Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search taken over


  • Please log in to reply
9 replies to this topic

#1 hrolsons

hrolsons

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 10 October 2012 - 04:07 PM

I have another thread that you guys are helping me with a hijacked search on my desktop. I also need to clean me laptop and thought I'd start a new thread for it. Hopefully that's the correct procedure.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 10 October 2012 - 04:10 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 10 October 2012 - 06:53 PM

16:50:22.0279 2616 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
16:50:22.0637 2616 ============================================================
16:50:22.0637 2616 Current date / time: 2012/10/10 16:50:22.0637
16:50:22.0637 2616 SystemInfo:
16:50:22.0637 2616
16:50:22.0637 2616 OS Version: 6.1.7601 ServicePack: 1.0
16:50:22.0637 2616 Product type: Workstation
16:50:22.0637 2616 ComputerName: DEREK-I7-LAPTOP
16:50:22.0637 2616 UserName: Derek
16:50:22.0637 2616 Windows directory: C:\Windows
16:50:22.0637 2616 System windows directory: C:\Windows
16:50:22.0637 2616 Running under WOW64
16:50:22.0637 2616 Processor architecture: Intel x64
16:50:22.0637 2616 Number of processors: 8
16:50:22.0637 2616 Page size: 0x1000
16:50:22.0637 2616 Boot type: Safe boot with network
16:50:22.0637 2616 ============================================================
16:50:23.0168 2616 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:50:23.0168 2616 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:50:23.0183 2616 ============================================================
16:50:23.0183 2616 \Device\Harddisk0\DR0:
16:50:23.0183 2616 MBR partitions:
16:50:23.0183 2616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:50:23.0183 2616 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3859A800
16:50:23.0183 2616 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x385FE800, BlocksNum 0x1D53800
16:50:23.0183 2616 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x32800
16:50:23.0183 2616 \Device\Harddisk1\DR1:
16:50:23.0183 2616 Invalid mbr signature
16:50:23.0183 2616 ============================================================
16:50:23.0183 2616 C: <-> \Device\Harddisk0\DR0\Partition2
16:50:23.0246 2616 E: <-> \Device\Harddisk0\DR0\Partition3
16:50:23.0246 2616 ============================================================
16:50:23.0246 2616 Initialize success
16:50:23.0246 2616 ============================================================
16:50:35.0195 2668 ============================================================
16:50:35.0195 2668 Scan started
16:50:35.0195 2668 Mode: Manual; TDLFS;
16:50:35.0195 2668 ============================================================
16:50:35.0944 2668 ================ Scan system memory ========================
16:50:35.0944 2668 System memory - ok
16:50:35.0944 2668 ================ Scan services =============================
16:50:36.0069 2668 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:50:36.0069 2668 1394ohci - ok
16:50:36.0100 2668 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:50:36.0100 2668 Accelerometer - ok
16:50:36.0131 2668 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:50:36.0147 2668 ACPI - ok
16:50:36.0163 2668 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:50:36.0178 2668 AcpiPmi - ok
16:50:36.0303 2668 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:50:36.0319 2668 AdobeARMservice - ok
16:50:36.0428 2668 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:50:36.0428 2668 AdobeFlashPlayerUpdateSvc - ok
16:50:36.0490 2668 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:50:36.0506 2668 adp94xx - ok
16:50:36.0537 2668 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:50:36.0553 2668 adpahci - ok
16:50:36.0568 2668 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:50:36.0568 2668 adpu320 - ok
16:50:36.0599 2668 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:50:36.0615 2668 AeLookupSvc - ok
16:50:36.0724 2668 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
16:50:36.0724 2668 AESTFilters - ok
16:50:36.0787 2668 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:50:36.0787 2668 AFD - ok
16:50:36.0833 2668 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:50:36.0833 2668 agp440 - ok
16:50:36.0865 2668 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:50:36.0865 2668 ALG - ok
16:50:36.0896 2668 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:50:36.0896 2668 aliide - ok
16:50:36.0943 2668 [ C53D784D7303C463D004C0D5782917B4 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:50:36.0943 2668 AMD External Events Utility - ok
16:50:36.0989 2668 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:50:36.0989 2668 amdide - ok
16:50:37.0021 2668 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:50:37.0021 2668 AmdK8 - ok
16:50:37.0223 2668 [ 06778049A44C316E8D016039B9D14667 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:50:37.0645 2668 amdkmdag - ok
16:50:37.0676 2668 [ 94B4028F0EEA1F166D78186A254676B5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:50:37.0676 2668 amdkmdap - ok
16:50:37.0691 2668 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:50:37.0707 2668 AmdPPM - ok
16:50:37.0754 2668 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:50:37.0754 2668 amdsata - ok
16:50:37.0769 2668 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:50:37.0769 2668 amdsbs - ok
16:50:37.0801 2668 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:50:37.0801 2668 amdxata - ok
16:50:37.0847 2668 [ B147910D07F862F1F5B7B80BF5D800BF ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
16:50:37.0847 2668 AMPPAL - ok
16:50:37.0863 2668 [ B147910D07F862F1F5B7B80BF5D800BF ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
16:50:37.0863 2668 AMPPALP - ok
16:50:37.0910 2668 [ 86DC20FF914596983023E9E4544667EE ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
16:50:37.0925 2668 AMPPALR3 - ok
16:50:37.0972 2668 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:50:37.0972 2668 AppID - ok
16:50:38.0003 2668 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:50:38.0003 2668 AppIDSvc - ok
16:50:38.0019 2668 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:50:38.0019 2668 Appinfo - ok
16:50:38.0035 2668 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:50:38.0050 2668 arc - ok
16:50:38.0050 2668 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:50:38.0050 2668 arcsas - ok
16:50:38.0081 2668 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:50:38.0081 2668 AsyncMac - ok
16:50:38.0097 2668 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:50:38.0097 2668 atapi - ok
16:50:38.0159 2668 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:50:38.0191 2668 AudioEndpointBuilder - ok
16:50:38.0222 2668 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:50:38.0222 2668 AudioSrv - ok
16:50:38.0269 2668 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:50:38.0269 2668 AxInstSV - ok
16:50:38.0315 2668 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:50:38.0331 2668 b06bdrv - ok
16:50:38.0378 2668 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:50:38.0378 2668 b57nd60a - ok
16:50:38.0440 2668 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:50:38.0471 2668 BCM43XX - ok
16:50:38.0503 2668 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:50:38.0503 2668 BDESVC - ok
16:50:38.0518 2668 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:50:38.0518 2668 Beep - ok
16:50:38.0549 2668 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:50:38.0581 2668 BFE - ok
16:50:38.0612 2668 [ 1B63F2B7CA6B5290CC124CDD07520BC9 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
16:50:38.0612 2668 BingDesktopUpdate - ok
16:50:38.0643 2668 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:50:38.0783 2668 BITS - ok
16:50:38.0815 2668 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:50:38.0815 2668 blbdrive - ok
16:50:38.0846 2668 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:50:38.0861 2668 bowser - ok
16:50:38.0877 2668 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:50:38.0877 2668 BrFiltLo - ok
16:50:38.0893 2668 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:50:38.0893 2668 BrFiltUp - ok
16:50:38.0924 2668 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:50:38.0924 2668 Browser - ok
16:50:38.0955 2668 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:50:38.0955 2668 Brserid - ok
16:50:38.0971 2668 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:50:38.0971 2668 BrSerWdm - ok
16:50:38.0986 2668 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:50:38.0986 2668 BrUsbMdm - ok
16:50:39.0002 2668 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:50:39.0002 2668 BrUsbSer - ok
16:50:39.0033 2668 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:50:39.0033 2668 BTHMODEM - ok
16:50:39.0080 2668 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:50:39.0080 2668 bthserv - ok
16:50:39.0127 2668 [ 34C60D1F16D8FE67277DBB9D7E59F89D ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
16:50:39.0127 2668 BTHSSecurityMgr - ok
16:50:39.0158 2668 [ 6D3FF2B480F7AB8DA103CBC7FBEACD48 ] BTMCOM C:\Windows\System32\Drivers\btmcom.sys
16:50:39.0173 2668 BTMCOM - ok
16:50:39.0189 2668 [ C9918310FA5912E491B028E88E0CE473 ] btmhid C:\Windows\system32\drivers\btmhid.sys
16:50:39.0189 2668 btmhid - ok
16:50:39.0236 2668 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
16:50:39.0236 2668 btwavdt - ok
16:50:39.0251 2668 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid C:\Windows\system32\drivers\btwrchid.sys
16:50:39.0251 2668 btwrchid - ok
16:50:39.0298 2668 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:50:39.0298 2668 cdfs - ok
16:50:39.0329 2668 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:50:39.0329 2668 cdrom - ok
16:50:39.0361 2668 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:50:39.0361 2668 CertPropSvc - ok
16:50:39.0392 2668 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:50:39.0392 2668 circlass - ok
16:50:39.0407 2668 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:50:39.0423 2668 CLFS - ok
16:50:39.0485 2668 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:50:39.0501 2668 clr_optimization_v2.0.50727_32 - ok
16:50:39.0532 2668 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:50:39.0548 2668 clr_optimization_v2.0.50727_64 - ok
16:50:39.0626 2668 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:50:39.0735 2668 clr_optimization_v4.0.30319_32 - ok
16:50:39.0813 2668 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:50:39.0813 2668 clr_optimization_v4.0.30319_64 - ok
16:50:39.0860 2668 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
16:50:39.0875 2668 clwvd - ok
16:50:39.0922 2668 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:50:39.0922 2668 CmBatt - ok
16:50:39.0938 2668 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:50:39.0938 2668 cmdide - ok
16:50:39.0969 2668 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:50:39.0985 2668 CNG - ok
16:50:40.0016 2668 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:50:40.0016 2668 Compbatt - ok
16:50:40.0031 2668 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:50:40.0047 2668 CompositeBus - ok
16:50:40.0063 2668 COMSysApp - ok
16:50:40.0109 2668 [ 3CA734CE373E5675FBC15CA2C45228E5 ] cpudrv64 C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
16:50:40.0109 2668 cpudrv64 - ok
16:50:40.0141 2668 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:50:40.0141 2668 crcdisk - ok
16:50:40.0187 2668 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:50:40.0187 2668 CryptSvc - ok
16:50:40.0328 2668 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:50:40.0343 2668 cvhsvc - ok
16:50:40.0390 2668 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:50:40.0390 2668 DcomLaunch - ok
16:50:40.0515 2668 [ 2AB40D0F2C34549604C75DC0B54451E7 ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
16:50:40.0515 2668 DefaultTabSearch - ok
16:50:40.0640 2668 [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\Derek\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
16:50:40.0640 2668 DefaultTabUpdate - ok
16:50:40.0687 2668 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:50:40.0687 2668 defragsvc - ok
16:50:40.0733 2668 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:50:40.0733 2668 DfsC - ok
16:50:40.0765 2668 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:50:40.0780 2668 Dhcp - ok
16:50:40.0796 2668 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:50:40.0796 2668 discache - ok
16:50:40.0827 2668 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:50:40.0827 2668 Disk - ok
16:50:40.0858 2668 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:50:40.0858 2668 Dnscache - ok
16:50:40.0905 2668 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:50:40.0905 2668 dot3svc - ok
