53.0333 4132 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:00:53.0334 4132 FontCache3.0.0.0 - ok
18:00:53.0344 4132 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:00:53.0346 4132 FsDepends - ok
18:00:53.0383 4132 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:00:53.0384 4132 fssfltr - ok
18:00:53.0466 4132 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
18:00:53.0488 4132 fsssvc - ok
18:00:53.0522 4132 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:00:53.0523 4132 Fs_Rec - ok
18:00:53.0559 4132 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:00:53.0562 4132 fvevol - ok
18:00:53.0588 4132 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:00:53.0590 4132 gagp30kx - ok
18:00:53.0623 4132 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:00:53.0623 4132 GEARAspiWDM - ok
18:00:53.0656 4132 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:00:53.0665 4132 gpsvc - ok
18:00:53.0741 4132 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:00:53.0743 4132 gupdate - ok
18:00:53.0747 4132 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:00:53.0748 4132 gupdatem - ok
18:00:53.0773 4132 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:00:53.0774 4132 hcw85cir - ok
18:00:53.0792 4132 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:00:53.0797 4132 HdAudAddService - ok
18:00:53.0834 4132 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:00:53.0835 4132 HDAudBus - ok
18:00:53.0873 4132 [ 30D57EE84E1E169D41A6E873B549A096 ] HECI C:\Windows\system32\DRIVERS\HECI.sys
18:00:53.0874 4132 HECI - ok
18:00:53.0887 4132 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:00:53.0888 4132 HidBatt - ok
18:00:53.0918 4132 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:00:53.0920 4132 HidBth - ok
18:00:53.0924 4132 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
18:00:53.0925 4132 HidIr - ok
18:00:53.0958 4132 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
18:00:53.0960 4132 hidserv - ok
18:00:53.0990 4132 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:00:53.0991 4132 HidUsb - ok
18:00:54.0014 4132 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:00:54.0016 4132 hkmsvc - ok
18:00:54.0028 4132 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:00:54.0033 4132 HomeGroupListener - ok
18:00:54.0063 4132 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:00:54.0067 4132 HomeGroupProvider - ok
18:00:54.0084 4132 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:00:54.0085 4132 HpSAMD - ok
18:00:54.0109 4132 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:00:54.0117 4132 HTTP - ok
18:00:54.0126 4132 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:00:54.0127 4132 hwpolicy - ok
18:00:54.0149 4132 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:00:54.0151 4132 i8042prt - ok
18:00:54.0167 4132 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:00:54.0172 4132 iaStorV - ok
18:00:54.0192 4132 [ FA3D0A6DA7BB7968EFE5C5BC267F0E55 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
18:00:54.0194 4132 IBMPMDRV - ok
18:00:54.0215 4132 [ 495F184A29B80B51735BCEE91D84FE8F ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
18:00:54.0217 4132 IBMPMSVC - ok
18:00:54.0257 4132 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:00:54.0270 4132 idsvc - ok
18:00:54.0395 4132 [ 36CC40B02AE593D6152AC8BD657720AF ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
18:00:54.0475 4132 igfx - ok
18:00:54.0501 4132 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:00:54.0503 4132 iirsp - ok
18:00:54.0547 4132 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:00:54.0558 4132 IKEEXT - ok
18:00:54.0572 4132 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:00:54.0573 4132 intelide - ok
18:00:54.0694 4132 [ 36CC40B02AE593D6152AC8BD657720AF ] intelkmd C:\Windows\system32\DRIVERS\igdpmd32.sys
18:00:54.0774 4132 intelkmd - ok
18:00:54.0802 4132 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:00:54.0803 4132 intelppm - ok
18:00:54.0824 4132 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:00:54.0826 4132 IPBusEnum - ok
18:00:54.0857 4132 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:00:54.0859 4132 IpFilterDriver - ok
18:00:54.0891 4132 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:00:54.0899 4132 iphlpsvc - ok
18:00:54.0916 4132 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:00:54.0918 4132 IPMIDRV - ok
18:00:54.0931 4132 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:00:54.0933 4132 IPNAT - ok
18:00:54.0988 4132 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:00:55.0000 4132 iPod Service - ok
18:00:55.0019 4132 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:00:55.0020 4132 IRENUM - ok
18:00:55.0040 4132 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:00:55.0042 4132 isapnp - ok
18:00:55.0062 4132 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:00:55.0066 4132 iScsiPrt - ok
18:00:55.0103 4132 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
18:00:55.0105 4132 IviRegMgr - ok
18:00:55.0143 4132 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:00:55.0144 4132 kbdclass - ok
18:00:55.0163 4132 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:00:55.0164 4132 kbdhid - ok
18:00:55.0172 4132 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:00:55.0173 4132 KeyIso - ok
18:00:55.0202 4132 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:00:55.0203 4132 KSecDD - ok
18:00:55.0217 4132 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:00:55.0219 4132 KSecPkg - ok
18:00:55.0243 4132 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:00:55.0249 4132 KtmRm - ok
18:00:55.0275 4132 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
18:00:55.0279 4132 LanmanServer - ok
18:00:55.0304 4132 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:00:55.0308 4132 LanmanWorkstation - ok
18:00:55.0360 4132 [ 128158D8B1DF639BF3E3FDBCBB64CDAC ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
18:00:55.0361 4132 LENOVO.MICMUTE - ok
18:00:55.0391 4132 [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi C:\Windows\system32\DRIVERS\smiif32.sys
18:00:55.0392 4132 lenovo.smi - ok
18:00:55.0404 4132 [ 6F2CC57EB5836D2AC9BD37F3554D55F8 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
18:00:55.0406 4132 Lenovo.VIRTSCRLSVC - ok
18:00:55.0447 4132 [ BC5BFED7DBEA82FC3DAA7FE16177ECBE ] LenovoRd C:\Windows\system32\Drivers\LenovoRd.sys
18:00:55.0449 4132 LenovoRd - ok
18:00:55.0465 4132 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:00:55.0466 4132 lltdio - ok
18:00:55.0493 4132 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:00:55.0497 4132 lltdsvc - ok
18:00:55.0513 4132 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:00:55.0514 4132 lmhosts - ok
18:00:55.0545 4132 [ 7F697D6EB3E47FBC7757229DAEE406B4 ] LMS C:\Program Files\Intel\AMT\LMS.exe
18:00:55.0548 4132 LMS - ok
18:00:55.0591 4132 [ 3C7F96372D8CC2BD1A1DAD79ACAC29B7 ] lowpp C:\Windows\system32\Drivers\lowpp.sys
18:00:55.0619 4132 lowpp - ok
18:00:55.0647 4132 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:00:55.0649 4132 LSI_FC - ok
18:00:55.0661 4132 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:00:55.0663 4132 LSI_SAS - ok
18:00:55.0685 4132 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:00:55.0687 4132 LSI_SAS2 - ok
18:00:55.0695 4132 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:00:55.0697 4132 LSI_SCSI - ok
18:00:55.0730 4132 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:00:55.0731 4132 luafv - ok
18:00:55.0758 4132 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:00:55.0760 4132 Mcx2Svc - ok
