Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Adware (Babylon Toolbar)


  • Please log in to reply
9 replies to this topic

#1 titansfan83

titansfan83

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 13 October 2012 - 02:11 AM

My computer is infected with the Babylon Toolbar, InstallCore.A (dunno what this is but it came up when I ran ESET scanner) and Crossrider.A adware. My toolbars that I use regularly no longer respond and lock up Firefox when I click on them. I ran AdwCleaner.exe and here is a copy of that log. It seems I may also have other infections.

# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Dowdy - DOWDY-PC
# Boot Mode : Normal
# Running from : C:\Users\Dowdy\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
File Found : C:\Users\Dowdy\AppData\Roaming\Mozilla\Firefox\Profiles\el3043rm.default-1347085661979\searchplugins\Conduit.xml
Folder Found : C:\Program Files (x86)\BabylonToolbar
Folder Found : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Found : C:\Program Files (x86)\Giant Savings
Folder Found : C:\Program Files (x86)\vShare
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\Users\Dowdy\AppData\Local\Giant Savings
Folder Found : C:\Users\Dowdy\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\Dowdy\AppData\LocalLow\vShare
Folder Found : C:\Users\Dowdy\AppData\Roaming\Babylon
Folder Found : C:\Users\Dowdy\AppData\Roaming\BabylonToolbar
Folder Found : C:\Users\Dowdy\AppData\Roaming\Mozilla\Firefox\Profiles\el3043rm.default-1347085661979\CT2680363
Folder Found : C:\Users\Dowdy\AppData\Roaming\Mozilla\Firefox\Profiles\el3043rm.default-1347085661979\extensions\{a8864317-e18b-4292-99d9-e6e65ab905d3}
Folder Found : C:\Users\Dowdy\AppData\Roaming\Mozilla\Firefox\Profiles\el3043rm.default-1347085661979\Smartbar

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Giant Savings
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\vShare
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers
Key Found : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022442279}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550055445579}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Giant Savings
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\vShare
Key Found : HKLM\SOFTWARE\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445579}
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-5705335-1245392978-100607737-1000\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Found : HKU\S-1-5-21-5705335-1245392978-100607737-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-5705335-1245392978-100607737-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=110796&tt=201208_mnt_n_3412_7&babsrc=HP_ss&mntrId=5c0f65bd000000000000002719b2e60e
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=110796&tt=201208_mnt_n_3412_7&babsrc=NT_ss&mntrId=5c0f65bd000000000000002719b2e60e

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default-1347085661979 [Profil par défaut]
File : C:\Users\Dowdy\AppData\Roaming\Mozilla\Firefox\Profiles\el3043rm.default-1347085661979\prefs.js

Found : user_pref("CT2680363.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2680363.FirstTime", "true");
Found : user_pref("CT2680363.FirstTimeFF3", "true");
Found : user_pref("CT2680363.UserID", "UN71578770623045354");
Found : user_pref("CT2680363.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT2680363.embeddedsData", "[]");

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:19 AM

Posted 13 October 2012 - 07:31 AM

Launch adware cleaner and select DELETE

Post the new log

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 titansfan83

titansfan83
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 19 October 2012 - 09:19 AM

# AdwCleaner v2.004 - Logfile created 10/18/2012 at 17:21:37
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Dowdy - DOWDY-PC
# Boot Mode : Normal
# Running from : C:\Users\Dowdy\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default-1347085661979 [Profil par défaut]
File : C:\Users\Dowdy\AppData\Roaming\Mozilla\Firefox\Profiles\el3043rm.default-1347085661979\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Dowdy\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [17497 octets] - [13/10/2012 01:04:06]
AdwCleaner[R2].txt - [17558 octets] - [13/10/2012 01:05:28]
AdwCleaner[S1].txt - [17622 octets] - [13/10/2012 11:59:43]
AdwCleaner[S2].txt - [1061 octets] - [18/10/2012 17:21:37]

########## EOF - C:\AdwCleaner[S2].txt - [1121 octets] ##########


Break

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-13 12:10:57
-----------------------------
12:10:57.076 OS Version: Windows x64 6.1.7601 Service Pack 1
12:10:57.076 Number of processors: 8 586 0x1A05
12:10:57.076 ComputerName: DOWDY-PC UserName: Dowdy
12:10:59.479 Initialize success
12:11:08.230 AVAST engine defs: 12101202
12:11:12.614 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:11:12.614 Disk 0 Vendor: WDC_WD15EARS-00Z5B1 80.00A80 Size: 1430799MB BusType: 3
12:11:12.629 Disk 0 MBR read successfully
12:11:12.645 Disk 0 MBR scan
12:11:12.645 Disk 0 Windows 7 default MBR code
12:11:12.645 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:11:12.661 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1430697 MB offset 206848
12:11:12.676 Disk 0 scanning C:\Windows\system32\drivers
12:11:20.429 Service scanning
12:11:39.243 Modules scanning
12:11:39.243 Disk 0 trace - called modules:
12:11:39.259 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
12:11:39.274 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005f3a790]
12:11:39.274 3 CLASSPNP.SYS[fffff8800141743f] -> nt!IofCallDriver -> [0xfffffa8005945520]
12:11:39.274 5 ACPI.sys[fffff88000ee77a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800594d060]
12:11:43.455 AVAST engine scan C:\Windows
12:11:47.573 AVAST engine scan C:\Windows\system32
12:13:46.087 AVAST engine scan C:\Windows\system32\drivers
12:13:56.664 AVAST engine scan C:\Users\Dowdy
12:22:10.560 AVAST engine scan C:\ProgramData
12:23:30.011 Scan finished successfully
12:37:40.167 Disk 0 MBR has been saved successfully to "C:\Users\Dowdy\Desktop\AntiVirus Logs\MBR.dat"
12:37:40.167 The log file has been saved successfully to "C:\Users\Dowdy\Desktop\AntiVirus Logs\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-18 17:30:15
-----------------------------
17:30:15.635 OS Version: Windows x64 6.1.7601 Service Pack 1
17:30:15.635 Number of processors: 8 586 0x1A05
17:30:15.635 ComputerName: DOWDY-PC UserName: Dowdy
17:30:16.992 Initialize success
17:31:11.631 AVAST engine defs: 12101802
17:39:24.967 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:39:24.967 Disk 0 Vendor: WDC_WD15EARS-00Z5B1 80.00A80 Size: 1430799MB BusType: 3
17:39:24.982 Disk 0 MBR read successfully
17:39:24.982 Disk 0 MBR scan
17:39:24.998 Disk 0 Windows 7 default MBR code
17:39:24.998 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:39:25.013 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1430697 MB offset 206848
17:39:25.013 Disk 0 scanning C:\Windows\system32\drivers
17:39:33.141 Service scanning
17:39:39.163 Service GMSIPCI D:\INSTALL\GMSIPCI.SYS **LOCKED** 21
17:39:51.877 Modules scanning
17:39:51.877 Disk 0 trace - called modules:
17:39:51.892 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
17:39:51.892 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005f58790]
17:39:51.892 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8005d4a520]
17:39:51.908 5 ACPI.sys[fffff88000f2b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005d4c060]
17:39:54.154 AVAST engine scan C:\Windows
17:39:57.243 AVAST engine scan C:\Windows\system32
17:41:51.567 AVAST engine scan C:\Windows\system32\drivers
17:42:01.457 AVAST engine scan C:\Users\Dowdy
17:49:57.437 AVAST engine scan C:\ProgramData
17:51:17.485 Scan finished successfully
20:52:23.823 Disk 0 MBR has been saved successfully to "C:\Users\Dowdy\Desktop\AntiVirus Logs\MBR.dat"
20:52:23.823 The log file has been saved successfully to "C:\Users\Dowdy\Desktop\AntiVirus Logs\aswMBR.txt"

