Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Facebook Virus


  • Please log in to reply
9 replies to this topic

#1 RythmicJea

RythmicJea

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 13 October 2012 - 11:40 PM

I believe that I have a virus or malware on my computer. However, I have run MalwareBytes, Avast, Webroot, and Microsoft Essentials several times but none have detected anything. The virus only affects Facebook and a couple other sites. While on Facebook there are ads that will run on the right side of the page and the bottom; the audio from video ads will play (but no video can be found) - this is only done on Facebook; the page doesn't automatically load - I have to manually click "see more"; as for other sites it will post a banner where it might be inconvenient.

Thank You,
Lea

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:03 PM

Posted 13 October 2012 - 11:50 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 RythmicJea

RythmicJea
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 14 October 2012 - 11:54 PM

19:51:46.0871 3576 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
19:51:47.0222 3576 ============================================================
19:51:47.0222 3576 Current date / time: 2012/10/14 19:51:47.0222
19:51:47.0222 3576 SystemInfo:
19:51:47.0222 3576
19:51:47.0222 3576 OS Version: 6.1.7601 ServicePack: 1.0
19:51:47.0222 3576 Product type: Workstation
19:51:47.0222 3576 ComputerName: OWNER-PC
19:51:47.0225 3576 UserName: Owner
19:51:47.0225 3576 Windows directory: C:\Windows
19:51:47.0225 3576 System windows directory: C:\Windows
19:51:47.0225 3576 Running under WOW64
19:51:47.0225 3576 Processor architecture: Intel x64
19:51:47.0225 3576 Number of processors: 2
19:51:47.0225 3576 Page size: 0x1000
19:51:47.0225 3576 Boot type: Normal boot
19:51:47.0225 3576 ============================================================
19:51:50.0379 3576 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:51:50.0392 3576 ============================================================
19:51:50.0392 3576 \Device\Harddisk0\DR0:
19:51:50.0392 3576 MBR partitions:
19:51:50.0393 3576 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
19:51:50.0393 3576 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x237FB800
19:51:50.0393 3576 ============================================================
19:51:50.0434 3576 C: <-> \Device\Harddisk0\DR0\Partition2
19:51:50.0435 3576 ============================================================
19:51:50.0435 3576 Initialize success
19:51:50.0435 3576 ============================================================
19:51:52.0659 6088 ============================================================
19:51:52.0659 6088 Scan started
19:51:52.0659 6088 Mode: Manual;
19:51:52.0659 6088 ============================================================
19:51:53.0759 6088 ================ Scan system memory ========================
19:51:53.0759 6088 System memory - ok
19:51:53.0760 6088 ================ Scan services =============================
19:51:54.0160 6088 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:51:54.0167 6088 1394ohci - ok
19:51:54.0233 6088 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:51:54.0242 6088 ACPI - ok
19:51:54.0274 6088 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:51:54.0277 6088 AcpiPmi - ok
19:51:54.0432 6088 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:51:54.0450 6088 AdobeARMservice - ok
19:51:54.0634 6088 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:51:54.0640 6088 AdobeFlashPlayerUpdateSvc - ok
19:51:54.0698 6088 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:51:54.0706 6088 adp94xx - ok
19:51:54.0722 6088 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:51:54.0730 6088 adpahci - ok
19:51:54.0738 6088 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:51:54.0741 6088 adpu320 - ok
19:51:54.0786 6088 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:51:54.0788 6088 AeLookupSvc - ok
19:51:54.0868 6088 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:51:54.0880 6088 AFD - ok
19:51:54.0932 6088 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:51:54.0935 6088 agp440 - ok
19:51:54.0971 6088 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:51:54.0986 6088 ALG - ok
19:51:55.0020 6088 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:51:55.0022 6088 aliide - ok
19:51:55.0103 6088 [ D865F8ABFF031563E860D16A38BD5A35 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:51:55.0136 6088 AMD External Events Utility - ok
19:51:55.0157 6088 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:51:55.0159 6088 amdide - ok
19:51:55.0190 6088 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:51:55.0193 6088 AmdK8 - ok
19:51:55.0385 6088 [ 83418F6EE5A81DDDD8E248FCBFC99AF6 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
19:51:55.0530 6088 amdkmdag - ok
19:51:55.0588 6088 [ 7E58B5E1DEAA70BD46997068DF06B4E3 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:51:55.0592 6088 amdkmdap - ok
19:51:55.0645 6088 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:51:55.0647 6088 AmdPPM - ok
19:51:55.0682 6088 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:51:55.0685 6088 amdsata - ok
19:51:55.0739 6088 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:51:55.0746 6088 amdsbs - ok
19:51:55.0767 6088 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:51:55.0770 6088 amdxata - ok
19:51:55.0854 6088 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:51:55.0875 6088 AntiVirSchedulerService - ok
19:51:55.0917 6088 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:51:55.0920 6088 AntiVirService - ok
19:51:55.0964 6088 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:51:55.0968 6088 AppID - ok
19:51:56.0000 6088 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:51:56.0015 6088 AppIDSvc - ok