18:00:55.0774 4132 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
18:00:55.0775 4132 megasas - ok
18:00:55.0790 4132 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:00:55.0794 4132 MegaSR - ok
18:00:55.0808 4132 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:00:55.0810 4132 MMCSS - ok
18:00:55.0822 4132 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:00:55.0822 4132 Modem - ok
18:00:55.0862 4132 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:00:55.0863 4132 monitor - ok
18:00:55.0894 4132 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:00:55.0895 4132 mouclass - ok
18:00:55.0906 4132 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:00:55.0907 4132 mouhid - ok
18:00:55.0911 4132 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:00:55.0913 4132 mountmgr - ok
18:00:55.0965 4132 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:00:55.0968 4132 MozillaMaintenance - ok
18:00:56.0020 4132 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:00:56.0023 4132 MpFilter - ok
18:00:56.0047 4132 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:00:56.0050 4132 mpio - ok
18:00:56.0172 4132 [ A69630D039C38018689190234F866D77 ] MpKsl5893b814 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1F9085A7-68B5-41A5-BF79-86630B0AD55D}\MpKsl5893b814.sys
18:00:56.0173 4132 MpKsl5893b814 - ok
18:00:56.0201 4132 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:00:56.0202 4132 mpsdrv - ok
18:00:56.0235 4132 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:00:56.0245 4132 MpsSvc - ok
18:00:56.0260 4132 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:00:56.0262 4132 MRxDAV - ok
18:00:56.0283 4132 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:00:56.0285 4132 mrxsmb - ok
18:00:56.0297 4132 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:00:56.0300 4132 mrxsmb10 - ok
18:00:56.0305 4132 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:00:56.0306 4132 mrxsmb20 - ok
18:00:56.0326 4132 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:00:56.0327 4132 msahci - ok
18:00:56.0336 4132 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:00:56.0339 4132 msdsm - ok
18:00:56.0353 4132 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:00:56.0357 4132 MSDTC - ok
18:00:56.0374 4132 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:00:56.0375 4132 Msfs - ok
18:00:56.0382 4132 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:00:56.0383 4132 mshidkmdf - ok
18:00:56.0411 4132 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:00:56.0411 4132 msisadrv - ok
18:00:56.0443 4132 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:00:56.0447 4132 MSiSCSI - ok
18:00:56.0450 4132 msiserver - ok
18:00:56.0489 4132 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:00:56.0490 4132 MSKSSRV - ok
18:00:56.0563 4132 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:00:56.0564 4132 MsMpSvc - ok
18:00:56.0571 4132 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:00:56.0572 4132 MSPCLOCK - ok
18:00:56.0575 4132 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:00:56.0576 4132 MSPQM - ok
18:00:56.0592 4132 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:00:56.0594 4132 MsRPC - ok
18:00:56.0607 4132 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:00:56.0607 4132 mssmbios - ok
18:00:56.0611 4132 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:00:56.0612 4132 MSTEE - ok
18:00:56.0623 4132 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:00:56.0625 4132 MTConfig - ok
18:00:56.0639 4132 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:00:56.0639 4132 Mup - ok
18:00:56.0666 4132 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:00:56.0673 4132 napagent - ok
18:00:56.0701 4132 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:00:56.0705 4132 NativeWifiP - ok
18:00:56.0759 4132 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:00:56.0768 4132 NDIS - ok
18:00:56.0796 4132 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:00:56.0797 4132 NdisCap - ok
18:00:56.0813 4132 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:00:56.0814 4132 NdisTapi - ok
18:00:56.0823 4132 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:00:56.0825 4132 Ndisuio - ok
18:00:56.0841 4132 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:00:56.0843 4132 NdisWan - ok
18:00:56.0852 4132 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:00:56.0853 4132 NDProxy - ok
18:00:56.0862 4132 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:00:56.0863 4132 NetBIOS - ok
18:00:56.0875 4132 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:00:56.0878 4132 NetBT - ok
18:00:56.0888 4132 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:00:56.0890 4132 Netlogon - ok
18:00:56.0927 4132 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:00:56.0930 4132 Netman - ok
18:00:56.0978 4132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:00:56.0981 4132 NetMsmqActivator - ok
18:00:56.0985 4132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:00:56.0986 4132 NetPipeActivator - ok
18:00:57.0011 4132 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:00:57.0017 4132 netprofm - ok
18:00:57.0022 4132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:00:57.0023 4132 NetTcpActivator - ok
18:00:57.0027 4132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:00:57.0028 4132 NetTcpPortSharing - ok
18:00:57.0163 4132 [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
18:00:57.0249 4132 NETw5s32 - ok
18:00:57.0352 4132 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
18:00:57.0414 4132 netw5v32 - ok
18:00:57.0442 4132 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:00:57.0443 4132 nfrd960 - ok
18:00:57.0464 4132 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:00:57.0465 4132 NisDrv - ok
18:00:57.0508 4132 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:00:57.0512 4132 NisSrv - ok
18:00:57.0540 4132 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:00:57.0543 4132 NlaSvc - ok
18:00:57.0567 4132 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:00:57.0568 4132 Npfs - ok
18:00:57.0587 4132 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:00:57.0590 4132 nsi - ok
18:00:57.0599 4132 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:00:57.0600 4132 nsiproxy - ok
18:00:57.0631 4132 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:00:57.0649 4132 Ntfs - ok
18:00:57.0665 4132 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:00:57.0666 4132 Null - ok
18:00:57.0704 4132 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:00:57.0707 4132 nvraid - ok
18:00:57.0720 4132 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:00:57.0723 4132 nvstor - ok
18:00:57.0743 4132 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:00:57.0746 4132 nv_agp - ok
18:00:57.0756 4132 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:00:57.0758 4132 ohci1394 - ok
18:00:57.0784 4132 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:00:57.0789 4132 p2pimsvc - ok
18:00:57.0803 4132 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:00:57.0810 4132 p2psvc - ok
18:00:57.0837 4132 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
18:00:57.0839 4132 Parport - ok
18:00:57.0866 4132 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:00:57.0867 4132 partmgr - ok
18:00:57.0874 4132 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:00:57.0875 4132 Parvdm - ok
18:00:57.0890 4132 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:00:57.0893 4132 PcaSvc - ok
18:00:57.0905 4132 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:00:57.0907 4132 pci - ok
18:00:57.0930 4132 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:00:57.0931 4132 pciide - ok