Break

17:27:29.0310 0888 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
17:27:29.0731 0888 ============================================================
17:27:29.0731 0888 Current date / time: 2012/10/18 17:27:29.0731
17:27:29.0731 0888 SystemInfo:
17:27:29.0731 0888
17:27:29.0731 0888 OS Version: 6.1.7601 ServicePack: 1.0
17:27:29.0731 0888 Product type: Workstation
17:27:29.0731 0888 ComputerName: DOWDY-PC
17:27:29.0731 0888 UserName: Dowdy
17:27:29.0731 0888 Windows directory: C:\Windows
17:27:29.0731 0888 System windows directory: C:\Windows
17:27:29.0731 0888 Running under WOW64
17:27:29.0731 0888 Processor architecture: Intel x64
17:27:29.0731 0888 Number of processors: 8
17:27:29.0731 0888 Page size: 0x1000
17:27:29.0731 0888 Boot type: Normal boot
17:27:29.0731 0888 ============================================================
17:27:31.0869 0888 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2F509, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:27:31.0869 0888 ============================================================
17:27:31.0869 0888 \Device\Harddisk0\DR0:
17:27:31.0869 0888 MBR partitions:
17:27:31.0869 0888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:27:31.0869 0888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAEA54800
17:27:31.0869 0888 ============================================================
17:27:31.0884 0888 C: <-> \Device\Harddisk0\DR0\Partition2
17:27:31.0884 0888 ============================================================
17:27:31.0884 0888 Initialize success
17:27:31.0884 0888 ============================================================
17:27:40.0901 4928 ============================================================
17:27:40.0901 4928 Scan started
17:27:40.0901 4928 Mode: Manual; TDLFS;
17:27:40.0901 4928 ============================================================
17:27:42.0586 4928 ================ Scan system memory ========================
17:27:42.0586 4928 System memory - ok
17:27:42.0586 4928 ================ Scan services =============================
17:27:42.0711 4928 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:27:42.0711 4928 1394ohci - ok
17:27:42.0757 4928 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:27:42.0757 4928 ACPI - ok
17:27:42.0789 4928 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:27:42.0789 4928 AcpiPmi - ok
17:27:42.0867 4928 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
17:27:42.0867 4928 adfs - ok
17:27:43.0132 4928 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:27:43.0132 4928 AdobeARMservice - ok
17:27:43.0584 4928 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:27:43.0584 4928 AdobeFlashPlayerUpdateSvc - ok
17:27:43.0615 4928 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:27:43.0631 4928 adp94xx - ok
17:27:43.0647 4928 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:27:43.0662 4928 adpahci - ok
17:27:43.0662 4928 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:27:43.0678 4928 adpu320 - ok
17:27:43.0693 4928 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:27:43.0693 4928 AeLookupSvc - ok
17:27:43.0740 4928 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:27:43.0740 4928 AFD - ok
17:27:43.0803 4928 [ 7E077309910CE334C3B2B7B8665A55C4 ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
17:27:43.0818 4928 AffinegyService - ok
17:27:43.0849 4928 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:27:43.0849 4928 agp440 - ok
17:27:43.0849 4928 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:27:43.0849 4928 ALG - ok
17:27:43.0865 4928 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:27:43.0865 4928 aliide - ok
17:27:44.0052 4928 [ 7C8F942E65CB4A2BB1133CE1806976EE ] AllShare C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
17:27:44.0239 4928 AllShare - ok
17:27:44.0239 4928 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:27:44.0239 4928 amdide - ok
17:27:44.0255 4928 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:27:44.0255 4928 AmdK8 - ok
17:27:44.0271 4928 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:27:44.0286 4928 AmdPPM - ok
17:27:44.0302 4928 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:27:44.0317 4928 amdsata - ok
17:27:44.0333 4928 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:27:44.0333 4928 amdsbs - ok
17:27:44.0349 4928 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:27:44.0349 4928 amdxata - ok
17:27:44.0380 4928 [ 363571BC0C79E394E69300D1F2E3DDAE ] androidusb C:\Windows\system32\Drivers\androidusb.sys
17:27:44.0380 4928 androidusb - ok
17:27:44.0411 4928 [ 821E7E501226EE344FDB0F40EE46109D ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
17:27:44.0411 4928 AnyDVD - ok
17:27:44.0442 4928 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:27:44.0442 4928 AppID - ok
17:27:44.0442 4928 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:27:44.0458 4928 AppIDSvc - ok
17:27:44.0489 4928 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:27:44.0489 4928 Appinfo - ok
17:27:44.0567 4928 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:27:44.0567 4928 Apple Mobile Device - ok
17:27:44.0598 4928 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:27:44.0598 4928 AppMgmt - ok
17:27:44.0614 4928 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:27:44.0614 4928 arc - ok
17:27:44.0629 4928 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:27:44.0629 4928 arcsas - ok
17:27:44.0661 4928 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:27:44.0661 4928 AsyncMac - ok
17:27:44.0676 4928 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:27:44.0676 4928 atapi - ok
17:27:44.0723 4928 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:27:44.0723 4928 AudioEndpointBuilder - ok
17:27:44.0739 4928 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:27:44.0739 4928 AudioSrv - ok
17:27:44.0895 4928 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:27:44.0926 4928 AVGIDSAgent - ok
17:27:44.0957 4928 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:27:44.0957 4928 AVGIDSDriver - ok
17:27:44.0973 4928 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
17:27:44.0973 4928 AVGIDSFilter - ok
17:27:45.0019 4928 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
17:27:45.0019 4928 AVGIDSHA - ok
17:27:45.0035 4928 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
17:27:45.0035 4928 Avgldx64 - ok
17:27:45.0066 4928 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
17:27:45.0066 4928 Avgmfx64 - ok
17:27:45.0113 4928 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
17:27:45.0113 4928 Avgrkx64 - ok
17:27:45.0144 4928 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
17:27:45.0144 4928 Avgtdia - ok
17:27:45.0175 4928 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:27:45.0175 4928 avgwd - ok
17:27:45.0207 4928 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:27:45.0207 4928 AxInstSV - ok
17:27:45.0222 4928 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:27:45.0238 4928 b06bdrv - ok
17:27:45.0253 4928 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:27:45.0253 4928 b57nd60a - ok
17:27:45.0316 4928 [ F29D375926E36E3A56AF4805C7749302 ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
17:27:45.0316 4928 BCUService - ok
17:27:45.0331 4928 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:27:45.0331 4928 BDESVC - ok
17:27:45.0347 4928 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:27:45.0347 4928 Beep - ok
17:27:45.0394 4928 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:27:45.0394 4928 BFE - ok
17:27:45.0441 4928 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
17:27:45.0456 4928 BITS - ok
17:27:45.0456 4928 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:27:45.0456 4928 blbdrive - ok
17:27:45.0550 4928 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:27:45.0550 4928 Bonjour Service - ok
17:27:45.0597 4928 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:27:45.0597 4928 bowser - ok
17:27:45.0628 4928 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:27:45.0643 4928 BrFiltLo - ok
17:27:45.0659 4928 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:27:45.0659 4928 BrFiltUp - ok
17:27:45.0721 4928 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:27:45.0737 4928 BridgeMP - ok
17:27:45.0768 4928 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:27:45.0784 4928 Browser - ok
17:27:45.0815 4928 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:27:45.0815 4928 Brserid - ok
17:27:45.0831 4928 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:27:45.0831 4928 BrSerWdm - ok
17:27:45.0846 4928 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:27:45.0846 4928 BrUsbMdm - ok
17:27:45.0846 4928 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:27:45.0846 4928 BrUsbSer - ok
17:27:45.0877 4928 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:27:45.0877 4928 BTHMODEM - ok
17:27:45.0909 4928 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:27:45.0909 4928 bthserv - ok
17:27:45.0940 4928 catchme - ok
17:27:45.0940 4928 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:27:45.0940 4928 cdfs - ok
17:27:45.0987 4928 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:27:45.0987 4928 cdrom - ok
17:27:46.0018 4928 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:27:46.0018 4928 CertPropSvc - ok
17:27:46.0033 4928 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:27:46.0033 4928 circlass - ok
17:27:46.0049 4928 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:27:46.0065 4928 CLFS - ok
17:27:46.0127 4928 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:27:46.0127 4928 clr_optimization_v2.0.50727_32 - ok
17:27:46.0174 4928 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:27:46.0174 4928 clr_optimization_v2.0.50727_64 - ok
17:27:46.0236 4928 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:27:46.0252 4928 clr_optimization_v4.0.30319_32 - ok
17:27:46.0299 4928 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:27:46.0299 4928 clr_optimization_v4.0.30319_64 - ok
17:27:46.0314 4928 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:27:46.0314 4928 CmBatt - ok
17:27:46.0330 4928 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:27:46.0330 4928 cmdide - ok
17:27:46.0361 4928 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:27:46.0361 4928 CNG - ok
17:27:46.0377 4928 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:27:46.0377 4928 Compbatt - ok
17:27:46.0408 4928 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:27:46.0408 4928 CompositeBus - ok
17:27:46.0408 4928 COMSysApp - ok
17:27:46.0423 4928 [ C9C25778EFE890BAA4087E32937016A0 ] cpuz132 C:\Windows\system32\drivers\cpuz132_x64.sys
17:27:46.0423 4928 cpuz132 - ok
17:27:46.0439 4928 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:27:46.0439 4928 crcdisk - ok
17:27:46.0470 4928 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:27:46.0470 4928 CryptSvc - ok
17:27:46.0486 4928 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:27:46.0501 4928 CSC - ok
17:27:46.0533 4928 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:27:46.0533 4928 CscService - ok
17:27:46.0564 4928 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:27:46.0579 4928 DcomLaunch - ok
17:27:46.0595 4928 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:27:46.0595 4928 defragsvc - ok
17:27:46.0657 4928 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:27:46.0657 4928 DfsC - ok
17:27:46.0657 4928 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:27:46.0657 4928 Dhcp - ok
17:27:46.0673 4928 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:27:46.0673 4928 discache - ok
17:27:46.0689 4928 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:27:46.0689 4928 Disk - ok
17:27:46.0720 4928 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:27:46.0720 4928 Dnscache - ok
17:27:46.0751 4928 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:27:46.0751 4928 dot3svc - ok
17:27:46.0798 4928 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:27:46.0798 4928 DPS - ok
17:27:46.0813 4928 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:27:46.0829 4928 drmkaud - ok
17:27:46.0860 4928 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:27:46.0860 4928 DXGKrnl - ok
17:27:46.0891 4928 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:27:46.0891 4928 EapHost - ok
17:27:46.0969 4928 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:27:47.0032 4928 ebdrv - ok
17:27:47.0063 4928 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:27:47.0063 4928 EFS - ok
17:27:47.0125 4928 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:27:47.0141 4928 ehRecvr - ok
17:27:47.0157 4928 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:27:47.0157 4928 ehSched - ok