19:51:56.0051 6088 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:51:56.0054 6088 Appinfo - ok
19:51:56.0154 6088 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:51:56.0189 6088 Apple Mobile Device - ok
19:51:56.0229 6088 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:51:56.0233 6088 arc - ok
19:51:56.0242 6088 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:51:56.0253 6088 arcsas - ok
19:51:56.0387 6088 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:51:56.0402 6088 aspnet_state - ok
19:51:56.0473 6088 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:51:56.0476 6088 aswFsBlk - ok
19:51:56.0513 6088 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:51:56.0517 6088 aswMonFlt - ok
19:51:56.0554 6088 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
19:51:56.0558 6088 aswRdr - ok
19:51:56.0642 6088 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:51:56.0677 6088 aswSnx - ok
19:51:56.0748 6088 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:51:56.0758 6088 aswSP - ok
19:51:56.0781 6088 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:51:56.0783 6088 aswTdi - ok
19:51:56.0845 6088 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:51:56.0848 6088 AsyncMac - ok
19:51:56.0887 6088 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:51:56.0889 6088 atapi - ok
19:51:56.0982 6088 [ D53972336E7408330417DE45619D75E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:51:57.0029 6088 athr - ok
19:51:57.0085 6088 [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:51:57.0088 6088 AtiPcie - ok
19:51:57.0153 6088 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:51:57.0169 6088 AudioEndpointBuilder - ok
19:51:57.0182 6088 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:51:57.0187 6088 AudioSrv - ok
19:51:57.0298 6088 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:51:57.0301 6088 avast! Antivirus - ok
19:51:57.0324 6088 Avgfwfd - ok
19:51:57.0467 6088 [ 2F0C5AE2352F22B587EDC2829C971262 ] avgfws C:\Program Files (x86)\AVG\AVG10\avgfws.exe
19:51:57.0521 6088 avgfws - ok
19:51:57.0551 6088 AVGIDSDriver - ok
19:51:57.0576 6088 AVGIDSEH - ok
19:51:57.0587 6088 AVGIDSFilter - ok
19:51:57.0635 6088 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:51:57.0638 6088 avgntflt - ok
19:51:57.0676 6088 [ FC2BC51120A945F7C70376495E4E7737 ] avgwd C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
19:51:57.0682 6088 avgwd - ok
19:51:57.0730 6088 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:51:57.0734 6088 avipbb - ok
19:51:57.0753 6088 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:51:57.0756 6088 avkmgr - ok
19:51:57.0804 6088 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:51:57.0822 6088 AxInstSV - ok
19:51:57.0868 6088 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:51:57.0874 6088 b06bdrv - ok
19:51:57.0895 6088 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:51:57.0900 6088 b57nd60a - ok
19:51:57.0932 6088 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:51:57.0941 6088 BDESVC - ok
19:51:57.0975 6088 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:51:57.0977 6088 Beep - ok
19:51:58.0025 6088 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:51:58.0058 6088 BFE - ok
19:51:58.0123 6088 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:51:58.0142 6088 BITS - ok
19:51:58.0189 6088 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:51:58.0192 6088 blbdrive - ok
19:51:58.0253 6088 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:51:58.0305 6088 Bonjour Service - ok
19:51:58.0361 6088 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:51:58.0365 6088 bowser - ok
19:51:58.0405 6088 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:51:58.0408 6088 BrFiltLo - ok
19:51:58.0445 6088 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:51:58.0451 6088 BrFiltUp - ok
19:51:58.0482 6088 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:51:58.0485 6088 Browser - ok
19:51:58.0507 6088 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:51:58.0512 6088 Brserid - ok
19:51:58.0539 6088 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:51:58.0540 6088 BrSerWdm - ok
19:51:58.0561 6088 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:51:58.0563 6088 BrUsbMdm - ok
19:51:58.0575 6088 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:51:58.0576 6088 BrUsbSer - ok
19:51:58.0614 6088 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
19:51:58.0616 6088 BTCFilterService - ok
19:51:58.0638 6088 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:51:58.0640 6088 BTHMODEM - ok
19:51:58.0674 6088 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:51:58.0683 6088 bthserv - ok
19:51:58.0714 6088 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:51:58.0717 6088 cdfs - ok
19:51:58.0764 6088 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:51:58.0769 6088 cdrom - ok
19:51:58.0856 6088 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:51:58.0896 6088 CertPropSvc - ok
19:51:58.0942 6088 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:51:59.0032 6088 circlass - ok
19:51:59.0123 6088 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:51:59.0132 6088 CLFS - ok
19:51:59.0200 6088 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:51:59.0219 6088 clr_optimization_v2.0.50727_32 - ok
19:51:59.0249 6088 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:51:59.0259 6088 clr_optimization_v2.0.50727_64 - ok
19:51:59.0305 6088 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:51:59.0309 6088 clr_optimization_v4.0.30319_32 - ok
19:51:59.0333 6088 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:51:59.0336 6088 clr_optimization_v4.0.30319_64 - ok
19:51:59.0350 6088 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:51:59.0352 6088 CmBatt - ok
19:51:59.0366 6088 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:51:59.0367 6088 cmdide - ok