18:00:57.0945 4132 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:00:57.0947 4132 pcmcia - ok
18:00:57.0975 4132 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:00:57.0975 4132 pcw - ok
18:00:58.0009 4132 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:00:58.0018 4132 PEAUTH - ok
18:00:58.0053 4132 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:00:58.0069 4132 PeerDistSvc - ok
18:00:58.0110 4132 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:00:58.0134 4132 pla - ok
18:00:58.0164 4132 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:00:58.0168 4132 PlugPlay - ok
18:00:58.0178 4132 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:00:58.0181 4132 PNRPAutoReg - ok
18:00:58.0188 4132 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:00:58.0191 4132 PNRPsvc - ok
18:00:58.0222 4132 [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
18:00:58.0223 4132 Point32 - ok
18:00:58.0256 4132 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:00:58.0262 4132 PolicyAgent - ok
18:00:58.0278 4132 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
18:00:58.0281 4132 Power - ok
18:00:58.0305 4132 [ 7A1E6CF32EDFF1F13186997FCA086FC7 ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
18:00:58.0307 4132 Power Manager DBC Service - ok
18:00:58.0340 4132 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:00:58.0342 4132 PptpMiniport - ok
18:00:58.0360 4132 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
18:00:58.0361 4132 Processor - ok
18:00:58.0395 4132 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
18:00:58.0399 4132 ProfSvc - ok
18:00:58.0413 4132 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:00:58.0415 4132 ProtectedStorage - ok
18:00:58.0442 4132 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:00:58.0444 4132 Psched - ok
18:00:58.0458 4132 [ 20EFF1CA8922F6A834261B985550A51D ] PwmEWSvc C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE
18:00:58.0461 4132 PwmEWSvc - ok
18:00:58.0471 4132 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
18:00:58.0472 4132 PxHelp20 - ok
18:00:58.0518 4132 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:00:58.0539 4132 ql2300 - ok
18:00:58.0572 4132 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:00:58.0574 4132 ql40xx - ok
18:00:58.0603 4132 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:00:58.0608 4132 QWAVE - ok
18:00:58.0626 4132 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:00:58.0627 4132 QWAVEdrv - ok
18:00:58.0635 4132 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:00:58.0636 4132 RasAcd - ok
18:00:58.0657 4132 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:00:58.0659 4132 RasAgileVpn - ok
18:00:58.0674 4132 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:00:58.0677 4132 RasAuto - ok
18:00:58.0699 4132 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:00:58.0701 4132 Rasl2tp - ok
18:00:58.0720 4132 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:00:58.0725 4132 RasMan - ok
18:00:58.0741 4132 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:00:58.0743 4132 RasPppoe - ok
18:00:58.0755 4132 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:00:58.0757 4132 RasSstp - ok
18:00:58.0776 4132 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:00:58.0779 4132 rdbss - ok
18:00:58.0788 4132 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:00:58.0789 4132 rdpbus - ok
18:00:58.0798 4132 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:00:58.0799 4132 RDPCDD - ok
18:00:58.0811 4132 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:00:58.0814 4132 RDPDR - ok
18:00:58.0835 4132 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:00:58.0836 4132 RDPENCDD - ok
18:00:58.0845 4132 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:00:58.0846 4132 RDPREFMP - ok
18:00:58.0878 4132 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:00:58.0881 4132 RDPWD - ok
18:00:58.0906 4132 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:00:58.0908 4132 rdyboost - ok
18:00:58.0933 4132 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:00:58.0935 4132 RemoteAccess - ok
18:00:58.0956 4132 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:00:58.0959 4132 RemoteRegistry - ok
18:00:58.0983 4132 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:00:58.0985 4132 RFCOMM - ok
18:00:59.0015 4132 [ D65AC8797F0286ED269500747D6290A4 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
18:00:59.0017 4132 rimmptsk - ok
18:00:59.0023 4132 [ 49EC82B44EB93374ED9988DA7E0E0151 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
18:00:59.0024 4132 rimsptsk - ok
18:00:59.0035 4132 [ 3F400C3CCD0818858602DDB37B5DE719 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
18:00:59.0036 4132 rismxdp - ok
18:00:59.0117 4132 [ D8C44229EB2495E774350529ED9BE08D ] RoxMediaDB10 C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
18:00:59.0134 4132 RoxMediaDB10 - ok
18:00:59.0161 4132 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:00:59.0164 4132 RpcEptMapper - ok
18:00:59.0185 4132 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:00:59.0187 4132 RpcLocator - ok
18:00:59.0204 4132 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:00:59.0207 4132 RpcSs - ok
18:00:59.0234 4132 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:00:59.0236 4132 rspndr - ok
18:00:59.0250 4132 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:00:59.0251 4132 s3cap - ok
18:00:59.0263 4132 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:00:59.0265 4132 SamSs - ok
18:00:59.0298 4132 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:00:59.0300 4132 sbp2port - ok
18:00:59.0310 4132 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:00:59.0314 4132 SCardSvr - ok
18:00:59.0322 4132 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:00:59.0323 4132 scfilter - ok
18:00:59.0351 4132 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:00:59.0364 4132 Schedule - ok
18:00:59.0390 4132 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:00:59.0391 4132 SCPolicySvc - ok
18:00:59.0412 4132 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:00:59.0413 4132 sdbus - ok
18:00:59.0434 4132 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:00:59.0438 4132 SDRSVC - ok
18:00:59.0495 4132 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
18:00:59.0499 4132 SeaPort - ok
18:00:59.0522 4132 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:00:59.0523 4132 secdrv - ok
18:00:59.0537 4132 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:00:59.0540 4132 seclogon - ok
18:00:59.0563 4132 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
18:00:59.0565 4132 SENS - ok
18:00:59.0578 4132 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:00:59.0581 4132 SensrSvc - ok
18:00:59.0584 4132 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:00:59.0586 4132 Serenum - ok
18:00:59.0608 4132 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
18:00:59.0610 4132 Serial - ok
18:00:59.0632 4132 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:00:59.0633 4132 sermouse - ok
18:00:59.0652 4132 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:00:59.0656 4132 SessionEnv - ok
18:00:59.0668 4132 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
18:00:59.0669 4132 sffdisk - ok
18:00:59.0683 4132 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:00:59.0684 4132 sffp_mmc - ok
18:00:59.0698 4132 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
18:00:59.0699 4132 sffp_sd - ok
18:00:59.0708 4132 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:00:59.0709 4132 sfloppy - ok