17:27:47.0188 4928 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
17:27:47.0188 4928 ElbyCDIO - ok
17:27:47.0219 4928 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:27:47.0219 4928 elxstor - ok
17:27:47.0250 4928 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:27:47.0250 4928 ErrDev - ok
17:27:47.0281 4928 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:27:47.0281 4928 EventSystem - ok
17:27:47.0297 4928 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:27:47.0313 4928 exfat - ok
17:27:47.0328 4928 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:27:47.0328 4928 fastfat - ok
17:27:47.0359 4928 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:27:47.0375 4928 Fax - ok
17:27:47.0391 4928 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:27:47.0391 4928 fdc - ok
17:27:47.0391 4928 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:27:47.0406 4928 fdPHost - ok
17:27:47.0406 4928 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:27:47.0406 4928 FDResPub - ok
17:27:47.0422 4928 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:27:47.0422 4928 FileInfo - ok
17:27:47.0422 4928 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:27:47.0422 4928 Filetrace - ok
17:27:47.0469 4928 [ 5B314CC7640D091DE8F3BC822490DA28 ] FLASHSYS C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys
17:27:47.0484 4928 FLASHSYS - ok
17:27:47.0531 4928 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:27:47.0531 4928 FLEXnet Licensing Service - ok
17:27:47.0578 4928 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
17:27:47.0593 4928 FLEXnet Licensing Service 64 - ok
17:27:47.0609 4928 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:27:47.0609 4928 flpydisk - ok
17:27:47.0625 4928 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:27:47.0625 4928 FltMgr - ok
17:27:47.0687 4928 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:27:47.0703 4928 FontCache - ok
17:27:47.0749 4928 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:27:47.0749 4928 FontCache3.0.0.0 - ok
17:27:47.0765 4928 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:27:47.0765 4928 FsDepends - ok
17:27:47.0796 4928 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:27:47.0796 4928 fssfltr - ok
17:27:47.0890 4928 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:27:47.0921 4928 fsssvc - ok
17:27:47.0968 4928 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:27:47.0968 4928 Fs_Rec - ok
17:27:47.0999 4928 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:27:47.0999 4928 fvevol - ok
17:27:48.0015 4928 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:27:48.0015 4928 gagp30kx - ok
17:27:48.0015 4928 gdrv - ok
17:27:48.0030 4928 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:27:48.0030 4928 GEARAspiWDM - ok
17:27:48.0030 4928 GMSIPCI - ok
17:27:48.0077 4928 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:27:48.0093 4928 gpsvc - ok
17:27:48.0139 4928 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:27:48.0139 4928 gupdate - ok
17:27:48.0171 4928 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:27:48.0171 4928 gupdatem - ok
17:27:48.0186 4928 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:27:48.0186 4928 hcw85cir - ok
17:27:48.0233 4928 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:27:48.0233 4928 HdAudAddService - ok
17:27:48.0264 4928 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:27:48.0264 4928 HDAudBus - ok
17:27:48.0264 4928 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:27:48.0264 4928 HidBatt - ok
17:27:48.0280 4928 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:27:48.0280 4928 HidBth - ok
17:27:48.0295 4928 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:27:48.0295 4928 HidIr - ok
17:27:48.0311 4928 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:27:48.0311 4928 hidserv - ok
17:27:48.0342 4928 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:27:48.0342 4928 HidUsb - ok
17:27:48.0373 4928 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:27:48.0389 4928 hkmsvc - ok
17:27:48.0420 4928 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:27:48.0420 4928 HomeGroupListener - ok
17:27:48.0436 4928 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:27:48.0436 4928 HomeGroupProvider - ok
17:27:48.0514 4928 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:27:48.0514 4928 hpqcxs08 - ok
17:27:48.0529 4928 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:27:48.0545 4928 hpqddsvc - ok
17:27:48.0561 4928 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:27:48.0561 4928 HpSAMD - ok
17:27:48.0623 4928 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:27:48.0639 4928 HPSLPSVC - ok
17:27:48.0685 4928 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:27:48.0685 4928 HTTP - ok
17:27:48.0732 4928 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:27:48.0732 4928 hwpolicy - ok
17:27:48.0748 4928 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:27:48.0748 4928 i8042prt - ok
17:27:48.0779 4928 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:27:48.0795 4928 iaStorV - ok
17:27:48.0841 4928 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:27:48.0857 4928 idsvc - ok
17:27:48.0857 4928 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:27:48.0873 4928 iirsp - ok
17:27:48.0888 4928 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:27:48.0904 4928 IKEEXT - ok
17:27:48.0966 4928 [ 59B0BBA422F04467E8C89B7CE6AE95E1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:27:48.0982 4928 IntcAzAudAddService - ok
17:27:49.0013 4928 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:27:49.0013 4928 intelide - ok
17:27:49.0029 4928 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:27:49.0029 4928 intelppm - ok
17:27:49.0060 4928 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:27:49.0060 4928 IPBusEnum - ok
17:27:49.0075 4928 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:27:49.0075 4928 IpFilterDriver - ok
17:27:49.0107 4928 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:27:49.0107 4928 iphlpsvc - ok
17:27:49.0122 4928 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:27:49.0122 4928 IPMIDRV - ok
17:27:49.0153 4928 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:27:49.0153 4928 IPNAT - ok
17:27:49.0231 4928 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:27:49.0231 4928 iPod Service - ok
17:27:49.0247 4928 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:27:49.0247 4928 IRENUM - ok
17:27:49.0263 4928 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:27:49.0263 4928 isapnp - ok
17:27:49.0294 4928 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:27:49.0294 4928 iScsiPrt - ok
17:27:49.0372 4928 [ B4CDA1B4263B53D249AC27A4892DA634 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
17:27:49.0372 4928 JMB36X - ok
17:27:49.0372 4928 [ 6EBE4832B1A7C063FDF87035AFC1E3DC ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
17:27:49.0372 4928 JRAID - ok
17:27:49.0387 4928 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:27:49.0387 4928 kbdclass - ok
17:27:49.0403 4928 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:27:49.0403 4928 kbdhid - ok
17:27:49.0419 4928 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:27:49.0419 4928 KeyIso - ok
17:27:49.0450 4928 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:27:49.0465 4928 KSecDD - ok
17:27:49.0481 4928 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:27:49.0497 4928 KSecPkg - ok
17:27:49.0497 4928 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:27:49.0497 4928 ksthunk - ok
17:27:49.0528 4928 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:27:49.0543 4928 KtmRm - ok
17:27:49.0559 4928 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:27:49.0575 4928 LanmanServer - ok
17:27:49.0606 4928 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:27:49.0606 4928 LanmanWorkstation - ok
17:27:49.0606 4928 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:27:49.0606 4928 lltdio - ok
17:27:49.0653 4928 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:27:49.0653 4928 lltdsvc - ok
17:27:49.0668 4928 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:27:49.0668 4928 lmhosts - ok
17:27:49.0684 4928 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:27:49.0684 4928 LSI_FC - ok
17:27:49.0699 4928 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:27:49.0699 4928 LSI_SAS - ok
17:27:49.0715 4928 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:27:49.0715 4928 LSI_SAS2 - ok
17:27:49.0746 4928 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:27:49.0746 4928 LSI_SCSI - ok
17:27:49.0762 4928 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:27:49.0762 4928 luafv - ok
17:27:49.0777 4928 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:27:49.0793 4928 Mcx2Svc - ok
17:27:49.0809 4928 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:27:49.0809 4928 megasas - ok
17:27:49.0824 4928 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:27:49.0824 4928 MegaSR - ok
17:27:49.0871 4928 [ F9CE67E9E0226079B59107B649851F96 ] MEMSWEEP2 C:\Windows\system32\17D4.tmp
17:27:49.0871 4928 MEMSWEEP2 - ok
17:27:49.0887 4928 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:27:49.0887 4928 MMCSS - ok
17:27:49.0902 4928 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:27:49.0902 4928 Modem - ok
17:27:49.0933 4928 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:27:49.0933 4928 monitor - ok
17:27:49.0933 4928 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:27:49.0933 4928 mouclass - ok
17:27:49.0933 4928 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:27:49.0933 4928 mouhid - ok
17:27:49.0996 4928 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:27:49.0996 4928 mountmgr - ok
17:27:50.0058 4928 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:27:50.0058 4928 MozillaMaintenance - ok
17:27:50.0089 4928 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:27:50.0089 4928 mpio - ok
17:27:50.0105 4928 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:27:50.0105 4928 mpsdrv - ok
17:27:50.0136 4928 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:27:50.0136 4928 MpsSvc - ok
17:27:50.0167 4928 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:27:50.0167 4928 MRxDAV - ok
17:27:50.0183 4928 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:27:50.0183 4928 mrxsmb - ok
17:27:50.0214 4928 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:27:50.0214 4928 mrxsmb10 - ok
17:27:50.0230 4928 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:27:50.0245 4928 mrxsmb20 - ok
17:27:50.0261 4928 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:27:50.0261 4928 msahci - ok
17:27:50.0292 4928 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:27:50.0292 4928 msdsm - ok
17:27:50.0308 4928 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:27:50.0308 4928 MSDTC - ok
17:27:50.0323 4928 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:27:50.0323 4928 Msfs - ok
17:27:50.0323 4928 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:27:50.0323 4928 mshidkmdf - ok
17:27:50.0339 4928 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:27:50.0339 4928 msisadrv - ok
17:27:50.0355 4928 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:27:50.0355 4928 MSiSCSI - ok
17:27:50.0355 4928 msiserver - ok
17:27:50.0370 4928 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:27:50.0370 4928 MSKSSRV - ok
17:27:50.0386 4928 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:27:50.0386 4928 MSPCLOCK - ok
17:27:50.0401 4928 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:27:50.0401 4928 MSPQM - ok
17:27:50.0433 4928 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:27:50.0433 4928 MsRPC - ok
17:27:50.0448 4928 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:27:50.0448 4928 mssmbios - ok
17:27:50.0464 4928 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:27:50.0464 4928 MSTEE - ok
17:27:50.0464 4928 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:27:50.0464 4928 MTConfig - ok
17:27:50.0479 4928 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:27:50.0479 4928 Mup - ok
17:27:50.0526 4928 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:27:50.0526 4928 napagent - ok
17:27:50.0542 4928 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:27:50.0557 4928 NativeWifiP - ok
17:27:50.0604 4928 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:27:50.0604 4928 NDIS - ok
17:27:50.0620 4928 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:27:50.0620 4928 NdisCap - ok
17:27:50.0635 4928 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:27:50.0635 4928 NdisTapi - ok