19:51:59.0416 6088 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:51:59.0430 6088 CNG - ok
19:51:59.0483 6088 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:51:59.0486 6088 Compbatt - ok
19:51:59.0531 6088 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:51:59.0535 6088 CompositeBus - ok
19:51:59.0544 6088 COMSysApp - ok
19:51:59.0572 6088 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:51:59.0574 6088 crcdisk - ok
19:51:59.0627 6088 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:51:59.0681 6088 CryptSvc - ok
19:51:59.0733 6088 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
19:51:59.0735 6088 dc3d - ok
19:51:59.0790 6088 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:51:59.0799 6088 DcomLaunch - ok
19:51:59.0833 6088 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:51:59.0854 6088 defragsvc - ok
19:51:59.0901 6088 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:51:59.0905 6088 DfsC - ok
19:51:59.0960 6088 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:52:00.0003 6088 Dhcp - ok
19:52:00.0038 6088 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:52:00.0041 6088 discache - ok
19:52:00.0059 6088 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:52:00.0064 6088 Disk - ok
19:52:00.0108 6088 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:52:00.0142 6088 Dnscache - ok
19:52:00.0188 6088 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:52:00.0212 6088 dot3svc - ok
19:52:00.0258 6088 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:52:00.0265 6088 DPS - ok
19:52:00.0295 6088 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:52:00.0298 6088 drmkaud - ok
19:52:00.0377 6088 [ 61E894FE1E9CC720C909E6E343351794 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:52:00.0791 6088 DsiWMIService - ok
19:52:00.0855 6088 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:52:00.0890 6088 DXGKrnl - ok
19:52:00.0927 6088 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:52:00.0931 6088 EapHost - ok
19:52:01.0021 6088 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:52:01.0101 6088 ebdrv - ok
19:52:01.0144 6088 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:52:01.0151 6088 EFS - ok
19:52:01.0236 6088 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:52:01.0276 6088 ehRecvr - ok
19:52:01.0322 6088 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:52:01.0333 6088 ehSched - ok
19:52:01.0391 6088 [ ABE98D3E54C7684EA3A4C0911FD723F1 ] EloSystemService C:\Program Files\Elo TouchSystems\EloSrvce.exe
19:52:01.0561 6088 EloSystemService - ok
19:52:01.0618 6088 [ 2BC285FC57C539E5215F723B9D8EC51E ] EloUsbG2 C:\Windows\system32\Drivers\EloUsbG2.sys
19:52:01.0623 6088 EloUsbG2 - ok
19:52:01.0676 6088 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:52:01.0688 6088 elxstor - ok
19:52:01.0781 6088 [ 91C2E6234F6884C6FEEF9658D8EDE6B6 ] ePowerSvc C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
19:52:01.0845 6088 ePowerSvc - ok
19:52:01.0860 6088 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:52:01.0862 6088 ErrDev - ok
19:52:01.0922 6088 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:52:01.0933 6088 EventSystem - ok
19:52:01.0954 6088 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:52:01.0961 6088 exfat - ok
19:52:02.0013 6088 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:52:02.0019 6088 fastfat - ok
19:52:02.0074 6088 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:52:02.0096 6088 Fax - ok
19:52:02.0136 6088 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:52:02.0139 6088 fdc - ok
19:52:02.0166 6088 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:52:02.0171 6088 fdPHost - ok
19:52:02.0182 6088 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:52:02.0199 6088 FDResPub - ok
19:52:02.0237 6088 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:52:02.0239 6088 FileInfo - ok
19:52:02.0259 6088 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:52:02.0261 6088 Filetrace - ok
19:52:02.0273 6088 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:52:02.0275 6088 flpydisk - ok
19:52:02.0320 6088 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:52:02.0327 6088 FltMgr - ok
19:52:02.0399 6088 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:52:02.0449 6088 FontCache - ok
19:52:02.0510 6088 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:52:02.0517 6088 FontCache3.0.0.0 - ok
19:52:02.0585 6088 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:52:02.0588 6088 FsDepends - ok
19:52:02.0624 6088 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:52:02.0627 6088 Fs_Rec - ok
19:52:02.0666 6088 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:52:02.0673 6088 fvevol - ok
19:52:02.0699 6088 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:52:02.0704 6088 gagp30kx - ok
19:52:02.0739 6088 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:52:02.0741 6088 GEARAspiWDM - ok
19:52:02.0798 6088 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:52:02.0833 6088 gpsvc - ok
19:52:02.0935 6088 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
19:52:02.0951 6088 GREGService - ok
19:52:02.0974 6088 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:52:02.0977 6088 hcw85cir - ok
19:52:03.0026 6088 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:52:03.0032 6088 HdAudAddService - ok
19:52:03.0074 6088 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:52:03.0078 6088 HDAudBus - ok
19:52:03.0098 6088 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:52:03.0102 6088 HidBatt - ok
19:52:03.0121 6088 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:52:03.0126 6088 HidBth - ok
19:52:03.0145 6088 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:52:03.0147 6088 HidIr - ok
19:52:03.0166 6088 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:52:03.0174 6088 hidserv - ok
19:52:03.0216 6088 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:52:03.0218 6088 HidUsb - ok