18:00:59.0736 4132 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:00:59.0741 4132 SharedAccess - ok
18:00:59.0772 4132 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:00:59.0776 4132 ShellHWDetection - ok
18:00:59.0786 4132 [ 1624530D05155F4E5A4736531523BFF5 ] Shockprf C:\Windows\system32\DRIVERS\Apsx86.sys
18:00:59.0788 4132 Shockprf - ok
18:00:59.0800 4132 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:00:59.0801 4132 sisagp - ok
18:00:59.0818 4132 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:00:59.0820 4132 SiSRaid2 - ok
18:00:59.0829 4132 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:00:59.0831 4132 SiSRaid4 - ok
18:00:59.0854 4132 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:00:59.0856 4132 Smb - ok
18:00:59.0903 4132 [ 3C4A61CCB2CF32ED6E09F559B4ADB6CF ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
18:00:59.0904 4132 smihlp - ok
18:00:59.0930 4132 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:00:59.0933 4132 SNMPTRAP - ok
18:00:59.0939 4132 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:00:59.0940 4132 spldr - ok
18:00:59.0985 4132 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
18:00:59.0988 4132 Spooler - ok
18:01:00.0057 4132 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:01:00.0104 4132 sppsvc - ok
18:01:00.0122 4132 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:01:00.0125 4132 sppuinotify - ok
18:01:00.0158 4132 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:01:00.0163 4132 srv - ok
18:01:00.0178 4132 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:01:00.0182 4132 srv2 - ok
18:01:00.0217 4132 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:01:00.0221 4132 SrvHsfHDA - ok
18:01:00.0247 4132 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
18:01:00.0262 4132 SrvHsfV92 - ok
18:01:00.0289 4132 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
18:01:00.0299 4132 SrvHsfWinac - ok
18:01:00.0319 4132 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:01:00.0321 4132 srvnet - ok
18:01:00.0349 4132 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:01:00.0354 4132 SSDPSRV - ok
18:01:00.0361 4132 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:01:00.0365 4132 SstpSvc - ok
18:01:00.0389 4132 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:01:00.0390 4132 stexstor - ok
18:01:00.0429 4132 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:01:00.0438 4132 StiSvc - ok
18:01:00.0476 4132 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:01:00.0518 4132 stllssvr - ok
18:01:00.0528 4132 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:01:00.0529 4132 storflt - ok
18:01:00.0543 4132 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
18:01:00.0546 4132 StorSvc - ok
18:01:00.0564 4132 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:01:00.0565 4132 storvsc - ok
18:01:00.0588 4132 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:01:00.0589 4132 swenum - ok
18:01:00.0613 4132 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:01:00.0619 4132 swprv - ok
18:01:00.0650 4132 [ D7DC30B8B41E7A913C3FCCC0631E72EC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:01:00.0652 4132 SynTP - ok
18:01:00.0688 4132 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:01:00.0707 4132 SysMain - ok
18:01:00.0733 4132 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:01:00.0737 4132 TabletInputService - ok
18:01:00.0749 4132 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:01:00.0754 4132 TapiSrv - ok
18:01:00.0766 4132 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:01:00.0769 4132 TBS - ok
18:01:00.0825 4132 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:01:00.0843 4132 Tcpip - ok
18:01:00.0872 4132 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:01:00.0878 4132 TCPIP6 - ok
18:01:00.0903 4132 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:01:00.0905 4132 tcpipreg - ok
18:01:00.0917 4132 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:01:00.0918 4132 TDPIPE - ok
18:01:00.0951 4132 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:01:00.0953 4132 TDTCP - ok
18:01:00.0960 4132 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:01:00.0962 4132 tdx - ok
18:01:00.0984 4132 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:01:00.0984 4132 TermDD - ok
18:01:01.0021 4132 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:01:01.0030 4132 TermService - ok
18:01:01.0044 4132 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:01:01.0047 4132 Themes - ok
18:01:01.0057 4132 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:01:01.0059 4132 THREADORDER - ok
18:01:01.0073 4132 [ D2378FBBD668D9FE9B6B5E3139D506D3 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM86.sys
18:01:01.0074 4132 TPDIGIMN - ok
18:01:01.0086 4132 [ A34A1E6B5461273846D30F5898602A72 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG.exe
18:01:01.0089 4132 TPHDEXLGSVC - ok
18:01:01.0111 4132 [ 1DBF0267CEBF80F0BD24DFE895367DB5 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
18:01:01.0114 4132 TPHKLOAD - ok
18:01:01.0132 4132 [ CB0625C2F5B7C72C50C5AE34F8E8F7D0 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
18:01:01.0133 4132 TPHKSVC - ok
18:01:01.0170 4132 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
18:01:01.0172 4132 TPM - ok
18:01:01.0201 4132 [ C16EC6A5390904D3971179553852025B ] TPPWRIF C:\Windows\system32\drivers\Tppwr32v.sys
18:01:01.0202 4132 TPPWRIF - ok
18:01:01.0208 4132 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:01:01.0212 4132 TrkWks - ok
18:01:01.0259 4132 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:01:01.0262 4132 TrustedInstaller - ok
18:01:01.0277 4132 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:01:01.0279 4132 tssecsrv - ok
18:01:01.0287 4132 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:01:01.0289 4132 TsUsbFlt - ok
18:01:01.0300 4132 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:01:01.0302 4132 TsUsbGD - ok
18:01:01.0324 4132 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:01:01.0326 4132 tunnel - ok
18:01:01.0330 4132 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:01:01.0331 4132 uagp35 - ok
18:01:01.0345 4132 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:01:01.0350 4132 udfs - ok
18:01:01.0376 4132 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:01:01.0379 4132 UI0Detect - ok
18:01:01.0403 4132 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:01:01.0405 4132 uliagpkx - ok
18:01:01.0432 4132 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:01:01.0434 4132 umbus - ok
18:01:01.0445 4132 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
18:01:01.0446 4132 UmPass - ok
18:01:01.0455 4132 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
18:01:01.0460 4132 UmRdpService - ok
18:01:01.0542 4132 [ 86DEAC5CED845D55C63B125E0908685E ] UNS C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
18:01:01.0572 4132 UNS - ok
18:01:01.0602 4132 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:01:01.0608 4132 upnphost - ok
18:01:01.0652 4132 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
18:01:01.0654 4132 USBAAPL - ok
18:01:01.0672 4132 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
18:01:01.0674 4132 usbccgp - ok
18:01:01.0683 4132 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:01:01.0685 4132 usbcir - ok
18:01:01.0698 4132 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:01:01.0699 4132 usbehci - ok
18:01:01.0738 4132 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:01:01.0742 4132 usbhub - ok
18:01:01.0765 4132 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:01:01.0767 4132 usbohci - ok