16:50:40.0921 2668 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:50:40.0921 2668 DPS - ok
16:50:40.0952 2668 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:50:40.0952 2668 drmkaud - ok
16:50:40.0983 2668 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:50:40.0999 2668 DXGKrnl - ok
16:50:41.0030 2668 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:50:41.0030 2668 EapHost - ok
16:50:41.0108 2668 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:50:41.0186 2668 ebdrv - ok
16:50:41.0233 2668 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:50:41.0233 2668 EFS - ok
16:50:41.0295 2668 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:50:41.0311 2668 ehRecvr - ok
16:50:41.0357 2668 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:50:41.0357 2668 ehSched - ok
16:50:41.0404 2668 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:50:41.0420 2668 elxstor - ok
16:50:41.0435 2668 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:50:41.0435 2668 ErrDev - ok
16:50:41.0498 2668 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:50:41.0513 2668 EventSystem - ok
16:50:41.0576 2668 [ 3A65D4AF876F6CD47B22AA93A31E4646 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:50:41.0591 2668 EvtEng - ok
16:50:41.0607 2668 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:50:41.0607 2668 exfat - ok
16:50:41.0638 2668 ezSharedSvc - ok
16:50:41.0669 2668 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:50:41.0669 2668 fastfat - ok
16:50:41.0701 2668 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:50:41.0732 2668 Fax - ok
16:50:41.0747 2668 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:50:41.0747 2668 fdc - ok
16:50:41.0779 2668 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:50:41.0779 2668 fdPHost - ok
16:50:41.0794 2668 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:50:41.0794 2668 FDResPub - ok
16:50:41.0810 2668 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:50:41.0810 2668 FileInfo - ok
16:50:41.0825 2668 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:50:41.0825 2668 Filetrace - ok
16:50:41.0857 2668 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:50:41.0872 2668 flpydisk - ok
16:50:41.0888 2668 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:50:41.0903 2668 FltMgr - ok
16:50:41.0935 2668 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:50:41.0966 2668 FontCache - ok
16:50:42.0013 2668 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:50:42.0013 2668 FontCache3.0.0.0 - ok
16:50:42.0059 2668 [ 2074A85A6B8F84A5A9C60B915B465FAF ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
16:50:42.0059 2668 FPLService - ok
16:50:42.0075 2668 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:50:42.0075 2668 FsDepends - ok
16:50:42.0106 2668 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:50:42.0106 2668 Fs_Rec - ok
16:50:42.0153 2668 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:50:42.0153 2668 fvevol - ok
16:50:42.0169 2668 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:50:42.0184 2668 gagp30kx - ok
16:50:42.0262 2668 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:50:42.0262 2668 GamesAppService - ok
16:50:42.0293 2668 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:50:42.0325 2668 gpsvc - ok
16:50:42.0356 2668 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:50:42.0356 2668 hcw85cir - ok
16:50:42.0387 2668 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:50:42.0403 2668 HdAudAddService - ok
16:50:42.0418 2668 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:50:42.0418 2668 HDAudBus - ok
16:50:42.0449 2668 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:50:42.0449 2668 HidBatt - ok
16:50:42.0465 2668 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:50:42.0465 2668 HidBth - ok
16:50:42.0481 2668 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:50:42.0481 2668 HidIr - ok
16:50:42.0512 2668 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:50:42.0512 2668 hidserv - ok
16:50:42.0543 2668 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:50:42.0543 2668 HidUsb - ok
16:50:42.0559 2668 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:50:42.0574 2668 hkmsvc - ok
16:50:42.0590 2668 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:50:42.0590 2668 HomeGroupListener - ok
16:50:42.0621 2668 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:50:42.0637 2668 HomeGroupProvider - ok
16:50:42.0699 2668 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:50:42.0699 2668 HP Support Assistant Service - ok
16:50:42.0777 2668 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
16:50:42.0808 2668 HPAuto - ok
16:50:42.0824 2668 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:50:42.0839 2668 HPClientSvc - ok
16:50:42.0871 2668 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:50:42.0871 2668 hpdskflt - ok
16:50:42.0949 2668 [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:50:42.0980 2668 hpqwmiex - ok
16:50:43.0011 2668 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:50:43.0011 2668 HpSAMD - ok
16:50:43.0058 2668 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
16:50:43.0058 2668 hpsrv - ok
16:50:43.0120 2668 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:50:43.0120 2668 HPWMISVC - ok
16:50:43.0151 2668 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:50:43.0167 2668 HTTP - ok
16:50:43.0198 2668 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:50:43.0198 2668 hwpolicy - ok
16:50:43.0229 2668 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:50:43.0229 2668 i8042prt - ok
16:50:43.0292 2668 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:50:43.0292 2668 iaStor - ok
16:50:43.0370 2668 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:50:43.0385 2668 IAStorDataMgrSvc - ok
16:50:43.0448 2668 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:50:43.0448 2668 iaStorV - ok
16:50:43.0541 2668 [ D72BF0AE484F88399E8343E821C10D6A ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:50:43.0604 2668 IconMan_R - ok
16:50:43.0666 2668 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:50:43.0682 2668 idsvc - ok
16:50:43.0744 2668 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:50:43.0744 2668 iirsp - ok
16:50:43.0791 2668 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:50:43.0807 2668 IKEEXT - ok
16:50:43.0853 2668 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:50:43.0853 2668 IntcDAud - ok
16:50:43.0885 2668 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:50:43.0885 2668 intelide - ok
16:50:44.0150 2668 [ 33FAA40B288002C89529DBD14F3AB72C ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
16:50:44.0399 2668 intelkmd - ok
16:50:44.0446 2668 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:50:44.0446 2668 intelppm - ok
16:50:44.0477 2668 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:50:44.0477 2668 IPBusEnum - ok
16:50:44.0524 2668 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:50:44.0524 2668 IpFilterDriver - ok
16:50:44.0540 2668 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:50:44.0555 2668 iphlpsvc - ok
16:50:44.0571 2668 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:50:44.0571 2668 IPMIDRV - ok
16:50:44.0587 2668 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:50:44.0587 2668 IPNAT - ok
16:50:44.0618 2668 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:50:44.0618 2668 IRENUM - ok
16:50:44.0633 2668 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:50:44.0633 2668 isapnp - ok
16:50:44.0649 2668 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:50:44.0665 2668 iScsiPrt - ok
16:50:44.0680 2668 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:50:44.0680 2668 kbdclass - ok
16:50:44.0711 2668 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:50:44.0711 2668 kbdhid - ok
16:50:44.0711 2668 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:50:44.0711 2668 KeyIso - ok
16:50:44.0774 2668 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:50:44.0774 2668 KSecDD - ok
16:50:44.0805 2668 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:50:44.0805 2668 KSecPkg - ok
16:50:44.0821 2668 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:50:44.0821 2668 ksthunk - ok
16:50:44.0852 2668 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:50:44.0867 2668 KtmRm - ok
16:50:44.0899 2668 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:50:44.0914 2668 LanmanServer - ok
16:50:44.0930 2668 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:50:44.0945 2668 LanmanWorkstation - ok
16:50:44.0992 2668 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:50:44.0992 2668 lltdio - ok
16:50:45.0023 2668 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:50:45.0023 2668 lltdsvc - ok
16:50:45.0039 2668 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:50:45.0039 2668 lmhosts - ok
16:50:45.0101 2668 [ D7E0BED3EA21D7BDDD410ADE51708D90 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:50:45.0117 2668 LMS - ok
16:50:45.0133 2668 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:50:45.0148 2668 LSI_FC - ok
16:50:45.0179 2668 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:50:45.0179 2668 LSI_SAS - ok
16:50:45.0195 2668 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:50:45.0195 2668 LSI_SAS2 - ok
16:50:45.0226 2668 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:50:45.0226 2668 LSI_SCSI - ok
16:50:45.0257 2668 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:50:45.0257 2668 luafv - ok
16:50:45.0289 2668 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:50:45.0304 2668 Mcx2Svc - ok
16:50:45.0304 2668 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:50:45.0320 2668 megasas - ok
16:50:45.0335 2668 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:50:45.0335 2668 MegaSR - ok
16:50:45.0382 2668 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:50:45.0382 2668 MEIx64 - ok
16:50:45.0413 2668 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:50:45.0413 2668 MMCSS - ok
16:50:45.0429 2668 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:50:45.0429 2668 Modem - ok
16:50:45.0460 2668 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:50:45.0476 2668 monitor - ok
16:50:45.0491 2668 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:50:45.0491 2668 mouclass - ok
16:50:45.0523 2668 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:50:45.0523 2668 mouhid - ok
16:50:45.0538 2668 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:50:45.0538 2668 mountmgr - ok
16:50:45.0601 2668 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
16:50:45.0601 2668 MpFilter - ok
16:50:45.0616 2668 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:50:45.0616 2668 mpio - ok
16:50:45.0632 2668 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:50:45.0632 2668 mpsdrv - ok
16:50:45.0679 2668 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:50:45.0694 2668 MpsSvc - ok
16:50:45.0710 2668 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:50:45.0710 2668 MRxDAV - ok
16:50:45.0741 2668 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:50:45.0757 2668 mrxsmb - ok
16:50:45.0757 2668 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:50:45.0772 2668 mrxsmb10 - ok
16:50:45.0788 2668 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:50:45.0788 2668 mrxsmb20 - ok
16:50:45.0819 2668 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:50:45.0819 2668 msahci - ok
16:50:45.0835 2668 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:50:45.0850 2668 msdsm - ok
16:50:45.0866 2668 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:50:45.0866 2668 MSDTC - ok
16:50:45.0897 2668 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:50:45.0897 2668 Msfs - ok
16:50:45.0913 2668 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:50:45.0913 2668 mshidkmdf - ok
16:50:45.0928 2668 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:50:45.0928 2668 msisadrv - ok
16:50:45.0975 2668 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:50:45.0975 2668 MSiSCSI - ok
16:50:45.0975 2668 msiserver - ok
16:50:45.0991 2668 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:50:45.0991 2668 MSKSSRV - ok
16:50:46.0084 2668 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:50:46.0084 2668 MsMpSvc - ok
16:50:46.0115 2668 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:50:46.0115 2668 MSPCLOCK - ok
16:50:46.0131 2668 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:50:46.0131 2668 MSPQM - ok
16:50:46.0162 2668 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:50:46.0162 2668 MsRPC - ok
16:50:46.0178 2668 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:50:46.0178 2668 mssmbios - ok
16:50:46.0193 2668 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:50:46.0193 2668 MSTEE - ok
16:50:46.0209 2668 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:50:46.0209 2668 MTConfig - ok