19:52:03.0248 6088 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:52:03.0258 6088 hkmsvc - ok
19:52:03.0291 6088 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:52:03.0296 6088 HomeGroupListener - ok
19:52:03.0338 6088 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:52:03.0346 6088 HomeGroupProvider - ok
19:52:03.0392 6088 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:52:03.0396 6088 HpSAMD - ok
19:52:03.0480 6088 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:52:03.0503 6088 HTTP - ok
19:52:03.0540 6088 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:52:03.0542 6088 hwpolicy - ok
19:52:03.0586 6088 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:52:03.0591 6088 i8042prt - ok
19:52:03.0624 6088 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:52:03.0635 6088 iaStorV - ok
19:52:03.0707 6088 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:52:03.0805 6088 idsvc - ok
19:52:03.0847 6088 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:52:03.0849 6088 iirsp - ok
19:52:03.0909 6088 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:52:03.0944 6088 IKEEXT - ok
19:52:04.0035 6088 [ FEADC18677A85A123E95A9B976101120 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:52:04.0080 6088 IntcAzAudAddService - ok
19:52:04.0136 6088 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:52:04.0139 6088 intelide - ok
19:52:04.0172 6088 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:52:04.0176 6088 intelppm - ok
19:52:04.0208 6088 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:52:04.0229 6088 IPBusEnum - ok
19:52:04.0280 6088 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:04.0284 6088 IpFilterDriver - ok
19:52:04.0334 6088 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:52:04.0355 6088 iphlpsvc - ok
19:52:04.0394 6088 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:52:04.0397 6088 IPMIDRV - ok
19:52:04.0421 6088 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:52:04.0425 6088 IPNAT - ok
19:52:04.0505 6088 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:52:04.0525 6088 iPod Service - ok
19:52:04.0550 6088 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:52:04.0552 6088 IRENUM - ok
19:52:04.0566 6088 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:52:04.0568 6088 isapnp - ok
19:52:04.0606 6088 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:52:04.0610 6088 iScsiPrt - ok
19:52:04.0668 6088 [ C9B4ECC187581E5BF3F76648884B7829 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
19:52:04.0673 6088 k57nd60a - ok
19:52:04.0688 6088 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:52:04.0690 6088 kbdclass - ok
19:52:04.0719 6088 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:52:04.0720 6088 kbdhid - ok
19:52:04.0732 6088 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:52:04.0735 6088 KeyIso - ok
19:52:04.0768 6088 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:52:04.0770 6088 KSecDD - ok
19:52:04.0808 6088 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:52:04.0811 6088 KSecPkg - ok
19:52:04.0857 6088 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:52:04.0861 6088 ksthunk - ok
19:52:04.0895 6088 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:52:04.0934 6088 KtmRm - ok
19:52:04.0981 6088 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:52:04.0991 6088 LanmanServer - ok
19:52:05.0037 6088 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:52:05.0050 6088 LanmanWorkstation - ok
19:52:05.0109 6088 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:52:05.0111 6088 lltdio - ok
19:52:05.0145 6088 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:52:05.0160 6088 lltdsvc - ok
19:52:05.0180 6088 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:52:05.0188 6088 lmhosts - ok
19:52:05.0212 6088 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:52:05.0214 6088 LSI_FC - ok
19:52:05.0235 6088 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:52:05.0237 6088 LSI_SAS - ok
19:52:05.0256 6088 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:52:05.0259 6088 LSI_SAS2 - ok
19:52:05.0266 6088 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:52:05.0269 6088 LSI_SCSI - ok
19:52:05.0294 6088 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:52:05.0297 6088 luafv - ok
19:52:05.0329 6088 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:52:05.0339 6088 Mcx2Svc - ok
19:52:05.0363 6088 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:52:05.0365 6088 megasas - ok
19:52:05.0384 6088 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:52:05.0390 6088 MegaSR - ok
19:52:05.0408 6088 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:52:05.0411 6088 MMCSS - ok
19:52:05.0433 6088 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:52:05.0435 6088 Modem - ok
19:52:05.0452 6088 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:52:05.0453 6088 monitor - ok
19:52:05.0483 6088 [ 93F5ADCAD940111F6D4D71AE1D9EC7F6 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
19:52:05.0485 6088 motccgp - ok
19:52:05.0520 6088 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
19:52:05.0522 6088 motccgpfl - ok
19:52:05.0566 6088 [ DB83DC223B9133DA3E41AFCBDECC46B5 ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
19:52:05.0570 6088 motmodem - ok
19:52:05.0638 6088 [ 36AC4DECEAE4226A5B5DD038C49658E1 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
19:52:05.0676 6088 MotoHelper - ok
19:52:05.0712 6088 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
19:52:05.0714 6088 MotoSwitchService - ok
19:52:05.0729 6088 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
19:52:05.0732 6088 Motousbnet - ok
19:52:05.0768 6088 [ 307727F9829FB46FF4BE0E4D1DAC5002 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys
19:52:05.0770 6088 motusbdevice - ok
19:52:05.0811 6088 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:52:05.0813 6088 mouclass - ok