18:01:01.0791 4132 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:01:01.0793 4132 usbprint - ok
18:01:01.0823 4132 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:01:01.0855 4132 USBSTOR - ok
18:01:01.0863 4132 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:01:01.0864 4132 usbuhci - ok
18:01:01.0890 4132 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:01:01.0893 4132 usbvideo - ok
18:01:01.0905 4132 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:01:01.0908 4132 UxSms - ok
18:01:01.0921 4132 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:01:01.0923 4132 VaultSvc - ok
18:01:01.0951 4132 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:01:01.0952 4132 vdrvroot - ok
18:01:01.0968 4132 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:01:01.0977 4132 vds - ok
18:01:01.0993 4132 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:01:01.0995 4132 vga - ok
18:01:02.0002 4132 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:01:02.0003 4132 VgaSave - ok
18:01:02.0019 4132 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:01:02.0022 4132 vhdmp - ok
18:01:02.0042 4132 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:01:02.0043 4132 viaagp - ok
18:01:02.0065 4132 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:01:02.0067 4132 ViaC7 - ok
18:01:02.0091 4132 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:01:02.0092 4132 viaide - ok
18:01:02.0105 4132 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:01:02.0108 4132 vmbus - ok
18:01:02.0116 4132 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:01:02.0117 4132 VMBusHID - ok
18:01:02.0130 4132 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:01:02.0130 4132 volmgr - ok
18:01:02.0149 4132 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:01:02.0153 4132 volmgrx - ok
18:01:02.0185 4132 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:01:02.0189 4132 volsnap - ok
18:01:02.0215 4132 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:01:02.0219 4132 vsmraid - ok
18:01:02.0256 4132 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:01:02.0274 4132 VSS - ok
18:01:02.0305 4132 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:01:02.0306 4132 vwifibus - ok
18:01:02.0329 4132 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:01:02.0330 4132 vwififlt - ok
18:01:02.0353 4132 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:01:02.0354 4132 vwifimp - ok
18:01:02.0368 4132 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:01:02.0375 4132 W32Time - ok
18:01:02.0397 4132 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:01:02.0398 4132 WacomPen - ok
18:01:02.0420 4132 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:01:02.0422 4132 WANARP - ok
18:01:02.0428 4132 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:01:02.0429 4132 Wanarpv6 - ok
18:01:02.0503 4132 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:01:02.0523 4132 WatAdminSvc - ok
18:01:02.0570 4132 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:01:02.0590 4132 wbengine - ok
18:01:02.0608 4132 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:01:02.0612 4132 WbioSrvc - ok
18:01:02.0620 4132 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:01:02.0626 4132 wcncsvc - ok
18:01:02.0642 4132 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:01:02.0645 4132 WcsPlugInService - ok
18:01:02.0657 4132 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
18:01:02.0658 4132 Wd - ok
18:01:02.0689 4132 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:01:02.0695 4132 Wdf01000 - ok
18:01:02.0705 4132 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:01:02.0708 4132 WdiServiceHost - ok
18:01:02.0712 4132 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:01:02.0715 4132 WdiSystemHost - ok
18:01:02.0729 4132 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:01:02.0735 4132 WebClient - ok
18:01:02.0749 4132 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:01:02.0754 4132 Wecsvc - ok
18:01:02.0766 4132 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:01:02.0769 4132 wercplsupport - ok
18:01:02.0799 4132 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:01:02.0803 4132 WerSvc - ok
18:01:02.0828 4132 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:01:02.0829 4132 WfpLwf - ok
18:01:02.0840 4132 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:01:02.0841 4132 WIMMount - ok
18:01:02.0900 4132 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:01:02.0910 4132 WinDefend - ok
18:01:02.0915 4132 WinHttpAutoProxySvc - ok
18:01:02.0969 4132 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:01:02.0970 4132 Winmgmt - ok
18:01:03.0016 4132 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:01:03.0035 4132 WinRM - ok
18:01:03.0069 4132 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
18:01:03.0071 4132 WinUsb - ok
18:01:03.0098 4132 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:01:03.0112 4132 Wlansvc - ok
18:01:03.0167 4132 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:01:03.0169 4132 wlcrasvc - ok
18:01:03.0259 4132 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:01:03.0283 4132 wlidsvc - ok
18:01:03.0303 4132 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:01:03.0303 4132 WmiAcpi - ok
18:01:03.0331 4132 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:01:03.0334 4132 wmiApSrv - ok
18:01:03.0396 4132 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:01:03.0412 4132 WMPNetworkSvc - ok
18:01:03.0437 4132 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:01:03.0439 4132 WPCSvc - ok
18:01:03.0455 4132 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:01:03.0459 4132 WPDBusEnum - ok
18:01:03.0481 4132 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:01:03.0482 4132 ws2ifsl - ok
18:01:03.0494 4132 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
18:01:03.0498 4132 wscsvc - ok
18:01:03.0501 4132 WSearch - ok
18:01:03.0568 4132 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:01:03.0597 4132 wuauserv - ok
18:01:03.0610 4132 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:01:03.0612 4132 WudfPf - ok
18:01:03.0623 4132 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:01:03.0626 4132 WUDFRd - ok
18:01:03.0658 4132 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:01:03.0661 4132 wudfsvc - ok
18:01:03.0676 4132 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:01:03.0682 4132 WwanSvc - ok
18:01:03.0716 4132 ================ Scan global ===============================
18:01:03.0739 4132 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:01:03.0754 4132 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
18:01:03.0763 4132 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
18:01:03.0785 4132 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:01:03.0799 4132 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:01:03.0802 4132 [Global] - ok
18:01:03.0803 4132 ================ Scan MBR ==================================
18:01:03.0819 4132 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:01:04.0101 4132 \Device\Harddisk0\DR0 - ok
18:01:04.0101 4132 ================ Scan VBR ==================================
18:01:04.0126 4132 [ 169DE866CAC31DC50E5FB06BA2D152B0 ] \Device\Harddisk0\DR0\Partition1
18:01:04.0128 4132 \Device\Harddisk0\DR0\Partition1 - ok
18:01:04.0128 4132 ============================================================
18:01:04.0128 4132 Scan finished
18:01:04.0128 4132 ============================================================
18:01:04.0134 4976 Detected object count: 0
18:01:04.0134 4976 Actual detected object count: 0
18:01:25.0632 4216 Deinitialize success