16:50:46.0240 2668 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:50:46.0240 2668 Mup - ok
16:50:46.0287 2668 [ 22299BBED2FD0DFFC0FA1D46496C6D19 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:50:46.0303 2668 MyWiFiDHCPDNS - ok
16:50:46.0334 2668 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:50:46.0349 2668 napagent - ok
16:50:46.0396 2668 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:50:46.0396 2668 NativeWifiP - ok
16:50:46.0459 2668 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:50:46.0474 2668 NDIS - ok
16:50:46.0490 2668 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:50:46.0490 2668 NdisCap - ok
16:50:46.0537 2668 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:50:46.0537 2668 NdisTapi - ok
16:50:46.0552 2668 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:50:46.0552 2668 Ndisuio - ok
16:50:46.0568 2668 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:50:46.0568 2668 NdisWan - ok
16:50:46.0583 2668 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:50:46.0583 2668 NDProxy - ok
16:50:46.0583 2668 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:50:46.0599 2668 NetBIOS - ok
16:50:46.0630 2668 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:50:46.0630 2668 NetBT - ok
16:50:46.0646 2668 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:50:46.0646 2668 Netlogon - ok
16:50:46.0677 2668 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:50:46.0677 2668 Netman - ok
16:50:46.0693 2668 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:50:46.0724 2668 netprofm - ok
16:50:46.0755 2668 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:50:46.0755 2668 NetTcpPortSharing - ok
16:50:47.0020 2668 [ 262225F08B891FD7F16B3B93A3177C1F ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
16:50:47.0254 2668 NETwNs64 - ok
16:50:47.0301 2668 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:50:47.0301 2668 nfrd960 - ok
16:50:47.0363 2668 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:50:47.0363 2668 NisDrv - ok
16:50:47.0395 2668 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
16:50:47.0395 2668 NisSrv - ok
16:50:47.0457 2668 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:50:47.0457 2668 NlaSvc - ok
16:50:47.0473 2668 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:50:47.0488 2668 Npfs - ok
16:50:47.0504 2668 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:50:47.0504 2668 nsi - ok
16:50:47.0519 2668 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:50:47.0519 2668 nsiproxy - ok
16:50:47.0582 2668 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:50:47.0629 2668 Ntfs - ok
16:50:47.0644 2668 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:50:47.0644 2668 Null - ok
16:50:47.0691 2668 [ 9A33100AC62A0463C49E47EE8E77083A ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
16:50:47.0691 2668 nusb3hub - ok
16:50:47.0722 2668 [ 87C321F7BEE646B7EC6EEDD6EB725741 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:50:47.0722 2668 nusb3xhc - ok
16:50:47.0769 2668 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
16:50:47.0785 2668 NVENETFD - ok
16:50:47.0831 2668 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:50:47.0831 2668 nvraid - ok
16:50:47.0863 2668 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:50:47.0878 2668 nvstor - ok
16:50:47.0878 2668 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:50:47.0878 2668 nv_agp - ok
16:50:47.0894 2668 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:50:47.0894 2668 ohci1394 - ok
16:50:47.0925 2668 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:50:47.0941 2668 ose - ok
16:50:48.0065 2668 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:50:48.0190 2668 osppsvc - ok
16:50:48.0247 2668 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:50:48.0253 2668 p2pimsvc - ok
16:50:48.0284 2668 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:50:48.0291 2668 p2psvc - ok
16:50:48.0324 2668 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:50:48.0326 2668 Parport - ok
16:50:48.0360 2668 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:50:48.0362 2668 partmgr - ok
16:50:48.0382 2668 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:50:48.0386 2668 PcaSvc - ok
16:50:48.0397 2668 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:50:48.0401 2668 pci - ok
16:50:48.0422 2668 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:50:48.0424 2668 pciide - ok
16:50:48.0441 2668 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:50:48.0445 2668 pcmcia - ok
16:50:48.0465 2668 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:50:48.0467 2668 pcw - ok
16:50:48.0486 2668 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:50:48.0495 2668 PEAUTH - ok
16:50:48.0572 2668 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:50:48.0574 2668 PerfHost - ok
16:50:48.0632 2668 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:50:48.0670 2668 pla - ok
16:50:48.0705 2668 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:50:48.0712 2668 PlugPlay - ok
16:50:48.0721 2668 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:50:48.0723 2668 PNRPAutoReg - ok
16:50:48.0743 2668 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:50:48.0745 2668 PNRPsvc - ok
16:50:48.0781 2668 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:50:48.0788 2668 PolicyAgent - ok
16:50:48.0820 2668 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:50:48.0825 2668 Power - ok
16:50:48.0851 2668 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:50:48.0853 2668 PptpMiniport - ok
16:50:48.0886 2668 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:50:48.0888 2668 Processor - ok
16:50:48.0936 2668 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:50:48.0940 2668 ProfSvc - ok
16:50:48.0949 2668 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:50:48.0950 2668 ProtectedStorage - ok
16:50:48.0978 2668 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:50:48.0982 2668 Psched - ok
16:50:49.0023 2668 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:50:49.0056 2668 ql2300 - ok
16:50:49.0075 2668 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:50:49.0078 2668 ql40xx - ok
16:50:49.0110 2668 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:50:49.0115 2668 QWAVE - ok
16:50:49.0133 2668 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:50:49.0135 2668 QWAVEdrv - ok
16:50:49.0156 2668 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:50:49.0158 2668 RasAcd - ok
16:50:49.0197 2668 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:50:49.0199 2668 RasAgileVpn - ok
16:50:49.0209 2668 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:50:49.0212 2668 RasAuto - ok
16:50:49.0227 2668 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:50:49.0229 2668 Rasl2tp - ok
16:50:49.0254 2668 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:50:49.0260 2668 RasMan - ok
16:50:49.0271 2668 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:50:49.0273 2668 RasPppoe - ok
16:50:49.0289 2668 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:50:49.0291 2668 RasSstp - ok
16:50:49.0312 2668 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:50:49.0317 2668 rdbss - ok
16:50:49.0333 2668 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:50:49.0335 2668 rdpbus - ok
16:50:49.0348 2668 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:50:49.0349 2668 RDPCDD - ok
16:50:49.0376 2668 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:50:49.0378 2668 RDPENCDD - ok
16:50:49.0384 2668 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:50:49.0386 2668 RDPREFMP - ok
16:50:49.0413 2668 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:50:49.0417 2668 RDPWD - ok
16:50:49.0455 2668 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:50:49.0459 2668 rdyboost - ok
16:50:49.0515 2668 [ B29F5BD169CDDEE1049015255E7E3FBD ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:50:49.0518 2668 RegSrvc - ok
16:50:49.0550 2668 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:50:49.0553 2668 RemoteAccess - ok
16:50:49.0572 2668 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:50:49.0577 2668 RemoteRegistry - ok
16:50:49.0647 2668 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
16:50:49.0655 2668 RoxioNow Service - ok
16:50:49.0698 2668 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:50:49.0701 2668 RpcEptMapper - ok
16:50:49.0717 2668 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:50:49.0720 2668 RpcLocator - ok
16:50:49.0739 2668 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:50:49.0743 2668 RpcSs - ok
16:50:49.0780 2668 [ 1F5E7AF59B390261A85F5BEDB1BB88B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
16:50:49.0786 2668 RSPCIESTOR - ok
16:50:49.0815 2668 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:50:49.0818 2668 rspndr - ok
16:50:49.0848 2668 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:50:49.0851 2668 RTL8167 - ok
16:50:49.0873 2668 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:50:49.0874 2668 SamSs - ok
16:50:49.0894 2668 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:50:49.0897 2668 sbp2port - ok
16:50:49.0935 2668 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:50:49.0939 2668 SCardSvr - ok
16:50:49.0950 2668 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:50:49.0951 2668 scfilter - ok
16:50:49.0983 2668 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:50:50.0017 2668 Schedule - ok
16:50:50.0040 2668 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:50:50.0041 2668 SCPolicySvc - ok
16:50:50.0084 2668 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:50:50.0087 2668 sdbus - ok
16:50:50.0102 2668 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:50:50.0106 2668 SDRSVC - ok
16:50:50.0134 2668 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:50:50.0136 2668 secdrv - ok
16:50:50.0152 2668 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:50:50.0155 2668 seclogon - ok
16:50:50.0169 2668 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:50:50.0172 2668 SENS - ok
16:50:50.0193 2668 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:50:50.0193 2668 SensrSvc - ok
16:50:50.0208 2668 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:50:50.0224 2668 Serenum - ok
16:50:50.0239 2668 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:50:50.0239 2668 Serial - ok
16:50:50.0255 2668 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:50:50.0255 2668 sermouse - ok
16:50:50.0286 2668 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:50:50.0302 2668 SessionEnv - ok
16:50:50.0317 2668 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:50:50.0317 2668 sffdisk - ok
16:50:50.0333 2668 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:50:50.0333 2668 sffp_mmc - ok
16:50:50.0333 2668 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:50:50.0333 2668 sffp_sd - ok
16:50:50.0380 2668 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:50:50.0380 2668 sfloppy - ok
16:50:50.0427 2668 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
16:50:50.0458 2668 Sftfs - ok
16:50:50.0520 2668 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:50:50.0520 2668 sftlist - ok
16:50:50.0551 2668 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:50:50.0551 2668 Sftplay - ok
16:50:50.0567 2668 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:50:50.0567 2668 Sftredir - ok
16:50:50.0583 2668 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
16:50:50.0583 2668 Sftvol - ok
16:50:50.0598 2668 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:50:50.0598 2668 sftvsa - ok
16:50:50.0629 2668 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:50:50.0629 2668 SharedAccess - ok
16:50:50.0676 2668 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:50:50.0676 2668 ShellHWDetection - ok
16:50:50.0707 2668 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:50:50.0707 2668 SiSRaid2 - ok
16:50:50.0707 2668 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:50:50.0723 2668 SiSRaid4 - ok
16:50:50.0754 2668 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:50:50.0754 2668 Smb - ok
16:50:50.0801 2668 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:50:50.0801 2668 SNMPTRAP - ok
16:50:50.0817 2668 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:50:50.0817 2668 spldr - ok
16:50:50.0848 2668 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:50:50.0863 2668 Spooler - ok
16:50:50.0941 2668 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:50:51.0019 2668 sppsvc - ok
16:50:51.0019 2668 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:50:51.0035 2668 sppuinotify - ok
16:50:51.0066 2668 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:50:51.0082 2668 srv - ok
16:50:51.0097 2668 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:50:51.0113 2668 srv2 - ok
16:50:51.0160 2668 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:50:51.0160 2668 SrvHsfHDA - ok