19:52:05.0849 6088 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:52:05.0851 6088 mouhid - ok
19:52:05.0905 6088 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:52:05.0909 6088 mountmgr - ok
19:52:05.0980 6088 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:52:06.0001 6088 MozillaMaintenance - ok
19:52:06.0040 6088 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:52:06.0046 6088 MpFilter - ok
19:52:06.0074 6088 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:52:06.0080 6088 mpio - ok
19:52:06.0118 6088 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:52:06.0123 6088 mpsdrv - ok
19:52:06.0188 6088 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:52:06.0220 6088 MpsSvc - ok
19:52:06.0271 6088 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:52:06.0276 6088 MRxDAV - ok
19:52:06.0335 6088 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:06.0341 6088 mrxsmb - ok
19:52:06.0386 6088 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:06.0395 6088 mrxsmb10 - ok
19:52:06.0413 6088 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:06.0419 6088 mrxsmb20 - ok
19:52:06.0465 6088 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:52:06.0467 6088 msahci - ok
19:52:06.0498 6088 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:52:06.0502 6088 msdsm - ok
19:52:06.0520 6088 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:52:06.0533 6088 MSDTC - ok
19:52:06.0587 6088 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:52:06.0590 6088 Msfs - ok
19:52:06.0613 6088 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:52:06.0616 6088 mshidkmdf - ok
19:52:06.0659 6088 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:52:06.0662 6088 msisadrv - ok
19:52:06.0694 6088 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:52:06.0709 6088 MSiSCSI - ok
19:52:06.0715 6088 msiserver - ok
19:52:06.0743 6088 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:52:06.0745 6088 MSKSSRV - ok
19:52:06.0839 6088 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:52:06.0841 6088 MsMpSvc - ok
19:52:06.0857 6088 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:06.0861 6088 MSPCLOCK - ok
19:52:06.0871 6088 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:52:06.0879 6088 MSPQM - ok
19:52:06.0913 6088 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:52:06.0919 6088 MsRPC - ok
19:52:06.0962 6088 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:52:06.0964 6088 mssmbios - ok
19:52:06.0987 6088 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:52:06.0989 6088 MSTEE - ok
19:52:07.0002 6088 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:52:07.0004 6088 MTConfig - ok
19:52:07.0022 6088 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:52:07.0024 6088 Mup - ok
19:52:07.0077 6088 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:52:07.0099 6088 napagent - ok
19:52:07.0130 6088 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:52:07.0136 6088 NativeWifiP - ok
19:52:07.0196 6088 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:52:07.0225 6088 NDIS - ok
19:52:07.0246 6088 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:52:07.0249 6088 NdisCap - ok
19:52:07.0265 6088 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:07.0267 6088 NdisTapi - ok
19:52:07.0308 6088 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:07.0312 6088 Ndisuio - ok
19:52:07.0352 6088 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:07.0359 6088 NdisWan - ok
19:52:07.0406 6088 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:52:07.0410 6088 NDProxy - ok
19:52:07.0522 6088 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
19:52:07.0582 6088 Nero BackItUp Scheduler 4.0 - ok
19:52:07.0619 6088 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:52:07.0621 6088 NetBIOS - ok
19:52:07.0664 6088 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:52:07.0672 6088 NetBT - ok
19:52:07.0688 6088 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:52:07.0694 6088 Netlogon - ok
19:52:07.0727 6088 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:52:07.0750 6088 Netman - ok
19:52:07.0777 6088 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:07.0792 6088 NetMsmqActivator - ok
19:52:07.0799 6088 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:07.0803 6088 NetPipeActivator - ok
19:52:07.0840 6088 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:52:07.0854 6088 netprofm - ok
19:52:07.0874 6088 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:07.0878 6088 NetTcpActivator - ok
19:52:07.0888 6088 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:07.0892 6088 NetTcpPortSharing - ok
19:52:07.0929 6088 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:52:07.0931 6088 nfrd960 - ok
19:52:07.0966 6088 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:52:07.0969 6088 NisDrv - ok
19:52:08.0046 6088 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:52:08.0060 6088 NisSrv - ok
19:52:08.0109 6088 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:52:08.0116 6088 NlaSvc - ok
19:52:08.0145 6088 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:52:08.0147 6088 Npfs - ok
19:52:08.0192 6088 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:52:08.0200 6088 nsi - ok
19:52:08.0231 6088 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:52:08.0233 6088 nsiproxy - ok
19:52:08.0305 6088 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:52:08.0339 6088 Ntfs - ok
19:52:08.0431 6088 [ 5B3CE960C62DBE864BE9A0BD043A3E30 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
19:52:08.0773 6088 NTI IScheduleSvc - ok
19:52:08.0801 6088 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
19:52:08.0803 6088 NTIDrvr - ok
19:52:08.0824 6088 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:52:08.0826 6088 Null - ok
19:52:08.0864 6088 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:52:08.0870 6088 nvraid - ok