Edited by wa5ngp, 09 October 2012 - 06:16 PM.


#6 wa5ngp

wa5ngp
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 09 October 2012 - 10:29 PM

for the remainder of the runs, should I leave the Usoft secruity essentials on or should I disable it before running all those tools?

tks
don

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 09 October 2012 - 10:34 PM

Disable it and run the tools.

#8 wa5ngp

wa5ngp
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 10 October 2012 - 08:03 AM

good afternoon, do you mind using your name? You may call me Don. I have many Indian friends here so I'm comfortable with Indian names.
Anyway, here's the reports from Texas today.

with AV tool turned off.
///////////////////////////////////////////////////////////
malwarebytes.
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.09.11

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
don :: TPW7 [administrator]

10/9/2012 6:22:11 PM
mbam-log-2012-10-09 (18-22-11).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 325150
Time elapsed: 47 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
//////////////////////////////////////////////////
minitoolbox
MiniToolBox by Farbar Version: 23-07-2012
Ran by don (administrator) on 10-10-2012 at 07:02:16
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5300 AGN = Wireless Network Connection (Connected)
Intel® 82567LM Gigabit Network Connection = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : tpw7
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-21-6A-0C-54-3F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-23-4D-F1-C8-3B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5300 AGN
Physical Address. . . . . . . . . : 00-21-6A-0C-54-3E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e02a:4b5b:4f00:b7b7%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 09, 2012 4:27:15 PM
Lease Expires . . . . . . . . . . : Thursday, October 11, 2012 6:08:09 AM
Default Gateway . . . . . . . . . : 192.168.1.3
DHCP Server . . . . . . . . . . . : 192.168.1.3
DHCPv6 IAID . . . . . . . . . . . : 318775658
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-4E-E4-0C-00-1C-25-9D-42-1A
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : MARWin7.local
Description . . . . . . . . . . . : Intel® 82567LM Gigabit Network Connection
Physical Address. . . . . . . . . : 00-1C-25-9D-42-1A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3452402C-FEF5-4ACF-8837-900555E2B305}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{EF829D3F-1C97-4448-AC3A-318C8D589F42}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3A830F8A-28BF-4E6D-BF9A-DE271EF92AF7}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:10db:2971:3f57:fe99(Preferred)
Link-local IPv6 Address . . . . . : fe80::10db:2971:3f57:fe99%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: google.com
Addresses: 2001:4860:4002:801::1004
74.125.227.37
74.125.227.35
74.125.227.34
74.125.227.40
74.125.227.41
74.125.227.32
74.125.227.33
74.125.227.46
74.125.227.39
74.125.227.36
74.125.227.38


Pinging google.com [74.125.227.36] with 32 bytes of data:
Reply from 74.125.227.36: bytes=32 time=22ms TTL=53
Reply from 74.125.227.36: bytes=32 time=20ms TTL=53

Ping statistics for 74.125.227.36:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 20ms, Maximum = 22ms, Average = 21ms
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=117ms TTL=47
Reply from 98.139.183.24: bytes=32 time=215ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 117ms, Maximum = 215ms, Average = 166ms
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...00 21 6a 0c 54 3f ......Microsoft Virtual WiFi Miniport Adapter
15...00 23 4d f1 c8 3b ......Bluetooth Device (Personal Area Network)
13...00 21 6a 0c 54 3e ......Intel® WiFi Link 5300 AGN
12...00 1c 25 9d 42 1a ......Intel® 82567LM Gigabit Network Connection
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.3 192.168.1.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.102 281
192.168.1.102 255.255.255.255 On-link 192.168.1.102 281
192.168.1.255 255.255.255.255 On-link 192.168.1.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:9d38:6ab8:10db:2971:3f57:fe99/128
On-link
13 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::10db:2971:3f57:fe99/128
On-link
13 281 fe80::e02a:4b5b:4f00:b7b7/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/10/2012 06:08:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27106250

Error: (10/10/2012 06:08:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27106250

Error: (10/10/2012 06:08:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/10/2012 06:08:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27105112

Error: (10/10/2012 06:08:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27105112

Error: (10/10/2012 06:08:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/10/2012 06:08:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27104082

Error: (10/10/2012 06:08:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27104082

Error: (10/10/2012 06:08:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/10/2012 06:08:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27103083


System errors:
=============
Error: (10/10/2012 06:08:11 AM) (Source: amdkmdag) (User: )
Description: Display is not active

Error: (10/09/2012 04:27:14 PM) (Source: Service Control Manager) (User: )
Description: The Lowrance MMC Parallel Port Driver service depends on the Parallel arbitrator group and no member of this group started.

Error: (10/09/2012 04:27:07 PM) (Source: amdkmdag) (User: )
Description: Display is not active

Error: (10/09/2012 04:27:07 PM) (Source: amdkmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/09/2012 10:27:59 AM) (Source: Service Control Manager) (User: )
Description: The Lowrance MMC Parallel Port Driver service depends on the Parallel arbitrator group and no member of this group started.

Error: (10/09/2012 10:27:54 AM) (Source: amdkmdag) (User: )
Description: Display is not active

Error: (10/09/2012 10:27:54 AM) (Source: amdkmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/09/2012 10:08:20 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1320.0

Update Source: %NT AUTHORITY59

Update Stage: 4.1.0522.00

Source Path: 4.1.0522.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/09/2012 10:08:20 AM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (10/09/2012 09:58:25 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (10/10/2012 06:08:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27106250

Error: (10/10/2012 06:08:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27106250

Error: (10/10/2012 06:08:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/10/2012 06:08:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27105112

Error: (10/10/2012 06:08:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27105112

Error: (10/10/2012 06:08:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/10/2012 06:08:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27104082

Error: (10/10/2012 06:08:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27104082

Error: (10/10/2012 06:08:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/10/2012 06:08:06 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27103083