16:50:51.0191 2668 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:50:51.0222 2668 SrvHsfV92 - ok
16:50:51.0253 2668 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:50:51.0269 2668 SrvHsfWinac - ok
16:50:51.0285 2668 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:50:51.0285 2668 srvnet - ok
16:50:51.0331 2668 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:50:51.0331 2668 SSDPSRV - ok
16:50:51.0347 2668 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:50:51.0347 2668 SstpSvc - ok
16:50:51.0425 2668 [ 20E27AA5BCC01C2149830C05FE22F675 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:50:51.0441 2668 STacSV - ok
16:50:51.0456 2668 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:50:51.0472 2668 stexstor - ok
16:50:51.0519 2668 [ BEB37CE4E7456F5EFA52D783D1E06D8C ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:50:51.0519 2668 STHDA - ok
16:50:51.0565 2668 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:50:51.0581 2668 stisvc - ok
16:50:51.0597 2668 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:50:51.0597 2668 swenum - ok
16:50:51.0628 2668 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:50:51.0628 2668 swprv - ok
16:50:51.0690 2668 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:50:51.0690 2668 SynTP - ok
16:50:51.0737 2668 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:50:51.0784 2668 SysMain - ok
16:50:51.0799 2668 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:50:51.0799 2668 TabletInputService - ok
16:50:51.0831 2668 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:50:51.0846 2668 TapiSrv - ok
16:50:51.0862 2668 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:50:51.0862 2668 TBS - ok
16:50:51.0940 2668 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:50:51.0971 2668 Tcpip - ok
16:50:52.0033 2668 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:50:52.0049 2668 TCPIP6 - ok
16:50:52.0065 2668 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:50:52.0065 2668 tcpipreg - ok
16:50:52.0080 2668 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:50:52.0080 2668 TDPIPE - ok
16:50:52.0111 2668 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:50:52.0111 2668 TDTCP - ok
16:50:52.0158 2668 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:50:52.0158 2668 tdx - ok
16:50:52.0174 2668 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:50:52.0174 2668 TermDD - ok
16:50:52.0205 2668 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:50:52.0240 2668 TermService - ok
16:50:52.0252 2668 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:50:52.0254 2668 Themes - ok
16:50:52.0271 2668 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:50:52.0272 2668 THREADORDER - ok
16:50:52.0303 2668 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:50:52.0307 2668 TrkWks - ok
16:50:52.0358 2668 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:50:52.0361 2668 TrustedInstaller - ok
16:50:52.0384 2668 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:50:52.0386 2668 tssecsrv - ok
16:50:52.0408 2668 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:50:52.0410 2668 TsUsbFlt - ok
16:50:52.0430 2668 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:50:52.0432 2668 TsUsbGD - ok
16:50:52.0469 2668 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:50:52.0472 2668 tunnel - ok
16:50:52.0494 2668 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:50:52.0496 2668 uagp35 - ok
16:50:52.0524 2668 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:50:52.0530 2668 udfs - ok
16:50:52.0560 2668 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:50:52.0564 2668 UI0Detect - ok
16:50:52.0586 2668 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:50:52.0588 2668 uliagpkx - ok
16:50:52.0609 2668 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:50:52.0611 2668 umbus - ok
16:50:52.0622 2668 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:50:52.0623 2668 UmPass - ok
16:50:52.0711 2668 [ A678E5DDD974903DD71F503BDCACA218 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:50:52.0789 2668 UNS - ok
16:50:52.0822 2668 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:50:52.0828 2668 upnphost - ok
16:50:52.0858 2668 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:50:52.0861 2668 usbccgp - ok
16:50:52.0891 2668 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:50:52.0893 2668 usbcir - ok
16:50:52.0920 2668 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:50:52.0921 2668 usbehci - ok
16:50:52.0951 2668 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:50:52.0956 2668 usbhub - ok
16:50:52.0988 2668 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:50:52.0990 2668 usbohci - ok
16:50:53.0006 2668 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:50:53.0008 2668 usbprint - ok
16:50:53.0053 2668 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:50:53.0055 2668 USBSTOR - ok
16:50:53.0073 2668 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:50:53.0075 2668 usbuhci - ok
16:50:53.0105 2668 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:50:53.0108 2668 usbvideo - ok
16:50:53.0151 2668 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
16:50:53.0153 2668 usb_rndisx - ok
16:50:53.0184 2668 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:50:53.0187 2668 UxSms - ok
16:50:53.0196 2668 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:50:53.0197 2668 VaultSvc - ok
16:50:53.0207 2668 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:50:53.0207 2668 vdrvroot - ok
16:50:53.0223 2668 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:50:53.0238 2668 vds - ok
16:50:53.0270 2668 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:50:53.0270 2668 vga - ok
16:50:53.0301 2668 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:50:53.0301 2668 VgaSave - ok
16:50:53.0332 2668 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:50:53.0332 2668 vhdmp - ok
16:50:53.0348 2668 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:50:53.0348 2668 viaide - ok
16:50:53.0363 2668 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:50:53.0363 2668 volmgr - ok
16:50:53.0379 2668 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:50:53.0394 2668 volmgrx - ok
16:50:53.0410 2668 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:50:53.0410 2668 volsnap - ok
16:50:53.0441 2668 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:50:53.0441 2668 vsmraid - ok
16:50:53.0504 2668 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:50:53.0550 2668 VSS - ok
16:50:53.0582 2668 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:50:53.0582 2668 vwifibus - ok
16:50:53.0613 2668 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:50:53.0613 2668 vwififlt - ok
16:50:53.0628 2668 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:50:53.0628 2668 vwifimp - ok
16:50:53.0660 2668 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:50:53.0660 2668 W32Time - ok
16:50:53.0675 2668 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:50:53.0691 2668 WacomPen - ok
16:50:53.0722 2668 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:50:53.0722 2668 WANARP - ok
16:50:53.0722 2668 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:50:53.0722 2668 Wanarpv6 - ok
16:50:53.0800 2668 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:50:53.0831 2668 WatAdminSvc - ok
16:50:53.0878 2668 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:50:53.0909 2668 wbengine - ok
16:50:53.0940 2668 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:50:53.0940 2668 WbioSrvc - ok
16:50:53.0956 2668 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:50:53.0972 2668 wcncsvc - ok
16:50:53.0987 2668 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:50:53.0987 2668 WcsPlugInService - ok
16:50:54.0018 2668 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:50:54.0018 2668 Wd - ok
16:50:54.0034 2668 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:50:54.0050 2668 Wdf01000 - ok
16:50:54.0065 2668 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:50:54.0065 2668 WdiServiceHost - ok
16:50:54.0065 2668 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:50:54.0065 2668 WdiSystemHost - ok
16:50:54.0112 2668 [ 5E1640435DD54D00451156CA5340B109 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
16:50:54.0112 2668 wdkmd - ok
16:50:54.0143 2668 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:50:54.0143 2668 WebClient - ok
16:50:54.0159 2668 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:50:54.0159 2668 Wecsvc - ok
16:50:54.0190 2668 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:50:54.0190 2668 wercplsupport - ok
16:50:54.0206 2668 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:50:54.0206 2668 WerSvc - ok
16:50:54.0237 2668 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:50:54.0237 2668 WfpLwf - ok
16:50:54.0268 2668 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:50:54.0268 2668 WIMMount - ok
16:50:54.0284 2668 WinDefend - ok
16:50:54.0299 2668 WinHttpAutoProxySvc - ok
16:50:54.0330 2668 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:50:54.0330 2668 Winmgmt - ok
16:50:54.0393 2668 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:50:54.0440 2668 WinRM - ok
16:50:54.0486 2668 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
16:50:54.0502 2668 WinUsb - ok
16:50:54.0518 2668 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:50:54.0549 2668 Wlansvc - ok
16:50:54.0611 2668 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:50:54.0611 2668 wlcrasvc - ok
16:50:54.0720 2668 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:50:54.0783 2668 wlidsvc - ok
16:50:54.0798 2668 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:50:54.0798 2668 WmiAcpi - ok
16:50:54.0830 2668 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:50:54.0845 2668 wmiApSrv - ok
16:50:54.0876 2668 WMPNetworkSvc - ok
16:50:54.0892 2668 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:50:54.0892 2668 WPCSvc - ok
16:50:54.0908 2668 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:50:54.0908 2668 WPDBusEnum - ok
16:50:54.0939 2668 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:50:54.0939 2668 ws2ifsl - ok
16:50:54.0954 2668 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:50:54.0954 2668 wscsvc - ok
16:50:55.0001 2668 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:50:55.0001 2668 WSDPrintDevice - ok
16:50:55.0001 2668 WSearch - ok
16:50:55.0095 2668 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:50:55.0173 2668 wuauserv - ok
16:50:55.0188 2668 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:50:55.0188 2668 WudfPf - ok
16:50:55.0220 2668 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:50:55.0220 2668 WUDFRd - ok
16:50:55.0251 2668 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:50:55.0251 2668 wudfsvc - ok
16:50:55.0266 2668 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:50:55.0266 2668 WwanSvc - ok
16:50:55.0407 2668 [ 9E35C40B0952F27E3F57E8F1D449F0A0 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
16:50:55.0500 2668 ZeroConfigService - ok
16:50:55.0516 2668 ================ Scan global ===============================
16:50:55.0547 2668 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:50:55.0563 2668 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:50:55.0578 2668 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:50:55.0610 2668 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:50:55.0625 2668 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:50:55.0625 2668 [Global] - ok
16:50:55.0625 2668 ================ Scan MBR ==================================
16:50:55.0641 2668 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:50:56.0031 2668 \Device\Harddisk0\DR0 - ok
16:50:56.0031 2668 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:50:56.0093 2668 \Device\Harddisk1\DR1 - ok
16:50:56.0093 2668 ================ Scan VBR ==================================
16:50:56.0093 2668 [ 0E10267E882EE045B3E99D083B785D95 ] \Device\Harddisk0\DR0\Partition1
16:50:56.0093 2668 \Device\Harddisk0\DR0\Partition1 - ok
16:50:56.0109 2668 [ 4FED87C9C1FF3D56B12FD87E44232047 ] \Device\Harddisk0\DR0\Partition2
16:50:56.0109 2668 \Device\Harddisk0\DR0\Partition2 - ok
16:50:56.0156 2668 [ 02F8B995BD6B327D1D29409D775E009A ] \Device\Harddisk0\DR0\Partition3
16:50:56.0156 2668 \Device\Harddisk0\DR0\Partition3 - ok
16:50:56.0171 2668 [ 2FAAC27FBFDF4B34B1585605016332B2 ] \Device\Harddisk0\DR0\Partition4
16:50:56.0171 2668 \Device\Harddisk0\DR0\Partition4 - ok
16:50:56.0171 2668 ============================================================
16:50:56.0171 2668 Scan finished
16:50:56.0171 2668 ============================================================
16:50:56.0171 2660 Detected object count: 0
16:50:56.0171 2660 Actual detected object count: 0
16:51:24.0465 2612 Deinitialize success