19:52:08.0918 6088 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:52:08.0922 6088 nvstor - ok
19:52:08.0937 6088 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:52:08.0942 6088 nv_agp - ok
19:52:09.0022 6088 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:52:09.0078 6088 odserv - ok
19:52:09.0130 6088 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:52:09.0198 6088 ohci1394 - ok
19:52:09.0427 6088 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:09.0448 6088 ose - ok
19:52:09.0490 6088 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:52:09.0496 6088 p2pimsvc - ok
19:52:09.0529 6088 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:52:09.0562 6088 p2psvc - ok
19:52:09.0597 6088 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:52:09.0599 6088 Parport - ok
19:52:09.0634 6088 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:52:09.0636 6088 partmgr - ok
19:52:09.0657 6088 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:52:09.0691 6088 PcaSvc - ok
19:52:09.0729 6088 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:52:09.0733 6088 pci - ok
19:52:09.0770 6088 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:52:09.0772 6088 pciide - ok
19:52:09.0799 6088 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:52:09.0803 6088 pcmcia - ok
19:52:09.0821 6088 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:52:09.0824 6088 pcw - ok
19:52:09.0845 6088 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:52:09.0854 6088 PEAUTH - ok
19:52:09.0954 6088 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:52:09.0965 6088 PerfHost - ok
19:52:10.0054 6088 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:52:10.0121 6088 pla - ok
19:52:10.0203 6088 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:52:10.0225 6088 PlugPlay - ok
19:52:10.0244 6088 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:52:10.0256 6088 PNRPAutoReg - ok
19:52:10.0278 6088 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:52:10.0284 6088 PNRPsvc - ok
19:52:10.0310 6088 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
19:52:10.0313 6088 Point64 - ok
19:52:10.0350 6088 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:52:10.0357 6088 PolicyAgent - ok
19:52:10.0389 6088 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:52:10.0395 6088 Power - ok
19:52:10.0436 6088 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:52:10.0438 6088 PptpMiniport - ok
19:52:10.0464 6088 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:52:10.0466 6088 Processor - ok
19:52:10.0502 6088 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:52:10.0507 6088 ProfSvc - ok
19:52:10.0521 6088 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:52:10.0523 6088 ProtectedStorage - ok
19:52:10.0566 6088 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:52:10.0568 6088 Psched - ok
19:52:10.0628 6088 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:52:10.0697 6088 ql2300 - ok
19:52:10.0721 6088 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:52:10.0725 6088 ql40xx - ok
19:52:10.0751 6088 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:52:10.0773 6088 QWAVE - ok
19:52:10.0808 6088 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:52:10.0812 6088 QWAVEdrv - ok
19:52:10.0835 6088 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:52:10.0837 6088 RasAcd - ok
19:52:10.0863 6088 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:52:10.0865 6088 RasAgileVpn - ok
19:52:10.0892 6088 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:52:10.0904 6088 RasAuto - ok
19:52:10.0948 6088 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:10.0951 6088 Rasl2tp - ok
19:52:11.0005 6088 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:52:11.0026 6088 RasMan - ok
19:52:11.0063 6088 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:11.0068 6088 RasPppoe - ok
19:52:11.0085 6088 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:52:11.0088 6088 RasSstp - ok
19:52:11.0154 6088 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:52:11.0163 6088 rdbss - ok
19:52:11.0185 6088 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:52:11.0188 6088 rdpbus - ok
19:52:11.0205 6088 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:11.0207 6088 RDPCDD - ok
19:52:11.0222 6088 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:52:11.0225 6088 RDPENCDD - ok
19:52:11.0246 6088 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:52:11.0247 6088 RDPREFMP - ok
19:52:11.0286 6088 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:52:11.0291 6088 RDPWD - ok
19:52:11.0331 6088 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:52:11.0339 6088 rdyboost - ok
19:52:11.0395 6088 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:52:11.0414 6088 RemoteAccess - ok
19:52:11.0436 6088 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:52:11.0455 6088 RemoteRegistry - ok
19:52:11.0488 6088 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:52:11.0491 6088 RimUsb - ok
19:52:11.0511 6088 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:52:11.0522 6088 RpcEptMapper - ok
19:52:11.0554 6088 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:52:11.0561 6088 RpcLocator - ok
19:52:11.0601 6088 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:52:11.0608 6088 RpcSs - ok
19:52:11.0666 6088 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:52:11.0670 6088 rspndr - ok
19:52:11.0717 6088 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
19:52:11.0726 6088 RSUSBSTOR - ok
19:52:11.0813 6088 [ 4E821C740A675F6D040BE41D59A62B1D ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
19:52:11.0820 6088 RTHDMIAzAudService - ok
19:52:11.0843 6088 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:52:11.0846 6088 SamSs - ok
19:52:11.0892 6088 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:52:11.0898 6088 sbp2port - ok