=========================== Installed Programs ============================

Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.0.619.0)
Bonjour (Version: 3.0.0.10)
Conexant 20561 SmartAudio HD (Version: 4.92.10.0)
D3DX10 (Version: 15.4.2368.0902)
DirectX 9 Runtime (Version: 1.00.0000)
EasyGPS 4.45 (Version: 4.45)
ESET Online Scanner v3
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
GPSBabel 1.4.3
GPXtoUSR (Version: 1.00.0000)
IBM Lotus Symphony (Version: 3.0.10289)
Intel® Network Connections Drivers
Intel® Active Management Technology
InterVideo Register Manager (Version: 1.0.4.0)
InterVideo WinDVD (Version: 5.0-B11.1295)
iTunes (Version: 10.6.3.25)
Jasc Paint Shop Photo Album (Version: 4.0.3)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo Auto Scroll Utility (Version: 1.00)
Lenovo Central Audio (Version: 3.8.0)
Lenovo System Interface Driver (Version: 1.05)
Lowrance GPS Data Manger V.6
Lowrance Sonar Viewer 2.1.2 (Version: 2.1.2)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MapCreate 6
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 Express - ENU (Version: 10.0.30319)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
On Screen Display (Version: 6.42.00)
OpenOffice.org 3.1 (Version: 3.1.9399)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Creator Business Edition (Version: 10.3)
Roxio Creator Business Edition (Version: 10.3.081)
Roxio Express Labeler 3 (Version: 3.2.1)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
TextPad 6 (Version: 6.1.3)
ThinkPad FullScreen Magnifier (Version: 2.30)
ThinkPad Power Management Driver (Version: 1.62.00.00)
ThinkPad Power Manager (Version: 3.62)
ThinkPad UltraNav Driver (Version: 15.0.18.0)
ThinkVantage Access Connections (Version: 5.84)
ThinkVantage Active Protection System (Version: 1.75)
ThinkVantage Fingerprint Software (Version: 5.9.5.7038)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 2520.03 MB
Available physical RAM: 1373.99 MB
Total Pagefile: 5038.34 MB
Available Pagefile: 3896.84 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.98 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:139.28 GB) (Free:105.66 GB) NTFS

========================= Users: ========================================

User accounts for \\TPW7

Administrator don Guest

========================= Restore Points ==================================

28-09-2012 12:29:58 Windows Update
30-09-2012 12:41:00 Windows Update
30-09-2012 21:23:34 Removed ASPCA Reminder by We-Care.com v4.1.18.1
03-10-2012 19:20:13 Windows Update
06-10-2012 19:34:54 Windows Update
08-10-2012 13:48:49 ComboFix created restore point

**** End of log ****
//////////////////////////////////////////////////////////////////////////////////////////
Farbar results
Farbar Service Scanner Version: 07-10-2012
Ran by don (administrator) on 10-10-2012 at 07:05:37
Running from "C:\down"
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-09-12 07:33] - [2012-08-22 12:16] - 1292144 ____A (Microsoft Corporation) A5EBB8F648000E88B7D9390B514976BF

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
//////////////////////////////////////////////////////////////////////////////////////////////////////////////
adware cleaner
# AdwCleaner v2.004 - Logfile created 10/10/2012 at 07:07:46
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : don - TPW7
# Boot Mode : Normal
# Running from : C:\down\adwcleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\don\AppData\Roaming\Mozilla\Firefox\Profiles\ndwzy015.default\extensions\wecarereminder@bryan

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\don\AppData\Roaming\Mozilla\Firefox\Profiles\ndwzy015.default\prefs.js

C:\Users\don\AppData\Roaming\Mozilla\Firefox\Profiles\ndwzy015.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2225 octets] - [07/10/2012 10:45:54]
AdwCleaner[R2].txt - [1984 octets] - [08/10/2012 08:41:00]
AdwCleaner[R3].txt - [2034 octets] - [10/10/2012 07:06:40]
AdwCleaner[S1].txt - [1930 octets] - [10/10/2012 07:07:46]

########## EOF - C:\AdwCleaner[S1].txt - [1990 octets] ##########
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
junkware results
Junkware Removal Tool (JRT) by Thisisu
Version: 1.3.8 (10.09.2012)
OS: Windows 7 Professional x86
Ran by don on Wed 10/10/2012 at 7:41:00.19
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Wed 10/10/2012 at 7:44:23.70
End of Report
//////////////////////////////////////////////////////////////////////////////////////////////////////
that's it, I did not see any problems reported.

update, I rebooted and after several searches I am not getting redirects. This has happened before when it went away for a day or so. I'm not willing to claim victory yet, but this is a good sign.
Don

Edited by wa5ngp, 10 October 2012 - 08:11 AM.


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 10 October 2012 - 08:12 AM

good afternoon, do you mind using your name? You may call me Don. I have many Indian friends here so I'm comfortable with Indian names.


Nice to know.You can call me naren :)

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#10 wa5ngp

wa5ngp
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 10 October 2012 - 12:31 PM

Nice to work with Naren, :busy:
rkill results
////////////////////////////////////////////////////////////////////////////////////////////////////////////
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/10/2012 12:03:47 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/10/2012 12:03:58 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)