17:27:50.0651 4928 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:27:50.0651 4928 Ndisuio - ok
17:27:50.0698 4928 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:27:50.0698 4928 NdisWan - ok
17:27:50.0729 4928 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:27:50.0729 4928 NDProxy - ok
17:27:50.0776 4928 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:27:50.0776 4928 Net Driver HPZ12 - ok
17:27:50.0791 4928 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:27:50.0791 4928 NetBIOS - ok
17:27:50.0807 4928 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:27:50.0807 4928 NetBT - ok
17:27:50.0807 4928 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:27:50.0807 4928 Netlogon - ok
17:27:50.0854 4928 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:27:50.0854 4928 Netman - ok
17:27:50.0869 4928 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:27:50.0869 4928 netprofm - ok
17:27:50.0916 4928 [ 621559A521682A888D83DB34C6EC0BF8 ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
17:27:50.0916 4928 netr7364 - ok
17:27:50.0947 4928 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:27:50.0947 4928 NetTcpPortSharing - ok
17:27:50.0963 4928 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:27:50.0963 4928 nfrd960 - ok
17:27:51.0010 4928 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:27:51.0010 4928 NlaSvc - ok
17:27:51.0025 4928 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:27:51.0025 4928 Npfs - ok
17:27:51.0041 4928 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:27:51.0041 4928 nsi - ok
17:27:51.0057 4928 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:27:51.0057 4928 nsiproxy - ok
17:27:51.0119 4928 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:27:51.0135 4928 Ntfs - ok
17:27:51.0135 4928 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:27:51.0150 4928 Null - ok
17:27:51.0400 4928 [ AAF5559039E99D0CC22E25255F3DC06E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:27:51.0447 4928 nvlddmkm - ok
17:27:51.0478 4928 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:27:51.0478 4928 nvraid - ok
17:27:51.0509 4928 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:27:51.0509 4928 nvstor - ok
17:27:51.0540 4928 [ C20F9E2DEEC656C67F7986DD3A50EC62 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:27:51.0540 4928 nvsvc - ok
17:27:51.0556 4928 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:27:51.0556 4928 nv_agp - ok
17:27:51.0587 4928 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:27:51.0603 4928 ohci1394 - ok
17:27:51.0618 4928 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:27:51.0618 4928 p2pimsvc - ok
17:27:51.0634 4928 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:27:51.0649 4928 p2psvc - ok
17:27:51.0649 4928 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:27:51.0665 4928 Parport - ok
17:27:51.0681 4928 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:27:51.0681 4928 partmgr - ok
17:27:51.0696 4928 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:27:51.0696 4928 PcaSvc - ok
17:27:51.0712 4928 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:27:51.0712 4928 pci - ok
17:27:51.0712 4928 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:27:51.0712 4928 pciide - ok
17:27:51.0743 4928 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:27:51.0743 4928 pcmcia - ok
17:27:51.0837 4928 [ 984FCAF5834BDEA232822EF5CA20EC4E ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
17:27:51.0837 4928 PCToolsSSDMonitorSvc - ok
17:27:51.0852 4928 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:27:51.0852 4928 pcw - ok
17:27:51.0868 4928 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:27:51.0868 4928 PEAUTH - ok
17:27:51.0915 4928 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:27:51.0946 4928 PeerDistSvc - ok
17:27:51.0961 4928 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:27:51.0961 4928 PerfHost - ok
17:27:52.0024 4928 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:27:52.0039 4928 pla - ok
17:27:52.0086 4928 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:27:52.0086 4928 PlugPlay - ok
17:27:52.0133 4928 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:27:52.0133 4928 Pml Driver HPZ12 - ok
17:27:52.0149 4928 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:27:52.0149 4928 PNRPAutoReg - ok
17:27:52.0149 4928 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:27:52.0164 4928 PNRPsvc - ok
17:27:52.0180 4928 [ 9ABFF71FF6F3B9492686D3403FA5DCDB ] Point64 C:\Windows\system32\DRIVERS\point64k.sys
17:27:52.0195 4928 Point64 - ok
17:27:52.0211 4928 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:27:52.0227 4928 PolicyAgent - ok
17:27:52.0242 4928 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:27:52.0242 4928 Power - ok
17:27:52.0273 4928 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:27:52.0273 4928 PptpMiniport - ok
17:27:52.0289 4928 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:27:52.0289 4928 Processor - ok
17:27:52.0320 4928 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:27:52.0320 4928 ProfSvc - ok
17:27:52.0320 4928 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:27:52.0320 4928 ProtectedStorage - ok
17:27:52.0367 4928 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:27:52.0367 4928 Psched - ok
17:27:52.0414 4928 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:27:52.0445 4928 ql2300 - ok
17:27:52.0461 4928 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:27:52.0461 4928 ql40xx - ok
17:27:52.0492 4928 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:27:52.0492 4928 QWAVE - ok
17:27:52.0507 4928 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:27:52.0507 4928 QWAVEdrv - ok
17:27:52.0523 4928 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:27:52.0523 4928 RasAcd - ok
17:27:52.0539 4928 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:27:52.0539 4928 RasAgileVpn - ok
17:27:52.0554 4928 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:27:52.0554 4928 RasAuto - ok
17:27:52.0585 4928 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:27:52.0585 4928 Rasl2tp - ok
17:27:52.0632 4928 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:27:52.0632 4928 RasMan - ok
17:27:52.0648 4928 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:27:52.0648 4928 RasPppoe - ok
17:27:52.0663 4928 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:27:52.0663 4928 RasSstp - ok
17:27:52.0695 4928 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:27:52.0695 4928 rdbss - ok
17:27:52.0710 4928 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:27:52.0710 4928 rdpbus - ok
17:27:52.0726 4928 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:27:52.0726 4928 RDPCDD - ok
17:27:52.0757 4928 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:27:52.0757 4928 RDPDR - ok
17:27:52.0773 4928 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:27:52.0773 4928 RDPENCDD - ok
17:27:52.0788 4928 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:27:52.0788 4928 RDPREFMP - ok
17:27:52.0835 4928 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:27:52.0835 4928 RdpVideoMiniport - ok
17:27:52.0851 4928 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:27:52.0866 4928 RDPWD - ok
17:27:52.0897 4928 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:27:52.0897 4928 rdyboost - ok
17:27:52.0929 4928 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:27:52.0929 4928 RemoteAccess - ok
17:27:52.0944 4928 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:27:52.0944 4928 RemoteRegistry - ok
17:27:52.0960 4928 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:27:52.0960 4928 RpcEptMapper - ok
17:27:52.0991 4928 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:27:52.0991 4928 RpcLocator - ok
17:27:53.0022 4928 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:27:53.0022 4928 RpcSs - ok
17:27:53.0038 4928 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:27:53.0053 4928 rspndr - ok
17:27:53.0085 4928 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:27:53.0085 4928 RTL8167 - ok
17:27:53.0116 4928 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:27:53.0116 4928 s3cap - ok
17:27:53.0116 4928 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:27:53.0116 4928 SamSs - ok
17:27:53.0178 4928 [ C030C9A39E85B6F04A8DD25D1A50258A ] SASDIFSV C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS
17:27:53.0178 4928 SASDIFSV - ok
17:27:53.0194 4928 [ E9C2D75C748C3F0A4C34D6CF2AE1D754 ] SASENUM C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS
17:27:53.0194 4928 SASENUM - ok
17:27:53.0194 4928 [ 64C100DBF57C6CB6E7D5D24153F5E444 ] SASKUTIL C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys
17:27:53.0194 4928 SASKUTIL - ok
17:27:53.0241 4928 SAVRKBootTasks - ok
17:27:53.0272 4928 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:27:53.0272 4928 sbp2port - ok
17:27:53.0287 4928 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:27:53.0287 4928 SCardSvr - ok
17:27:53.0334 4928 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:27:53.0334 4928 scfilter - ok
17:27:53.0365 4928 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:27:53.0365 4928 Schedule - ok
17:27:53.0397 4928 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:27:53.0397 4928 SCPolicySvc - ok
17:27:53.0475 4928 [ 16080B87C1992415BE20A83FE8DA1B14 ] SDHookDriver C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys
17:27:53.0475 4928 SDHookDriver - ok
17:27:53.0490 4928 [ 5C31070D5A528D637322562E2A30E0E5 ] SDHookService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe
17:27:53.0506 4928 SDHookService - ok
17:27:53.0537 4928 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:27:53.0537 4928 SDRSVC - ok
17:27:53.0584 4928 [ D466F51E3AD125621C13ABDAF0C5B2ED ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
17:27:53.0599 4928 SDScannerService - ok
17:27:53.0631 4928 [ 2DC25B4940BBDD9AEEE516ADCAEBD3C9 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:27:53.0646 4928 SDUpdateService - ok
17:27:53.0646 4928 [ C73B8C61891E1674D3F810CABF75FFE8 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:27:53.0662 4928 SDWSCService - ok
17:27:53.0662 4928 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:27:53.0662 4928 secdrv - ok
17:27:53.0693 4928 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:27:53.0693 4928 seclogon - ok
17:27:53.0693 4928 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:27:53.0693 4928 SENS - ok
17:27:53.0709 4928 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:27:53.0709 4928 SensrSvc - ok
17:27:53.0724 4928 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:27:53.0724 4928 Serenum - ok
17:27:53.0740 4928 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:27:53.0740 4928 Serial - ok
17:27:53.0755 4928 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:27:53.0755 4928 sermouse - ok
17:27:53.0787 4928 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:27:53.0787 4928 SessionEnv - ok
17:27:53.0833 4928 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:27:53.0833 4928 sffdisk - ok
17:27:53.0833 4928 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:27:53.0833 4928 sffp_mmc - ok
17:27:53.0849 4928 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:27:53.0849 4928 sffp_sd - ok
17:27:53.0865 4928 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:27:53.0865 4928 sfloppy - ok
17:27:53.0896 4928 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:27:53.0896 4928 SharedAccess - ok
17:27:53.0927 4928 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:27:53.0927 4928 ShellHWDetection - ok
17:27:53.0943 4928 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:27:53.0943 4928 SiSRaid2 - ok
17:27:53.0943 4928 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:27:53.0943 4928 SiSRaid4 - ok
17:27:54.0005 4928 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:27:54.0005 4928 SkypeUpdate - ok
17:27:54.0052 4928 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:27:54.0052 4928 Smb - ok
17:27:54.0067 4928 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:27:54.0067 4928 SNMPTRAP - ok
17:27:54.0067 4928 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:27:54.0083 4928 spldr - ok
17:27:54.0114 4928 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:27:54.0114 4928 Spooler - ok
17:27:54.0192 4928 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:27:54.0286 4928 sppsvc - ok
17:27:54.0333 4928 [ 0133DE7BB39F869975D8AF4BC9F0B0DB ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:27:54.0348 4928 sppuinotify - ok
17:27:54.0364 4928 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:27:54.0379 4928 srv - ok