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-10 16:54:35
-----------------------------
16:54:35.091 OS Version: Windows x64 6.1.7601 Service Pack 1
16:54:35.091 Number of processors: 8 586 0x2A07
16:54:35.092 ComputerName: DEREK-I7-LAPTOP UserName: Derek
16:54:36.212 Initialize success
16:55:21.813 AVAST engine defs: 12101001
16:55:36.039 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:55:36.039 Disk 0 Vendor: ST950032 0005 Size: 476940MB BusType: 3
16:55:36.039 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
16:55:36.039 Disk 1 Vendor: ST950032 0005 Size: 476940MB BusType: 3
16:55:36.055 Disk 0 MBR read successfully
16:55:36.055 Disk 0 MBR scan
16:55:36.055 Disk 0 Windows 7 default MBR code
16:55:36.070 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
16:55:36.070 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 461621 MB offset 409600
16:55:36.117 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15015 MB offset 945809408
16:55:36.138 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 101 MB offset 976560128
16:55:36.178 Disk 0 scanning C:\Windows\system32\drivers
16:55:48.405 Service scanning
16:56:11.840 Modules scanning
16:56:11.852 Disk 0 trace - called modules:
16:56:11.936 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
16:56:11.940 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008343790]
16:56:11.945 3 CLASSPNP.SYS[fffff88001d6d43f] -> nt!IofCallDriver -> [0xfffffa8008245b10]
16:56:11.949 5 hpdskflt.sys[fffff88001d14189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8008120050]
16:56:12.906 AVAST engine scan C:\Windows
16:56:14.917 AVAST engine scan C:\Windows\system32
16:59:20.595 AVAST engine scan C:\Windows\system32\drivers
16:59:35.298 AVAST engine scan C:\Users\Derek
17:02:50.123 AVAST engine scan C:\ProgramData
17:04:09.262 Scan finished successfully
17:08:42.838 Disk 0 MBR has been saved successfully to "C:\Users\Derek\Desktop\MBR.dat"
17:08:42.854 The log file has been saved successfully to "C:\Users\Derek\Desktop\aswMBR.txt"