/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
autorun results
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AcWin7Hlpr" "Access Connections Toolbar Enabler Module" "Lenovo" "c:\program files\lenovo\access connections\actbenabler.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "picon" "PIconStartup application" "" "c:\program files\common files\intel\privacy icon\piconstartup.exe"
+ "PSQLLauncher" "Fingerprint Launcher" "Authentec Inc." "c:\program files\thinkvantage fingerprint software\launcher.exe"
+ "PWMTRV" "ThinkPad Power Manager Background Monitor and Tray Battery Gauge" "Lenovo Group Limited" "c:\program files\thinkpad\utilities\pwmtr32v.dll"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "TpShocks" "ThinkVantage Active Protection System" "Lenovo." "c:\windows\system32\tpshocks.exe"
"C:\Users\don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.1.lnk" "" "" "c:\program files\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "SymphonyPreLoad" "" "IBM" "c:\program files\ibm\lotus\symphony\framework\shared\eclipse\plugins\com.ibm.symphony.standard.launcher.win32.x86_3.0.0.20101015-2340\ibm lotus symphony.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "TextPad" "TextPad 32-bit shell extension DLL" "Helios Software Solutions" "c:\program files\textpad 6\system\shellext32.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "RXDCExtSvr" "Roxio Creator Shell Extension" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "RXDCExtSvr" "Roxio Creator Shell Extension" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files\microsoft\bingbar\bingext.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files\microsoft\bingbar\bingext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files\windows live\writer\writerbrowserextension.dll"
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\PMTask" "ThinkPad Power Manager Idle Task" "Lenovo Group Limited" "c:\program files\thinkpad\utilities\pwmidtsv.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AcPrfMgrSvc" "ThinkVantage Access Connections Profile Manager Service" "Lenovo" "c:\program files\lenovo\access connections\acprfmgrsvc.exe"
+ "AcSvc" "ThinkVantage Access Connections Main Service" "Lenovo" "c:\program files\lenovo\access connections\acsvc.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files\microsoft\bingbar\bbsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "DozeSvc" "Doze Mode Service Program" "Lenovo." "c:\program files\thinkpad\utilities\dozesvc.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files\windows live\family safety\fsssvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "IBMPMSVC" "ThinkPad Power Management Service" "Lenovo." "c:\windows\system32\ibmpmsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "IviRegMgr" "RegMgr Module" "InterVideo" "c:\program files\common files\intervideo\regmgr\iviregmgr.exe"
+ "LENOVO.MICMUTE" "Microphone Mute Controll Service for ThinkPad" "Lenovo Group Limited" "c:\program files\lenovo\hotkey\micmute.exe"
+ "Lenovo.VIRTSCRLSVC" "Auto Scroll Start Service" "Lenovo Group Limited" "c:\program files\lenovo\virtscrl\lvvsst.exe"
+ "LMS" "Intel® Management and Security Application Local Management Service - Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files\intel\amt\lms.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "Power Manager DBC Service" "Power Manager Dynamic Brightness Control Service" "Lenovo" "c:\program files\thinkpad\utilities\pwmdbsvc.exe"
+ "PwmEWSvc" "Power Manager Cisco EnergyWise Enabler" "Lenovo Group Limited" "c:\program files\thinkpad\utilities\pwmewsvc.exe"
+ "RoxMediaDB10" "Roxio RoxMediaDB10 Service" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\sharedcom\roxmediadb10.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files\microsoft\bingbar\seaport.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "TPHDEXLGSVC" "ThinkVantage Active Protection System - HDD Logger Module" "Lenovo." "c:\windows\system32\tphdexlg.exe"
+ "TPHKLOAD" "ThinkPad Message Client Loader" "Lenovo Group Limited" "c:\program files\lenovo\hotkey\tphkload.exe"
+ "TPHKSVC" "On screen display Fn+Fx handler" "Lenovo Group Limited" "c:\program files\lenovo\hotkey\tphksvc.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files\common files\intel\privacy icon\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atipmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "ATSwpWDF" "AuthenTec Swipe Sensor WBF WDF USB Driver" "AuthenTec, Inc." "c:\windows\system32\drivers\atswpwdf.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "catchme" "" "" "File not found: C:\Users\don\AppData\Local\Temp\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt32.sys"
+ "DozeHDD" "Doze Mode Kernel Driver for HDD control" "Lenovo." "c:\windows\system32\drivers\dozehdd.sys"
+ "e1yexpress" "Intel® Gigabit Network Connection NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1y6032.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECI" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\heci.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "IBMPMDRV" "ThinkPad Power Management Driver" "Lenovo." "c:\windows\system32\drivers\ibmpmdrv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "intelkmd" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdpmd32.sys"
+ "lenovo.smi" "SMI Driver for Lenovo system" "Lenovo Group Limited" "c:\windows\system32\drivers\smiif32.sys"
+ "LenovoRd" "Smart Card Reader Driver" "Lenovo" "c:\windows\system32\drivers\lenovord.sys"
+ "lowpp" "Lowrance Parallel Port Driver" "Lowrance Electronics, Inc." "c:\windows\system32\drivers\lowpp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "NETw5s32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5s32.sys"
+ "netw5v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v32.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "rimmptsk" "RICOH SD/MMC Driver" "REDC" "c:\windows\system32\drivers\rimmptsk.sys"
+ "rimsptsk" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimsptsk.sys"
+ "rismxdp" "RICOH XD SM Driver" "REDC" "c:\windows\system32\drivers\rixdptsk.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Shockprf" "Shockproof Disk Driver" "Lenovo." "c:\windows\system32\drivers\apsx86.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "smihlp" "SMI helper driver" "Authentec Inc." "c:\program files\thinkvantage fingerprint software\smihlp.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl3.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv3.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt3.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TPDIGIMN" "APS Digitizer Activity Monitor" "Lenovo." "c:\windows\system32\drivers\apshm86.sys"
+ "TPPWRIF" "Power Manager" "Lenovo Group Limited" "c:\windows\system32\drivers\tppwr32v.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "InterVideo Audio Decoder" "IVIAUDIO LOGID.74465" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Audio Processor" "" "" "c:\program files\intervideo\common\bin\iviaudioprocess.ax"
+ "Intervideo CDSF Filter" "Bouncing Ball Filter (Sample)" "Microsoft Corporation" "c:\program files\intervideo\common\bin\ivicdsf.ax"
+ "InterVideo Navigator" "IVINAV LOGID.74465" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivinav.ax"
+ "InterVideo Video Decoder" "IVIVIDEO LOGID.74465" " InterVideo Inc." "c:\program files\intervideo\common\bin\ivivideo.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio\videocore 10\lvmwriter.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 10\mediaanalyser.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\sharedcom\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio\videocore 10\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\mpeg\roxiompegdemuxer.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 10\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 10\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio\videocore 10\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio\videocore 10\vobloader.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio\videocore 10\mvwcdsutil.dll"
+ "Sonic Cinemaster® Audio Decoder 4.3 (No Dolby)" "SonicHDAudio" "Sonic Solutions" "c:\program files\common files\sonic shared\cinemasteraudiond.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3" "CinemasterVideo" "Sonic Solutions" "c:\program files\common files\sonic shared\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files\roxio\sonichddemuxer.dll"
+ "Sonic HD Nav" "SonicHDNav" "" "c:\program files\common files\sonic shared\sonichdnav.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\10.0\mpeg\subpictenc.dll"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 10\roxvideo.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "Provider Object" "Windows Vista and Windows 7 Credential Provider" "Authentec Inc." "c:\program files\thinkvantage fingerprint software\provider.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "Provider Filter Object" "Windows Vista and Windows 7 Credential Provider" "Authentec Inc." "c:\program files\thinkvantage fingerprint software\provider.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "psfus" "Logon stub" "Authentec Inc." "c:\program files\thinkvantage fingerprint software\psqlpwd.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll" "Logon stub" "Authentec Inc." "c:\program files\thinkvantage fingerprint software\psqlpwd.dll"
////////////////////////////////////////////////////////////////////////////
Pleasant dreams if its time to go to sleep.

don

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 10 October 2012 - 01:43 PM

Any current issues?

#12 wa5ngp

wa5ngp
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 11 October 2012 - 06:47 AM

good afternoon.
Just got up. So far so good. :clapping: If I go back thru the previous posting logs should I see where it got fixed or was it fixed with a bunch of things where I can't really tell what the exact problem was? :blink:
One thing I noticed, perhaps coincidence, after the fix I received a bunch of upgrades from usoft.

Don

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 11 October 2012 - 07:35 AM

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#14 wa5ngp

wa5ngp
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 11 October 2012 - 01:21 PM

all done, did a lot of googling today, and no redirects.
don

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 11 October 2012 - 01:29 PM

Thankyou for the update :thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users