17:27:54.0379 4928 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:27:54.0395 4928 srv2 - ok
17:27:54.0395 4928 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:27:54.0411 4928 srvnet - ok
17:27:54.0426 4928 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:27:54.0426 4928 SSDPSRV - ok
17:27:54.0442 4928 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:27:54.0442 4928 SstpSvc - ok
17:27:54.0473 4928 Steam Client Service - ok
17:27:54.0551 4928 [ B126A9953508B9F52B289E45591615C8 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:27:54.0551 4928 Stereo Service - ok
17:27:54.0567 4928 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:27:54.0567 4928 stexstor - ok
17:27:54.0598 4928 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:27:54.0598 4928 StillCam - ok
17:27:54.0645 4928 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:27:54.0660 4928 stisvc - ok
17:27:54.0676 4928 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:27:54.0676 4928 storflt - ok
17:27:54.0676 4928 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:27:54.0676 4928 storvsc - ok
17:27:54.0691 4928 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:27:54.0691 4928 swenum - ok
17:27:54.0723 4928 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:27:54.0723 4928 swprv - ok
17:27:54.0723 4928 Synth3dVsc - ok
17:27:54.0785 4928 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:27:54.0801 4928 SysMain - ok
17:27:54.0832 4928 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:27:54.0832 4928 TabletInputService - ok
17:27:54.0863 4928 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:27:54.0863 4928 TapiSrv - ok
17:27:54.0894 4928 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:27:54.0894 4928 TBS - ok
17:27:54.0957 4928 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:27:54.0972 4928 Tcpip - ok
17:27:55.0019 4928 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:27:55.0019 4928 TCPIP6 - ok
17:27:55.0050 4928 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:27:55.0050 4928 tcpipreg - ok
17:27:55.0066 4928 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:27:55.0066 4928 TDPIPE - ok
17:27:55.0097 4928 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:27:55.0097 4928 TDTCP - ok
17:27:55.0144 4928 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:27:55.0144 4928 tdx - ok
17:27:55.0159 4928 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:27:55.0159 4928 TermDD - ok
17:27:55.0191 4928 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:27:55.0206 4928 TermService - ok
17:27:55.0206 4928 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:27:55.0206 4928 Themes - ok
17:27:55.0222 4928 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:27:55.0222 4928 THREADORDER - ok
17:27:55.0315 4928 [ 4DE3FAEE834E9EF5151A71866F6DB55D ] TivoBeacon2 C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe
17:27:55.0331 4928 TivoBeacon2 - ok
17:27:55.0347 4928 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:27:55.0347 4928 TrkWks - ok
17:27:55.0393 4928 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:27:55.0393 4928 TrustedInstaller - ok
17:27:55.0425 4928 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:27:55.0425 4928 tssecsrv - ok
17:27:55.0440 4928 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:27:55.0456 4928 TsUsbFlt - ok
17:27:55.0456 4928 tsusbhub - ok
17:27:55.0503 4928 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:27:55.0503 4928 tunnel - ok
17:27:55.0518 4928 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:27:55.0518 4928 uagp35 - ok
17:27:55.0549 4928 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:27:55.0549 4928 udfs - ok
17:27:55.0581 4928 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:27:55.0581 4928 UI0Detect - ok
17:27:55.0596 4928 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:27:55.0596 4928 uliagpkx - ok
17:27:55.0627 4928 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:27:55.0627 4928 umbus - ok
17:27:55.0659 4928 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:27:55.0659 4928 UmPass - ok
17:27:55.0674 4928 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:27:55.0690 4928 UmRdpService - ok
17:27:55.0690 4928 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:27:55.0705 4928 upnphost - ok
17:27:55.0737 4928 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:27:55.0737 4928 USBAAPL64 - ok
17:27:55.0783 4928 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:27:55.0783 4928 usbaudio - ok
17:27:55.0815 4928 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:27:55.0830 4928 usbccgp - ok
17:27:55.0861 4928 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:27:55.0877 4928 usbcir - ok
17:27:55.0893 4928 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:27:55.0893 4928 usbehci - ok
17:27:55.0908 4928 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:27:55.0924 4928 usbhub - ok
17:27:55.0924 4928 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:27:55.0924 4928 usbohci - ok
17:27:55.0939 4928 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:27:55.0939 4928 usbprint - ok
17:27:55.0971 4928 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:27:55.0986 4928 USBSTOR - ok
17:27:56.0002 4928 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:27:56.0002 4928 usbuhci - ok
17:27:56.0017 4928 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:27:56.0033 4928 usbvideo - ok
17:27:56.0033 4928 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:27:56.0033 4928 UxSms - ok
17:27:56.0033 4928 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:27:56.0049 4928 VaultSvc - ok
17:27:56.0049 4928 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:27:56.0064 4928 vdrvroot - ok
17:27:56.0095 4928 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:27:56.0111 4928 vds - ok
17:27:56.0111 4928 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:27:56.0111 4928 vga - ok
17:27:56.0127 4928 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:27:56.0127 4928 VgaSave - ok
17:27:56.0142 4928 VGPU - ok
17:27:56.0158 4928 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:27:56.0158 4928 vhdmp - ok
17:27:56.0189 4928 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:27:56.0189 4928 viaide - ok
17:27:56.0205 4928 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:27:56.0220 4928 vmbus - ok
17:27:56.0220 4928 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:27:56.0220 4928 VMBusHID - ok
17:27:56.0236 4928 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:27:56.0236 4928 volmgr - ok
17:27:56.0267 4928 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:27:56.0267 4928 volmgrx - ok
17:27:56.0283 4928 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:27:56.0283 4928 volsnap - ok
17:27:56.0298 4928 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:27:56.0314 4928 vsmraid - ok
17:27:56.0361 4928 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:27:56.0392 4928 VSS - ok
17:27:56.0423 4928 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:27:56.0423 4928 vwifibus - ok
17:27:56.0439 4928 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:27:56.0439 4928 vwififlt - ok
17:27:56.0454 4928 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:27:56.0470 4928 W32Time - ok
17:27:56.0470 4928 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:27:56.0485 4928 WacomPen - ok
17:27:56.0501 4928 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:27:56.0501 4928 WANARP - ok
17:27:56.0501 4928 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:27:56.0501 4928 Wanarpv6 - ok
17:27:56.0563 4928 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:27:56.0579 4928 WatAdminSvc - ok
17:27:56.0610 4928 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:27:56.0641 4928 wbengine - ok
17:27:56.0657 4928 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:27:56.0657 4928 WbioSrvc - ok
17:27:56.0704 4928 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:27:56.0704 4928 wcncsvc - ok
17:27:56.0719 4928 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:27:56.0719 4928 WcsPlugInService - ok
17:27:56.0735 4928 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:27:56.0751 4928 Wd - ok
17:27:56.0797 4928 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
17:27:56.0797 4928 WDC_SAM - ok
17:27:56.0813 4928 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:27:56.0829 4928 Wdf01000 - ok
17:27:56.0829 4928 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:27:56.0829 4928 WdiServiceHost - ok
17:27:56.0844 4928 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:27:56.0844 4928 WdiSystemHost - ok
17:27:56.0860 4928 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:27:56.0875 4928 WebClient - ok
17:27:56.0891 4928 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:27:56.0891 4928 Wecsvc - ok
17:27:56.0907 4928 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:27:56.0907 4928 wercplsupport - ok
17:27:56.0938 4928 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:27:56.0938 4928 WerSvc - ok
17:27:56.0953 4928 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:27:56.0953 4928 WfpLwf - ok
17:27:56.0969 4928 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:27:56.0969 4928 WIMMount - ok
17:27:57.0016 4928 WinDefend - ok
17:27:57.0016 4928 WinHttpAutoProxySvc - ok
17:27:57.0063 4928 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:27:57.0078 4928 Winmgmt - ok
17:27:57.0109 4928 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:27:57.0156 4928 WinRM - ok
17:27:57.0234 4928 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:27:57.0234 4928 WinUsb - ok
17:27:57.0265 4928 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:27:57.0265 4928 Wlansvc - ok
17:27:57.0359 4928 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:27:57.0359 4928 wlcrasvc - ok
17:27:57.0468 4928 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:27:57.0484 4928 wlidsvc - ok
17:27:57.0515 4928 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:27:57.0515 4928 WmiAcpi - ok
17:27:57.0531 4928 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:27:57.0531 4928 wmiApSrv - ok
17:27:57.0546 4928 WMPNetworkSvc - ok
17:27:57.0562 4928 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:27:57.0562 4928 WPCSvc - ok
17:27:57.0562 4928 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:27:57.0577 4928 WPDBusEnum - ok
17:27:57.0577 4928 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:27:57.0577 4928 ws2ifsl - ok
17:27:57.0609 4928 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:27:57.0609 4928 wscsvc - ok
17:27:57.0609 4928 WSearch - ok
17:27:57.0671 4928 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:27:57.0733 4928 wuauserv - ok
17:27:57.0749 4928 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:27:57.0749 4928 WudfPf - ok
17:27:57.0780 4928 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:27:57.0780 4928 WUDFRd - ok
17:27:57.0796 4928 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:27:57.0811 4928 wudfsvc - ok
17:27:57.0827 4928 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:27:57.0827 4928 WwanSvc - ok
17:27:57.0858 4928 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
17:27:57.0874 4928 xusb21 - ok
17:27:57.0921 4928 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
17:27:57.0936 4928 YahooAUService - ok
17:27:57.0952 4928 ================ Scan global ===============================
17:27:57.0967 4928 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:27:57.0999 4928 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:27:58.0014 4928 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:27:58.0045 4928 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:27:58.0061 4928 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:27:58.0061 4928 [Global] - ok
17:27:58.0061 4928 ================ Scan MBR ==================================
17:27:58.0077 4928 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:27:58.0279 4928 \Device\Harddisk0\DR0 - ok
17:27:58.0279 4928 ================ Scan VBR ==================================
17:27:58.0279 4928 [ C165CF16FCD5CE4393F28318A284F395 ] \Device\Harddisk0\DR0\Partition1
17:27:58.0279 4928 \Device\Harddisk0\DR0\Partition1 - ok
17:27:58.0279 4928 [ A3A662A600B00C9E3F2B9F735ACCAA49 ] \Device\Harddisk0\DR0\Partition2
17:27:58.0279 4928 \Device\Harddisk0\DR0\Partition2 - ok
17:27:58.0279 4928 ============================================================
17:27:58.0279 4928 Scan finished
17:27:58.0279 4928 ============================================================
17:27:58.0295 1344 Detected object count: 0
17:27:58.0295 1344 Actual detected object count: 0
17:28:04.0285 1776 Deinitialize success