19:52:11.0948 6088 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:52:11.0980 6088 SCardSvr - ok
19:52:12.0018 6088 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:52:12.0021 6088 scfilter - ok
19:52:12.0089 6088 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:52:12.0116 6088 Schedule - ok
19:52:12.0167 6088 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:52:12.0169 6088 SCPolicySvc - ok
19:52:12.0213 6088 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:52:12.0219 6088 SDRSVC - ok
19:52:12.0245 6088 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:52:12.0247 6088 secdrv - ok
19:52:12.0288 6088 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:52:12.0292 6088 seclogon - ok
19:52:12.0317 6088 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:52:12.0322 6088 SENS - ok
19:52:12.0333 6088 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:52:12.0342 6088 SensrSvc - ok
19:52:12.0357 6088 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:52:12.0359 6088 Serenum - ok
19:52:12.0377 6088 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:52:12.0380 6088 Serial - ok
19:52:12.0393 6088 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:52:12.0395 6088 sermouse - ok
19:52:12.0431 6088 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:52:12.0442 6088 SessionEnv - ok
19:52:12.0504 6088 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:52:12.0508 6088 sffdisk - ok
19:52:12.0524 6088 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:52:12.0527 6088 sffp_mmc - ok
19:52:12.0552 6088 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:52:12.0556 6088 sffp_sd - ok
19:52:12.0597 6088 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:52:12.0602 6088 sfloppy - ok
19:52:12.0663 6088 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:52:12.0676 6088 SharedAccess - ok
19:52:12.0746 6088 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:52:12.0767 6088 ShellHWDetection - ok
19:52:12.0791 6088 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:52:12.0794 6088 SiSRaid2 - ok
19:52:12.0807 6088 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:52:12.0810 6088 SiSRaid4 - ok
19:52:12.0887 6088 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:52:13.0008 6088 SkypeUpdate - ok
19:52:13.0053 6088 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:52:13.0056 6088 Smb - ok
19:52:13.0093 6088 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:52:13.0104 6088 SNMPTRAP - ok
19:52:13.0118 6088 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:52:13.0120 6088 spldr - ok
19:52:13.0174 6088 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:52:13.0209 6088 Spooler - ok
19:52:13.0324 6088 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:52:13.0410 6088 sppsvc - ok
19:52:13.0459 6088 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:52:13.0482 6088 sppuinotify - ok
19:52:13.0534 6088 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:52:13.0542 6088 srv - ok
19:52:13.0567 6088 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:52:13.0575 6088 srv2 - ok
19:52:13.0598 6088 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:52:13.0603 6088 srvnet - ok
19:52:13.0626 6088 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:52:13.0634 6088 SSDPSRV - ok
19:52:13.0653 6088 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:52:13.0667 6088 SstpSvc - ok
19:52:13.0687 6088 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:52:13.0689 6088 stexstor - ok
19:52:13.0762 6088 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:52:13.0806 6088 stisvc - ok
19:52:13.0840 6088 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:52:13.0842 6088 swenum - ok
19:52:13.0889 6088 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:52:13.0898 6088 swprv - ok
19:52:13.0948 6088 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:52:13.0957 6088 SynTP - ok
19:52:14.0042 6088 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:52:14.0082 6088 SysMain - ok
19:52:14.0128 6088 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:52:14.0141 6088 TabletInputService - ok
19:52:14.0206 6088 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:52:14.0245 6088 TapiSrv - ok
19:52:14.0275 6088 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:52:14.0280 6088 TBS - ok
19:52:14.0361 6088 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:52:14.0417 6088 Tcpip - ok
19:52:14.0697 6088 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:52:14.0719 6088 TCPIP6 - ok
19:52:14.0781 6088 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:52:14.0784 6088 tcpipreg - ok
19:52:14.0811 6088 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:52:14.0813 6088 TDPIPE - ok
19:52:14.0856 6088 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:52:14.0859 6088 TDTCP - ok
19:52:14.0897 6088 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:52:14.0903 6088 tdx - ok
19:52:14.0944 6088 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:52:14.0947 6088 TermDD - ok
19:52:14.0998 6088 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:52:15.0043 6088 TermService - ok
19:52:15.0074 6088 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:52:15.0078 6088 Themes - ok
19:52:15.0108 6088 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:52:15.0111 6088 THREADORDER - ok
19:52:15.0131 6088 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:52:15.0145 6088 TrkWks - ok
19:52:15.0238 6088 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:52:15.0244 6088 TrustedInstaller - ok
19:52:15.0293 6088 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:15.0297 6088 tssecsrv - ok
19:52:15.0338 6088 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:52:15.0343 6088 TsUsbFlt - ok
19:52:15.0399 6088 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:52:15.0404 6088 tunnel - ok
19:52:15.0433 6088 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:52:15.0437 6088 uagp35 - ok