C:\Program Files (x86)\CouponDropDown\CouponDropDown.dll a variant of Win32/Toolbar.CrossRider.A application cleaned by deleting - quarantined
C:\Users\Derek\Downloads\download_ocarina_code_manager_downloader.exe Win32/Adware.MediaFinder application cleaned by deleting - quarantined
C:\Users\Derek\Downloads\iLividSetupV1 (1).exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Derek\Downloads\iLividSetupV1 (2).exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Derek\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Derek\Downloads\SoftonicDownloader_for_slender.exe a variant of Win32/SoftonicDownloader.E application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 10 October 2012 - 06:56 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 11 October 2012 - 11:47 AM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.10.10

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Derek :: DEREK-I7-LAPTOP [administrator]

10/10/2012 6:03:42 PM
mbam-log-2012-10-10 (18-03-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204779
Time elapsed: 1 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\InstalledBrowserExtensions\215 Apps|4352 (PUP.CrossFire.SA) -> Data: CouponDropDown -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox by Farbar Version: 23-07-2012
Ran by Derek (administrator) on 10-10-2012 at 18:04:59
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 1000 = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Derek-i7-laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 74-E5-0B-38-73-CB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1000
Physical Address. . . . . . . . . : 74-E5-0B-38-73-CA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::60e8:b61a:cc5b:6b81%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, October 10, 2012 4:43:13 PM
Lease Expires . . . . . . . . . . : Thursday, October 11, 2012 4:43:13 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 309650699
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-73-10-54-10-1F-74-19-20-10
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 10-1F-74-18-F2-D1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C0D5F366-A06F-455C-B137-ADA5981250DF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:400f:801::1000
74.125.225.161
74.125.225.167
74.125.225.162
74.125.225.169
74.125.225.165
74.125.225.168
74.125.225.174
74.125.225.160
74.125.225.166
74.125.225.163
74.125.225.164


Pinging google.com [74.125.225.164] with 32 bytes of data:
Reply from 74.125.225.164: bytes=32 time=16ms TTL=54
Reply from 74.125.225.164: bytes=32 time=16ms TTL=54

Ping statistics for 74.125.225.164:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 16ms, Average = 16ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=60ms TTL=49
Reply from 72.30.38.140: bytes=32 time=158ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 60ms, Maximum = 158ms, Average = 109ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...74 e5 0b 38 73 cb ......Microsoft Virtual WiFi Miniport Adapter
12...74 e5 0b 38 73 ca ......Intel® Centrino® Wireless-N 1000
11...10 1f 74 18 f2 d1 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.6 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.6 281
192.168.1.6 255.255.255.255 On-link 192.168.1.6 281
192.168.1.255 255.255.255.255 On-link 192.168.1.6 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.6 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.6 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::60e8:b61a:cc5b:6b81/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/10/2012 04:52:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (10/10/2012 04:49:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 1.9.0.3725, time stamp: 0x4b9de18e
Faulting module name: xmllite.dll, version: 1.3.1001.0, time stamp: 0x4df985db
Exception code: 0xc0000005
Fault offset: 0x00018ce4
Faulting process id: 0x634
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (10/10/2012 04:44:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/10/2012 04:39:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Exception code: 0xc0000005
Fault offset: 0x00002d80
Faulting process id: 0x91c
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3

Error: (10/10/2012 04:39:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2012 07:09:41 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\ProgramData\Electronic Arts\EADM\cache\{ }\TS3_1.39.3.0180xx_update.exe Arts\EADM\cache\{ }\TS3_1.39.3.0180xx_update.exe" ; Description = Installed The Sims 3; Error = 0x80070514).

Error: (10/08/2012 01:26:04 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (10/08/2012 01:16:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Exception code: 0xc0000005
Fault offset: 0x00002d80
Faulting process id: 0x8f4
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3

Error: (10/08/2012 01:15:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2012 01:14:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/10/2012 06:03:51 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2012 06:03:51 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2012 06:03:51 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2012 06:02:47 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2012 06:02:47 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2012 06:02:47 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2012 06:01:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2012 06:01:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2012 06:01:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2012 06:00:47 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (10/10/2012 04:52:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Derek\Downloads\SoftonicDownloader_for_slender.exe

Error: (10/10/2012 04:49:55 PM) (Source: Application Error)(User: )
Description: firefox.exe1.9.0.37254b9de18exmllite.dll1.3.1001.04df985dbc000000500018ce463401cda73956caa5d8C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\system32\xmllite.dllced28088-132c-11e2-bef3-101f7418f2d1

Error: (10/10/2012 04:44:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/10/2012 04:39:13 PM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.05004e5aaDefaultTabSearch.exe0.0.0.05004e5aac000000500002d8091c01cda7380f68795eC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe502dae79-132b-11e2-a301-74e50b3873ca

Error: (10/10/2012 04:39:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2012 07:09:41 PM) (Source: System Restore)(User: )
Description: C:\ProgramData\Electronic Arts\EADM\cache\{ }\TS3_1.39.3.0180xx_update.exe Arts\EADM\cache\{ }\TS3_1.39.3.0180xx_update.exe" Installed The Sims 30x80070514

Error: (10/08/2012 01:26:04 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (10/08/2012 01:16:01 PM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.05004e5aaDefaultTabSearch.exe0.0.0.05004e5aac000000500002d808f401cda5895476dbeeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe983106a1-117c-11e2-9f4b-74e50b3873ca