Break

Nothing found by ENET scanner.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:19 AM

Posted 19 October 2012 - 09:22 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 titansfan83

titansfan83
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 19 October 2012 - 06:20 PM

Thank you for your help, here are the requested logs.

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.19.14

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Dowdy :: DOWDY-PC [administrator]

10/19/2012 4:06:43 PM
mbam-log-2012-10-19 (16-55-36).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 410583
Time elapsed: 40 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

//BREAK//

MiniToolBox by Farbar Version: 23-07-2012
Ran by Dowdy (administrator) on 19-10-2012 at 16:57:46
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

RT73 USB Wireless LAN Card = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Dowdy-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : RT73 USB Wireless LAN Card
Physical Address. . . . . . . . . : 00-27-19-B2-E6-0E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2043:22cc:e4c6:a60e%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, October 18, 2012 5:23:15 PM
Lease Expires . . . . . . . . . . : Monday, November 25, 2148 11:26:05 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 318777113
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-2C-2D-41-6C-F0-49-55-8A-6E
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 6C-F0-49-55-8A-6E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:84e:3de2:b490:94ec(Preferred)
Link-local IPv6 Address . . . . . : fe80::84e:3de2:b490:94ec%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: router.Belkin
Address: 192.168.2.1

Name: google.com
Addresses: 2607:f8b0:4000:801::1007
74.125.227.101
74.125.227.102
74.125.227.103
74.125.227.104
74.125.227.105
74.125.227.110
74.125.227.96
74.125.227.97
74.125.227.98
74.125.227.99
74.125.227.100


Pinging google.com [74.125.227.100] with 32 bytes of data:
Reply from 74.125.227.100: bytes=32 time=30ms TTL=52
Reply from 74.125.227.100: bytes=32 time=31ms TTL=52

Ping statistics for 74.125.227.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 31ms, Average = 30ms
Server: router.Belkin
Address: 192.168.2.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=138ms TTL=49
Reply from 98.139.183.24: bytes=32 time=118ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 118ms, Maximum = 138ms, Average = 128ms
Server: router.Belkin
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 27 19 b2 e6 0e ......RT73 USB Wireless LAN Card
10...6c f0 49 55 8a 6e ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.2 281
192.168.2.2 255.255.255.255 On-link 192.168.2.2 281
192.168.2.255 255.255.255.255 On-link 192.168.2.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:9d38:953c:84e:3de2:b490:94ec/128
On-link
12 281 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::84e:3de2:b490:94ec/128
On-link
12 281 fe80::2043:22cc:e4c6:a60e/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/19/2012 00:31:11 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/19/2012 00:30:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (10/18/2012 08:52:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/18/2012 08:52:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/18/2012 08:52:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/18/2012 05:27:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/18/2012 05:23:23 PM) (Source: TivoTransfer) (User: )
Description: TiVoTransfer already run!

Error: (10/17/2012 08:54:08 AM) (Source: Google Update) (User: Dowdy-PC)Dowdy-PC
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (10/16/2012 01:24:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 01:22:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.


System errors:
=============
Error: (10/18/2012 05:23:21 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL
SAVRKBootTasks

Error: (10/18/2012 05:22:55 PM) (Source: Application Popup) (User: )
Description: \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/18/2012 05:22:54 PM) (Source: Application Popup) (User: )
Description: \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/18/2012 05:21:49 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Stereoscopic 3D Driver Service service has reported an invalid current state 0.

Error: (10/18/2012 04:16:47 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL
SAVRKBootTasks

Error: (10/18/2012 04:16:19 PM) (Source: Application Popup) (User: )
Description: \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/18/2012 04:16:19 PM) (Source: Application Popup) (User: )
Description: \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/18/2012 04:15:07 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Stereoscopic 3D Driver Service service has reported an invalid current state 0.

Error: (10/18/2012 03:57:46 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (10/18/2012 03:57:15 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (10/19/2012 00:31:11 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/19/2012 00:30:10 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (10/18/2012 08:52:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dowdy\Desktop\AV\esetsmartinstaller_enu.exe

Error: (10/18/2012 08:52:32 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dowdy\Desktop\AV\esetsmartinstaller_enu.exe

Error: (10/18/2012 08:52:32 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dowdy\Desktop\AV\esetsmartinstaller_enu.exe

Error: (10/18/2012 05:27:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dowdy\Desktop\AV\esetsmartinstaller_enu.exe

Error: (10/18/2012 05:23:23 PM) (Source: TivoTransfer)(User: )
Description: TiVoTransfer already run!

Error: (10/17/2012 08:54:08 AM) (Source: Google Update)(User: Dowdy-PC)Dowdy-PC
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (10/16/2012 01:24:34 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/16/2012 01:22:59 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (Version: 3.1.0.4880)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Anchor Service x64 CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe CMaps x64 CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe CSI CS4 (Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Digital Editions
Adobe Drive CS4 x64 (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Fonts All x64 (Version: 2.0)
Adobe Linguistics CS4 x64 (Version: 4.0.0)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe PDF Library Files x64 CS4 (Version: 9.0)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Type Support CS4 (Version: 9.0)
Adobe Type Support x64 CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
AIM 7
Anti Tracks 7.1.5
AnyDVD (Version: 6.7.9.0)
AOL Messaging Toolbar
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2441)
AVG 2012 (Version: 2012.0.2221)
AVI to DVD Converter (Version: 3.0.26.0406)
AVS Update Manager 1.0
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
Belkin Setup and Router Monitor
BitTornado 0.3.17 (Version: 0.3.17)
Black & White® 2 (Version: 1.00.0000)
Bonjour (Version: 3.0.0.10)
Browser Configuration Utility (Version: 1.1.11.0)
BS.Player FREE (Version: 2.53.1034)
BufferChm (Version: 140.0.212.000)
CloneDVD2
Connect (Version: 1.0.0.1)
ConverterLite 1.5.1 (Version: 1.5.1)
Counter-Strike: Source
Counter-Strike: Source (Version: 1.0.0.0)
Coupon Printer for Windows (Version: 5.0.0.0)
CPUID CPU-Z 1.53.1
D110 (Version: 140.0.142.000)
D3DX10 (Version: 15.4.2368.0902)
Day of Defeat: Source
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DivX Setup (Version: 2.5.0.11)
Dracula 3
Dropbox (Version: 1.1.35)
EaseUS Data Recovery Wizard Free Edition 5.5.1
EasyGPS 4.45 (Version: 4.45)
ESET Online Scanner v3
Facebook Plug-In
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
FLAC To MP3 V4.0.4
Free FLAC to MP3 Converter 1.0
Free MKV Video2Dvd 2.81
Free Window Registry Repair
Gigabyte Raid Cinfigurer (Version: 1.00.0001)
GLM FLV Player (a FREE GNU Licenced Flash Media File (.FLV) Pla
Google Chrome (Version: 22.0.1229.94)
Google Earth Plug-in (Version: 5.2.0.5932)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
GoToMeeting 4.5.0.457
GPBaseService2 (Version: 140.0.211.000)
Half-Life 2: Deathmatch
Half-Life 2: Lost Coast
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.003.001.001)
HPAppStudio (Version: 140.0.95.000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
IBM Lotus Forms Viewer 3.5.1 (Version: 7.6.1.333)
ImagXpress (Version: 7.0.74.0)
Inkscape 0.48.2 (Version: 0.48.2)
inSSIDer (Version: 2.1.5)
Internet Explorer (Enable DEP)
Internet TV for Windows Media Center (Version: 3.2.1.0)
iTunes (Version: 10.5.2.11)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 31 (Version: 6.0.310)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 8.6.0 (Full) (Version: 8.6.0)
kuler (Version: 2.0)
Liveupdate4
magicJack (Version: 2.0.5703.3988)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 140.0.212.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 7.1 (Version: 7.10.344.0)
Microsoft IntelliType Pro 8.0 (Version: 8.0.225.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MobileMe Control Panel (Version: 3.1.5.0)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
MSI Afterburner 1.2.0 (Version: 1.2.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyVideoConverter 1.34 (Version: 1.34)
neroxml (Version: 1.0.0)
Network64 (Version: 140.0.212.000)
Network64 (Version: 140.0.221.000)
NVIDIA Display Control Panel (Version: 6.14.11.9745)
NVIDIA Drivers (Version: 1.10.59.37)
NVIDIA PhysX (Version: 9.10.0129)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.11.9745)
OpenOffice.org 3.3 (Version: 3.3.9567)
PDF Creator
PDF Settings CS4 (Version: 9.0)
PDG GOLD NCO - 2011 (Version: 181)
Photoshop Camera Raw (Version: 5.0)
Photoshop Camera Raw_x64 (Version: 5.0)
Power MP4 iPod PSP 3GP AVI MPG WMV Video Converter 5.0
PS_AIO_07_D110_SW_Min (Version: 140.0.142.000)
QuickTime (Version: 7.72.80.56)
QuickTransfer (Version: 140.0.98.000)
Ralink Wireless LAN Card (Version: 1.00.01)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0009)
Realtek High Definition Audio Driver (Version: 6.0.1.5964)
Recuva (Version: 1.42)
Registry Mechanic 9.0 (Version: 9.0)
RuneScape Launcher 1.2 (Version: 1.2.0)
Safari (Version: 5.33.19.4)
SAMSUNG PC Share Manager (Version: 4.0)
Scan (Version: 140.0.77.000)
Shop for HP Supplies (Version: 14.0)
SIW version 2011.10.29 (Version: 2011.10.29)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.211.000)
SopCast 3.2.9 (Version: 3.2.9)
Sophos Anti-Rootkit 1.5.20 (Version: 1.5.20)
Spybot - Search & Destroy 2 (Version: 2.0.6)
Status (Version: 140.0.212.000)
Steam™ (Version: 1.0.0.0)
StreamTorrent 1.0
Suite Shared Configuration CS4 (Version: 1.0)
SUPERAntiSpyware Professional (Version: 4.15.0.1000)
TiVo Desktop 2.8.3 (Version: 2.8.412.370)
Toolbox (Version: 140.0.424.000)
TrayApp (Version: 140.0.212.000)
UBCD4Win 3.60
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.1 (Version: 2.0.1)
WBFS Manager 3.0 (Version: 3.0)
WebReg (Version: 140.0.212.017)
Win7codecs (Version: 2.5.5)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 3.1.1.0)
WinRAR archiver
WModem Driver Installer (Version: 2.0.6.7)
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 46%
Total physical RAM: 6142.49 MB
Available physical RAM: 3280.64 MB
Total Pagefile: 12283.18 MB
Available Pagefile: 9082.8 MB
Total Virtual: 4095.88 MB
Available Virtual: 3949.17 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:1397.17 GB) (Free:1023.33 GB) NTFS

========================= Users: ========================================

User accounts for \\DOWDY-PC

Administrator Dowdy Guest
Mcx1-DOWDY-PC

========================= Restore Points ==================================

26-09-2012 17:12:32 Installed Java 7 Update 7
04-10-2012 06:00:03 Scheduled Checkpoint
10-10-2012 09:00:18 Windows Update
13-10-2012 06:41:29 Installed QuickTime

**** End of log ****

//BREAK//

Farbar Service Scanner Version: 19-10-2012
Ran by Dowdy (administrator) on 19-10-2012 at 17:01:21
Running from "C:\Users\Dowdy\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

//BREAK//

Junkware Removal Tool (JRT) by Thisisu
Version: 1.7.9 (10.19.2012)
OS: Windows 7 Ultimate x64
Ran by Dowdy on Fri 10/19/2012 at 17:02:34.31
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] "hkey_current_user\software\microsoft\babylon"
Successfully deleted: [KEY] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasapi32"
Successfully deleted: [KEY] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasmancs"



*** Files:

Successfully deleted: [FILE] C:\Program Files (x86)\coupons\Coupons.ico
Successfully deleted: [FILE] C:\Program Files (x86)\coupons\CouponsCom.url
Successfully deleted: [FILE] C:\Program Files (x86)\coupons\uninstall.exe



*** Folders:

Successfully deleted: [FOLDER] "C:\Program Files (x86)\coupons"



*** FireFox detected and repaired

Successfully deleted: [EXTENSION VALUE] hkey_current_user\software\mozilla\firefox\extensions\\smartwebprinting@hp.com
Successfully deleted: [EXTENSION VALUE] hkey_local_machine\software\mozilla\firefox\extensions\\smartwebprinting@hp.com
Successfully deleted: [npCouponPrinter.dll] from [FF plugins]
Successfully deleted: [npMozCouponPrinter.dll] from [FF plugins]


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Fri 10/19/2012 at 17:10:09.81
End of Report

//BREAK//

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/19/2012 05:11:21 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\XSrvSetup.exe (PID: 1520) [WD-HEUR]

1 proccess terminated!

Possibly Patched Files.

* C:\Windows\system32\winlogon.exe

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* C:\Windows\System32\user32.dll [NoSig]
+-> C:\Windows\ERDNT\cache86\user32.dll : 833,024 : 11/20/2010 00:08 AM : 5e0db2d8b2750543cd2ebb9ea8e6cdd3 [Pos Repl]
+-> C:\Windows\SysWOW64\user32.dll : 833,024 : 11/20/2010 00:08 AM : 5e0db2d8b2750543cd2ebb9ea8e6cdd3 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll : 1,008,640 : 07/13/2009 07:41 PM : 72d7b3ea16946e8f0cf7458150031cc6 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll : 1,008,128 : 11/20/2010 07:27 AM : fe70103391a64039a921dbfff9c7ab1b [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll : 833,024 : 07/13/2009 07:11 PM : e8b0ffc209e504cb7e79fc24e6c085f0 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll : 833,024 : 11/20/2010 07:08 AM : 5e0db2d8b2750543cd2ebb9ea8e6cdd3 [Pos Repl]

* C:\Windows\System32\winlogon.exe [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe : 389,120 : 07/13/2009 07:39 PM : 132328df455b0028f13bf0abee51a63a [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe : 389,632 : 10/28/2009 07:24 AM : da3e2a6fa9660cc75b471530ce88453a [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe : 389,632 : 10/28/2009 07:01 AM : a93d41a4d4b0d91c072d11dd8af266de [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe : 390,656 : 11/20/2010 07:25 AM : 1151b1baa6f350b1db6598e0fea7c457 [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/19/2012 05:12:03 PM
Execution time: 0 hours(s), 0 minute(s), and 41 seconds(s)