Error: (10/08/2012 01:15:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2012 01:14:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
AMD APP SDK Runtime (Version: 2.5.709.2)
AMD Catalyst Install Manager (Version: 3.0.838.0)
AuthenTec TrueAPI (Version: 1.2.1.33)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bejeweled 3 (Version: 2.2.0.95)
Bing Desktop (Version: 1.0.45.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.2.6699)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0930.2209.37895)
Catalyst Control Center Graphics Previews Common (Version: 2011.0930.2209.37895)
Catalyst Control Center InstallProxy (Version: 2011.0930.2209.37895)
Catalyst Control Center Localization All (Version: 2011.0930.2209.37895)
Catalyst Control Center Profiles Mobile (Version: 2011.0930.2209.37895)
ccc-utility64 (Version: 2011.0930.2209.37895)
CCC Help Chinese Standard (Version: 2011.0930.2208.37895)
CCC Help Chinese Traditional (Version: 2011.0930.2208.37895)
CCC Help Czech (Version: 2011.0930.2208.37895)
CCC Help Danish (Version: 2011.0930.2208.37895)
CCC Help Dutch (Version: 2011.0930.2208.37895)
CCC Help English (Version: 2011.0930.2208.37895)
CCC Help Finnish (Version: 2011.0930.2208.37895)
CCC Help French (Version: 2011.0930.2208.37895)
CCC Help German (Version: 2011.0930.2208.37895)
CCC Help Greek (Version: 2011.0930.2208.37895)
CCC Help Hungarian (Version: 2011.0930.2208.37895)
CCC Help Italian (Version: 2011.0930.2208.37895)
CCC Help Japanese (Version: 2011.0930.2208.37895)
CCC Help Korean (Version: 2011.0930.2208.37895)
CCC Help Norwegian (Version: 2011.0930.2208.37895)
CCC Help Polish (Version: 2011.0930.2208.37895)
CCC Help Portuguese (Version: 2011.0930.2208.37895)
CCC Help Russian (Version: 2011.0930.2208.37895)
CCC Help Spanish (Version: 2011.0930.2208.37895)
CCC Help Swedish (Version: 2011.0930.2208.37895)
CCC Help Thai (Version: 2011.0930.2208.37895)
CCC Help Turkish (Version: 2011.0930.2208.37895)
CCleaner (Version: 3.21)
Chuzzle Deluxe (Version: 2.2.0.95)
CouponDropDown (Version: 1.23.151.151)
CyberLink YouCam (Version: 3.5.1.3908)
D3DX10 (Version: 15.4.2368.0902)
DefaultTab (Version: 1.2.8.0)
DefaultTab Chrome (Version: 1.1.8)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
EA Download Manager (Version: 5.0.0.255)
Energy Star Digital Logo (Version: 1.0.1)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
Evernote v. 4.2.2 (Version: 4.2.2.3979)
Farm Frenzy (Version: 2.2.0.95)
FastStone Image Viewer 4.6 (Version: 4.6)
FATE - The Traitor Soul (Version: 2.2.0.95)
Google Chrome (Version: 22.0.1229.94)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.9.1)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.0.0)
HP Games (Version: 1.0.2.4)
HP MovieStore (Version: 1.0.047)
HP MovieStore (Version: 2.0)
HP On Screen Display (Version: 1.3.5)
HP Power Manager (Version: 1.4.4)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.6.4530.3651)
HP Setup Manager (Version: 1.1.13231.3673)
HP SimplePass 2011 (Version: 5.1.0.495)
HP Software Framework (Version: 4.1.13.1)
HP Support Assistant (Version: 6.1.12.1)
IDT Audio (Version: 1.0.6345.0)
inSSIDer (Version: 2.1.5)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Display Audio Driver (Version: 6.14.00.3074)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.1.0170)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.30.0)
Intel® PROSet/Wireless WiFi Software (Version: 15.01.1500.1034)
Internet Turbo (Version: 1.6.0.132)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Logitech Unifying Software 2.00 (Version: 2.00.43)
Magic Desktop (Version: 3.0)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Media Finder 1.0.9.34 (Version: 1.0.9.34)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox (3.0.19) (Version: 3.0.19 (en-US))
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
PX Profile Update (Version: 1.00.1.)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek PCIE Card Reader (Version: 6.1.7601.83)
Recovery Manager (Version: 2.0.0)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.19.0)
RoxioNow Player (Version: 1.9.5.103)
Scan To (Version: 2.0.1)
Slingo Supreme (Version: 2.2.0.95)
SmartViewer (Version: 1.00.0000)
Synaptics TouchPad Driver (Version: 15.3.29.0)
System Requirements Lab for Intel (Version: 4.5.5.0)
The Sims 2
The Sims™ 3 (Version: 1.39.3)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Validity WBF DDK (Version: 4.3.205.0)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
World of Warcraft (Version: 5.0.5.16057)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 8139.86 MB
Available physical RAM: 6606.5 MB
Total Pagefile: 16277.91 MB
Available Pagefile: 14863.98 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.34 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:450.8 GB) (Free:343.62 GB) NTFS
2 Drive e: (RECOVERY) (Fixed) (Total:14.66 GB) (Free:1.84 GB) NTFS
3 Drive f: (Sims3) (CDROM) (Total:5.54 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\DEREK-I7-LAPTOP

Administrator Derek Guest

========================= Restore Points ==================================

10-09-2012 21:40:15 Windows Update
12-09-2012 09:00:11 Windows Update
17-09-2012 03:00:01 Windows Update
17-09-2012 15:23:49 Windows Update
24-09-2012 17:34:59 Windows Update
25-09-2012 14:11:07 Windows Update
27-09-2012 09:00:14 Windows Update
01-10-2012 23:01:10 Windows Update
07-10-2012 19:07:17 Windows Update
10-10-2012 00:15:08 Installed The Sims 3

**** End of log ****
Farbar Service Scanner Version: 07-10-2012
Ran by Derek (administrator) on 10-10-2012 at 18:10:18
Running from "C:\Users\Derek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KAPD2K6B"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

I couldn't run AdwareCleaner, it was blocked by smartscreenfilter.

Junkware Removal Tool (JRT) by Thisisu
Version: 1.4.0 (10.10.2012)
OS: Windows 7 Home Premium x64
Ran by Derek on Wed 10/10/2012 at 18:12:22.34
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services:

Successfully stopped: [SERVICE] DefaultTabSearch
Successfully deleted: [SERVICE] DefaultTabSearch
Successfully stopped: [SERVICE] DefaultTabUpdate
Successfully deleted: [SERVICE] DefaultTabUpdate



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{7f6afbf1-e065-4627-a2fd-810366367d01}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{7f6afbf1-e065-4627-a2fd-810366367d01}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{7f6afbf1-e065-4627-a2fd-810366367d01}
Successfully deleted: [KEY] hkey_classes_root\clsid\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\crossrider"
Successfully deleted: [KEY] "hkey_current_user\software\datamngr"



*** Files:

Successfully deleted: [FILE] C:\Users\Derek\AppData\Roaming\defaulttab\defaulttab\addon.ico
Successfully deleted: [FILE] C:\Users\Derek\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.cfg
Successfully deleted: [FILE] C:\Users\Derek\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll
Successfully deleted: [FILE] C:\Users\Derek\AppData\Roaming\defaulttab\defaulttab\DefaultTabStart.exe
Successfully deleted: [FILE] C:\Users\Derek\AppData\Roaming\defaulttab\defaulttab\DefaultTabWrap.dll
Successfully deleted: [FILE] C:\Users\Derek\AppData\Roaming\defaulttab\defaulttab\DT.ico
Successfully deleted: [FILE] C:\Users\Derek\AppData\Roaming\defaulttab\defaulttab\DTUpdate.exe
Successfully deleted: [FILE] C:\Users\Derek\AppData\Roaming\defaulttab\defaulttab\searchhere.ico
Successfully deleted: [FILE] C:\Users\Derek\AppData\Roaming\defaulttab\defaulttab\uninstalldt.exe
Successfully deleted: [FILE] C:\Users\Derek\appdata\local\ilivid player\script.qscript



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\Derek\AppData\Roaming\defaulttab\defaulttab"
Successfully deleted: [FOLDER] "C:\Users\Derek\AppData\Roaming\media finder"
Successfully deleted: [FOLDER] "C:\Users\Derek\appdata\local\ilivid player"



*** Ask Toolbar Cleanup:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827}



*** FireFox detected and repaired

Successfully deleted: [search_results.xml] from C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ofusp208.default\searchplugins
Successfully deleted: [search_results.xml] from "C:\Program Files (x86)\mozilla firefox\searchplugins"
Removed the following from [PREFS.JS] :

user_pref("browser.search.defaultenginename", "Search Results");
user_pref("browser.search.order.1", "Search Results");
user_pref("browser.search.selectedEngine", "Search Results");
user_pref("extensions.crossriderapp4352.adsOldValue", -1);


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Wed 10/10/2012 at 18:19:54.23
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 11 October 2012 - 12:28 PM

I couldn't run AdwareCleaner, it was blocked by smartscreenfilter.


Use a different browser

Run malwarebytes in normal mode and post the log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 11 October 2012 - 12:47 PM

# AdwCleaner v2.004 - Logfile created 10/11/2012 at 11:31:49
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Derek - DEREK-I7-LAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Derek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G2HQAJDX\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\.autoreg
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\Media Finder
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\Users\Derek\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Folder Deleted : C:\Users\Derek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Folder Deleted : C:\Users\Derek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Deleted : C:\Users\Derek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Folder Deleted : C:\Users\Derek\AppData\Local\Smartbar
Folder Deleted : C:\Users\Derek\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Derek\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Derek\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@themediafinder.com
Folder Deleted : C:\Users\Derek\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ofusp208.default\extensions\staged

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SmartbarBackup
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004352.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004352.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004352.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004352.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook
Key Deleted : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=InternetTurbo&dpid=InternetTurbo&co=US&userid=5ce1e31b-6f2c-4bfa-95b0-82d5ba44c380&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=InternetTurbo&dpid=InternetTurbo&co=US&userid=5ce1e31b-6f2c-4bfa-95b0-82d5ba44c380&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=InternetTurbo&dpid=InternetTurbo&co=US&userid=5ce1e31b-6f2c-4bfa-95b0-82d5ba44c380&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=InternetTurbo&dpid=InternetTurbo&co=US&userid=5ce1e31b-6f2c-4bfa-95b0-82d5ba44c380&searchtype=ds&q={searchTerms} --> hxxp://www.google.com

-\\ Mozilla Firefox v3.0.19 (en-US)

Profile name : default
File : C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ofusp208.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Derek\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.13] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://feed.snap.do/?publisher=InternetTurbo&dpid=InternetTurbo&co=US&userid=5ce1e31b-6f2c-4bfa-95b0-82d5ba44c380&searchtype=hp" ]
Deleted [l.2068] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://feed.snap.do/?publisher=InternetTurbo&dpid=InternetTurbo&co=US&userid=5ce1e31b-6f2c-4bfa-95b0-82d5ba44c380&searchtype=hp" ]

*************************

AdwCleaner[R1].txt - [8297 octets] - [11/10/2012 11:31:33]
AdwCleaner[S1].txt - [8238 octets] - [11/10/2012 11:31:49]

########## EOF - C:\AdwCleaner[S1].txt - [8298 octets] ##########

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/11/2012 11:42:47 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ezSharedSvcHost.exe (PID: 2380) [SFI]
* C:\Users\Derek\AppData\Local\Temp\EADF018.exe (PID: 5576) [T-HEUR]
* C:\Users\Derek\AppData\Local\Temp\Origin\Setup.exe (PID: 5356) [T-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Derek\Desktop\rkill\rkill-10-11-2012-11-42-57.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/11/2012 11:43:21 AM
Execution time: 0 hours(s), 0 minute(s), and 33 seconds(s)

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelPROSet" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 10.0\reader\reader_sl.exe"
+ "BingDesktop" "Bing Desktop application" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktop.exe"
+ "Easybits Recovery" "" "EasyBits Software AS" "c:\program files (x86)\easybits for kids\ezrecover.exe"
+ "HP Quick Launch" "HP Message Service" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe"
+ "HPOSD" "HP On Screen Display" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp on screen display\hposd.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "NUSB3MON" "USB 3.0 Monitor" "Renesas Electronics Corporation" "c:\program files (x86)\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EA Core" "EA Download Manager" "Electronic Arts" "c:\program files (x86)\electronic arts\eadm\core.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\derek\appdata\local\google\update\googleupdate.exe"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "EasyBits Security Shield Hook - prevents launching insecure programs by kids" "EasyBits Security Shield component" "EasyBits Software Corp." "c:\windows\syswow64\ezupbhook.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "TrueSuite Website Log On" "Website Log On" "HP" "c:\program files (x86)\hp simplepass 2011\x64\iebho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "TrueSuite Website Log On" "Website Log On" "HP" "c:\program files (x86)\hp simplepass 2011\iebho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Evernote 4" "" "" "File not found: C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1189585583-3233209302-2266508683-1000Core" "Google Installer" "Google Inc." "c:\users\derek\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1189585583-3233209302-2266508683-1000UA" "Google Installer" "Google Inc." "c:\users\derek\appdata\local\google\update\googleupdate.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpsfmessenger\hpsfmsgr.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up" "HPTuneUp" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hptuneup.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Health Analysis" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Tuneup" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\Update Check" "HP Support Assistant Updater" "Hewlett-Packard" "c:\programdata\hewlett-packard\hp support framework\resources\updater\hpsfupdater.exe"
+ "\HPCeeScheduleForDerek" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\HPCeeScheduleForDEREK-I7-LAPTOP$" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\MirageAgent" "YouCam Mirage" "CyberLink" "c:\program files (x86)\cyberlink\youcam\ycmmirage.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\idt\wdm\aestsr64.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AMPPALR3" "Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter" "Intel Corporation" "c:\program files\intel\bluetoothhs\bthsamppalservice.exe"
+ "BingDesktopUpdate" "Bing Desktop Update Service" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktopupdater.exe"
+ "BTHSSecurityMgr" "Manages the 802.1x security between two Bluetooth® High Speed connections." "Intel® Corporation" "c:\program files\intel\bluetoothhs\bthssecuritymgr.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "ezSharedSvc" "Provides licensing, security and parental control services for EasyBits applications. If this service is stopped or disabled, these applications will not function properly." "EasyBits Software AS" "c:\windows\syswow64\ezsharedsvchost.exe"
+ "FPLService" "Provides convenient and secure fingerprint authentication and identity management." "HP" "c:\program files (x86)\hp simplepass 2011\truesuiteservice.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPAuto" "HP Usage Improvement Tracking" "Hewlett-Packard" "c:\program files\hewlett-packard\hp auto\hpauto.exe"
+ "HPClientSvc" "HP Client Services" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
+ "hpqwmiex" "HP Software Framework WMI Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
+ "HPWMISVC" "HP Quick Launch WMI Service" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch\hpwmisvc.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "IconMan_R" "Realtek Card Reader Icon Tool." "Realsil Microelectronics Inc." "c:\program files (x86)\realtek\realtek pcie card reader\riconman.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "RoxioNow Service" "Windows Service App" "Roxio" "c:\program files (x86)\roxio\roxionow player\rnowsvc.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\program files\idt\wdm\stacsv64.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "ZeroConfigService" "Manages the zero configuration service for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\zeroconfigservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AMPPAL" "Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "AMPPALP" "Intel® Centrino® Wireless Bluetooth® + High Speed Protocol" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BTMCOM" "Bluetooth Serial Port Driver" "Motorola, Inc." "c:\windows\system32\drivers\btmcom.sys"
+ "btmhid" "Bluetooth HID Driver" "Motorola, Inc." "c:\windows\system32\drivers\btmhid.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "clwvd" "CyberLink WebCam Virtual Driver" "CyberLink Corporation" "c:\windows\system32\drivers\clwvd.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpudrv64" "" "" "c:\program files (x86)\systemrequirementslab\cpudrv64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "intelkmd" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdpmd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwsw00.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvm62x64.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSPCIESTOR" "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtspstor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "wdkmd" "Intel Wireless Display Solution" "Intel Corporation" "c:\windows\system32\drivers\wdkmd.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Intel® Media SDK AAC Encoder" "Intel® Media SDK AAC Encoder" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_aac_enc_ds.dll"
+ "Intel® Media SDK MPEG-2 Muxer" "Intel® Media SDK MPEG-2 Muxer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_mp2_mux_ds.dll"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel® Network Filter" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\intelnet.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MainConcept MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mcmpeg2mux.ax"
+ "MainConcept Network Renderer" "Network Renderer" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_net_renderer_ds.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PCL hpf3lw73" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3lw73.dll"

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.10.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Derek :: DEREK-I7-LAPTOP [administrator]

10/11/2012 11:40:34 AM
mbam-log-2012-10-11 (11-40-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 207109
Time elapsed: 6 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 11 October 2012 - 12:49 PM

Any current issues?

#9 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 11 October 2012 - 01:06 PM

At a glance things look good. Does it look good from your perspective on the logs?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 11 October 2012 - 01:13 PM

Looks good to me

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users