//BREAK//

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "itype" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_TRAY" "AVG Tray Monitor" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgtray.exe"
+ "BCU" "Browser Configuration Utility" "DeviceVM, Inc." "c:\program files (x86)\devicevm\browser configuration utility\bcu.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "InstaLAN" "" "Affinegy, Inc." "c:\program files (x86)\belkin\router setup and monitor\belkinroutermonitor.exe"
+ "ISUSScheduler" "InstallShield Update Service Scheduler" "InstallShield Software Corporation" "c:\program files (x86)\common files\installshield\updateservice\issch.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "Malwarebytes Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe"
"C:\Users\Dowdy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.3.lnk" "" "" "c:\program files (x86)\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Aim" "AOL Instant Messenger" "AOL Inc." "c:\program files (x86)\aim\aim.exe"
+ "ISUSPM Startup" "InstallShield Update Service Update Manager" "InstallShield Software Corporation" "c:\program files (x86)\common files\installshield\updateservice\isuspm.exe"
+ "TivoNotify" "TiVo Notify Service Process" "TiVo Inc." "c:\program files (x86)\tivo\desktop\tivonotify.exe"
+ "TivoServer" "TiVo Server Service Process" "TiVo Inc." "c:\program files (x86)\tivo\desktop\tivoserver.exe"
+ "TivoTransfer" "TiVo Transfer Service" "TiVo Inc." "c:\program files (x86)\tivo\desktop\tivotransfer.exe"
+ "TranscodingService" "TiVo Transcoding Service" "TiVo Inc." "c:\program files (x86)\tivo\desktop\plus\transcodingservice.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgppa.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\dowdy\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files (x86)\superantispyware\sasctxmn.dll"
+ "ShellPlusContextMenu" "" "" "c:\program files (x86)\anti tracks\excontextmenu.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\dowdy\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files (x86)\superantispyware\sasctxmn.dll"
+ "ShellPlusContextMenu" "" "" "c:\program files (x86)\anti tracks\excontextmenu.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\dowdy\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "ShellPlusContextMenu" "" "" "c:\program files (x86)\anti tracks\excontextmenu.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\dowdy\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\dowdy\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\dowdy\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\dowdy\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\dowdy\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\dowdy\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssiea.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn1\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssie.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "PE_IE_Helper Class" "IBM® Lotus Forms™ Viewer IE helper" "IBM Corporation" "c:\program files (x86)\ibm\lotus forms\viewer\3.5\pehelper.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files (x86)\yahoo!\companion\installs\cpn1\ytsingleinstance.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn1\yt.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Sun Java Console" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2iexp.dll"
"Task Scheduler" "" "" ""
+ "\FacebookUpdateTaskUserS-1-5-21-5705335-1245392978-100607737-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\dowdy\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-5705335-1245392978-100607737-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\dowdy\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-5705335-1245392978-100607737-1000Core" "Google Installer" "Google Inc." "c:\users\dowdy\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-5705335-1245392978-100607737-1000UA" "Google Installer" "Google Inc." "c:\users\dowdy\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\Microsoft_Hardware_Launch_IType_exe" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\{800AB9CD-51F9-4370-A723-ABCDC2991BC4}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AffinegyService" "Affinegy Mobility Management support" "Affinegy, Inc." "c:\program files (x86)\belkin\router setup and monitor\belkinservice.exe"
+ "AllShare" "" "" "c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgwdsvc.exe"
+ "BCUService" "This service performs auto-recovery for Browser Configuration Utility." "DeviceVM, Inc." "c:\program files (x86)\devicevm\browser configuration utility\bcuservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "FLEXnet Licensing Service 64" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"
+ "HPSLPSVC" "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JMB36X" "" "" "c:\windows\syswow64\xsrvsetup.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "PCToolsSSDMonitorSvc" "PC Tools Startup and Shutdown Monitor service" "PC Tools" "c:\program files (x86)\common files\pc tools\smonitor\startmansvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adfs" "Adobe Drive File System Driver" "Adobe Systems, Inc." "c:\windows\system32\drivers\adfs.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "androidusb" "ADB Interface" "Google Inc" "c:\windows\system32\drivers\androidusb.sys"
+ "AnyDVD" "AnyDVD Filter Driver" "SlySoft, Inc." "c:\windows\system32\drivers\anydvd.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswMBR" "" "" "File not found: C:\Users\Dowdy\AppData\Local\Temp\aswMBR.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsfiltera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpuz132" "CPUID Driver" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\cpuz132_x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "ElbyCDIO" "ElbyCD Windows x64 I/O driver" "Elaborate Bytes AG" "c:\windows\system32\drivers\elbycdio.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "FLASHSYS" "" "" "c:\program files (x86)\msi\live update 4\lu4\flashsys64.sys"
+ "gdrv" "" "" "File not found: C:\Windows\gdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "GMSIPCI" "" "" "File not found: D:\INSTALL\GMSIPCI.SYS"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "JRAID" "JMicron JMB36X RAID Driver" "JMicron Technology Corp." "c:\windows\system32\drivers\jraid.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEMSWEEP2" "Memsweep kernel driver" "Sophos Plc" "c:\windows\system32\17d4.tmp"
+ "netr7364" "Ralink 802.11 USB Wireless Adapter Driver" "Ralink Technology, Corp." "c:\windows\system32\drivers\netr7364.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 197.45 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files (x86)\superantispyware\sasdifsv.sys"
+ "SASENUM" "SASENUM.SYS" " SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files (x86)\superantispyware\sasenum.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files (x86)\superantispyware\saskutil.sys"
+ "SAVRKBootTasks" "" "" "File not found: C:\Windows\system32\SAVRKBootTasks.sys"
+ "SDHookDriver" "" "" "c:\program files (x86)\spybot - search & destroy 2\sdhookdrv64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "Synth3dVsc" "" "" "File not found: System32\drivers\synth3dvsc.sys"
+ "tsusbhub" "@%SystemRoot%\system32\drivers\tsusbhub.sys,-2" "" "File not found: system32\drivers\tsusbhub.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3filter" "" "" "c:\windows\syswow64\ac3filter.acm"
+ "msacm.avis" "ffdshow Audio Decoder" "" "c:\windows\syswow64\ff_acm.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "VIDC.FFDS" "" "" "c:\windows\syswow64\ff_vfw.dll"
+ "vidc.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "LAME Audio Encoder(My)" "LAME Audio Encoder" "" "c:\windows\syswow64\drivers\mycodec\mylame.ax"
+ "Moonlight H.264 Video Decoder" "Moonlight H264 Video Decoder" "Moonlight Cordless Ltd." "c:\program files (x86)\sopcast\codec\h264dec.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "3GPPShow" "viscom3gpenc.dll" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscom3gpenc.dll"
+ "AC3File" "" "" "c:\program files (x86)\k-lite codec pack\filters\ac3file.ax"
+ "AVS Video Out" "AVSVideoOutFilter DirectShow Filter" "Online Media Technologies Ltd" "c:\program files (x86)\common files\avsmedia\activex\avsvideooutfilter3.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "ColourSpaceConverter Filter" "viscom video Filter" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\ssvideo.dll"
+ "CoreVorbis Audio Decoder" "CoreVorbis" "-" "c:\program files (x86)\win7codecs\filters\corevorbis.ax"
+ "CustomFrameGrabber Filter" "Viscom Frame" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomframe.dll"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files (x86)\k-lite codec pack\filters\dcbasssource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "Essien R&D MPEG Writer Filter" "DirectShow MPEG Writing and Multiplexing DirectShow Filter" "Essien Research & Development" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\mpgfiltr.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)" "" "" "c:\program files (x86)\k-lite codec pack\filters\monkeysource.ax"
+ "FlashEncoder Filter" "" "" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomswfenc.ax"
+ "FLVShow" "flv encoder" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomflvenc.dll"
+ "FmpegReader Filter" "" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomavi.dll"
+ "FmpegWriter Filter" "" "" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\coredata.dll"
+ "FmpegWriter Filter" "" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\videoencode.dll"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "iPodShow" "viscomdata1.dll" "Viscom Software Viscom Software" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomdata1.dll"
+ "LAME Audio Encoder(My)" "LAME Audio Encoder" "" "c:\windows\syswow64\drivers\mycodec\mylame.ax"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavvideo.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "madVR" "madshi's D3D9 based video renderer" "madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madvr\madvr.ax"
+ "MainConcept MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\windows\syswow64\drivers\mycodec\mcdsmpeg.ax"
+ "MainConcept MPEG Splitter" "Mpeg I/II Splitter" "MainConcept AG" "c:\windows\syswow64\drivers\mycodec\mcspmpeg.ax"
+ "MainConcept MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\windows\syswow64\drivers\mycodec\mcdsmpeg.ax"
+ "MONOGRAM AAC Decoder" "AAC Decoder" "MONOGRAM Multimedia s.r.o." "c:\program files (x86)\win7codecs\filters\mmaacd.ax"
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM Musepack Decoder" "mmmpcdec" "" "c:\program files (x86)\k-lite codec pack\filters\mmmpcdec.ax"
+ "MONOGRAM Musepack Splitter" "mmmpcdmx" "" "c:\program files (x86)\k-lite codec pack\filters\mmmpcdmx.ax"
+ "Moonlight H.264 Video Decoder" "Moonlight H264 Video Decoder" "Moonlight Cordless Ltd." "c:\program files (x86)\sopcast\codec\h264dec.ax"
+ "MPC - DTS/AC3/DD+ Source" "DTS/AC3 Source Filter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\dtsac3source.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\flvsplitter.ax"
+ "MPC - MP4 Source" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\mp4splitter.dll"
+ "MPC - MP4 Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\mp4splitter.dll"
+ "MPC - Mpeg Source (Gabest)" "Mpeg Splitter" "Gabest" "c:\program files (x86)\win7codecs\filters\mpegsplitter1.ax"
+ "MPC - Mpeg Splitter (Gabest)" "Mpeg Splitter" "Gabest" "c:\program files (x86)\win7codecs\filters\mpegsplitter1.ax"
+ "MPC - MPEG4 Video Source" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\mp4splitter.dll"
+ "MPC - MPEG4 Video Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\mp4splitter.dll"
+ "MPC - Ogg Source" "Ogg Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\oggsplitter.ax"
+ "MPC - Ogg Splitter" "Ogg Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\oggsplitter.ax"
+ "MyAVIEncoder" "AVIEncoder filter" "MyCompanyName" "c:\windows\syswow64\drivers\mycodec\myavi.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files (x86)\win7codecs\filters\ndparser.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files (x86)\win7codecs\filters\ndparser.ax"
+ "PSPShow" "visomdata2.dll" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomdata2.dll"
+ "QuickTime Source Filter" "QuickTime Decoder" "" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomqtde.dll"
+ "QuickTime Writer" "" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomqtenc.dll"
+ "RadLight OptimFROG DirectShow Filter" "RLOFRDec" "RadLight" "c:\program files (x86)\k-lite codec pack\filters\rlofrdec.ax"
+ "RealMediaEncoder Filter" "RealMedia Encoder Filter" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomrmenc.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SampleRateConverter Filter" "viscomsamplerate.dll" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomsamplerate.dll"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files (x86)\k-lite codec pack\filters\vp7dec.ax"
+ "TextImageTrans Filter" "Tranform Filter" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomtran.dll"
+ "TiVo DirectShow Source Filter" "TiVo DirectShow Source Filter" "TiVo Inc." "c:\program files (x86)\tivo\desktop\plus\tivodirectshowfilter.dll"
+ "Tivo MovSource Filter" "TiVo Desktop MOV Source Filter" "TiVo Inc." "c:\program files (x86)\tivo\desktop\plus\tivomovsource.ax"
+ "Viscomsoft Mpeg Encoder" "viscomdata3.dll" "Viscom Software www.viscomsoft.com" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomdata3.dll"
+ "WAV Dest" "" "Viscom Software" "c:\program files (x86)\aml products\power mp4 ipod psp 3gp avi mpg wmv video converter\viscomwave.dll"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files (x86)\k-lite codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files (x86)\k-lite codec pack\filters\wavpackdssplitter.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "CUSTPDF Writer Monitor x86" "" "" "c:\windows\system32\custmon64i.dll"
+ "hpf3l101.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l101.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "AdobeDriveCS4_NP" "Adobe Drive CS4 Network" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adobedrivecs4_np.dll"
"C:\Users\Dowdy\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "HP Photo Print" "Drag and drop photos to print." "Hewlett-Packard Corp" "C:\Users\Dowdy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\Gadget.xml"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:19 AM

Posted 19 October 2012 - 06:30 PM

Go to https://www.virustotal.com/

Click on CHOOSE FILE and browse to

C:\Windows\System32\winlogon.exe and click ok

Click on SCAN IT option

Post the generated log result here

Similarly upload this file

C:\Windows\System32\user32.dll

post the log result here

#7 titansfan83

titansfan83
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 19 October 2012 - 07:11 PM

I tried to upload winlogon.exe but it was not there. I did a search and nothing came up in the system32 folder. I did upload user32.dll and it did not find anything.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:19 AM

Posted 19 October 2012 - 07:15 PM

Click on startmenu and type

cmd

Right click on it,select run as administrator and run this command

sfc /scanfile=C:\Windows\System32\winlogon.exe

After scan finishes run this command

sfc /scanfile=C:\Windows\System32\user32.dll

Restart the PC after scan and post the new RKILL log

#9 titansfan83

titansfan83
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 19 October 2012 - 07:25 PM

Accomplished both, said they were corrupt and I had to restart after each one.

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/19/2012 06:25:08 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\XSrvSetup.exe (PID: 1720) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/19/2012 06:25:23 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:19 AM

Posted 19 October 2012 - 08:34 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users