19:52:15.0455 6088 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
19:52:15.0459 6088 UBHelper - ok
19:52:15.0504 6088 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:52:15.0510 6088 udfs - ok
19:52:15.0555 6088 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:52:15.0567 6088 UI0Detect - ok
19:52:15.0590 6088 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:52:15.0592 6088 uliagpkx - ok
19:52:15.0631 6088 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:52:15.0634 6088 umbus - ok
19:52:15.0660 6088 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:52:15.0662 6088 UmPass - ok
19:52:15.0749 6088 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
19:52:15.0782 6088 Updater Service - ok
19:52:15.0818 6088 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:52:15.0826 6088 upnphost - ok
19:52:15.0872 6088 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:52:15.0875 6088 usbaudio - ok
19:52:15.0912 6088 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:52:15.0916 6088 usbccgp - ok
19:52:15.0955 6088 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:52:15.0960 6088 usbcir - ok
19:52:15.0988 6088 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:52:15.0993 6088 usbehci - ok
19:52:16.0021 6088 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
19:52:16.0025 6088 usbfilter - ok
19:52:16.0056 6088 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:52:16.0066 6088 usbhub - ok
19:52:16.0086 6088 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:52:16.0091 6088 usbohci - ok
19:52:16.0159 6088 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:52:16.0163 6088 usbprint - ok
19:52:16.0206 6088 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:52:16.0211 6088 usbscan - ok
19:52:16.0232 6088 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:16.0237 6088 USBSTOR - ok
19:52:16.0275 6088 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:52:16.0278 6088 usbuhci - ok
19:52:16.0334 6088 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:52:16.0341 6088 usbvideo - ok
19:52:16.0388 6088 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:52:16.0408 6088 UxSms - ok
19:52:16.0421 6088 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:52:16.0424 6088 VaultSvc - ok
19:52:16.0443 6088 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:52:16.0445 6088 vdrvroot - ok
19:52:16.0498 6088 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:52:16.0548 6088 vds - ok
19:52:16.0582 6088 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:16.0584 6088 vga - ok
19:52:16.0621 6088 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:52:16.0623 6088 VgaSave - ok
19:52:16.0656 6088 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:52:16.0660 6088 vhdmp - ok
19:52:16.0700 6088 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:52:16.0702 6088 viaide - ok
19:52:16.0726 6088 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:52:16.0729 6088 volmgr - ok
19:52:16.0773 6088 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:52:16.0779 6088 volmgrx - ok
19:52:16.0824 6088 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:52:16.0829 6088 volsnap - ok
19:52:16.0865 6088 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:52:16.0868 6088 vsmraid - ok
19:52:16.0952 6088 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:52:17.0024 6088 VSS - ok
19:52:17.0041 6088 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:52:17.0044 6088 vwifibus - ok
19:52:17.0061 6088 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:52:17.0063 6088 vwififlt - ok
19:52:17.0093 6088 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:52:17.0116 6088 W32Time - ok
19:52:17.0147 6088 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:52:17.0154 6088 WacomPen - ok
19:52:17.0184 6088 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:52:17.0188 6088 WANARP - ok
19:52:17.0193 6088 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:52:17.0196 6088 Wanarpv6 - ok
19:52:17.0247 6088 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:52:17.0326 6088 WatAdminSvc - ok
19:52:17.0395 6088 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:52:17.0479 6088 wbengine - ok
19:52:17.0516 6088 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:52:17.0550 6088 WbioSrvc - ok
19:52:17.0603 6088 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:52:17.0625 6088 wcncsvc - ok
19:52:17.0642 6088 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:52:17.0652 6088 WcsPlugInService - ok
19:52:17.0673 6088 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:52:17.0675 6088 Wd - ok
19:52:17.0700 6088 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
19:52:17.0714 6088 WDC_SAM - ok
19:52:17.0742 6088 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:52:17.0751 6088 Wdf01000 - ok
19:52:17.0774 6088 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:52:17.0779 6088 WdiServiceHost - ok
19:52:17.0787 6088 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:52:17.0791 6088 WdiSystemHost - ok
19:52:17.0842 6088 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:52:17.0884 6088 WebClient - ok
19:52:17.0906 6088 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:52:17.0921 6088 Wecsvc - ok
19:52:17.0937 6088 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:52:17.0943 6088 wercplsupport - ok
19:52:17.0963 6088 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:52:17.0976 6088 WerSvc - ok
19:52:18.0034 6088 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:52:18.0038 6088 WfpLwf - ok
19:52:18.0056 6088 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:52:18.0060 6088 WIMMount - ok
19:52:18.0123 6088 WinDefend - ok
19:52:18.0143 6088 WinHttpAutoProxySvc - ok
19:52:18.0232 6088 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:52:18.0240 6088 Winmgmt - ok
19:52:18.0339 6088 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:52:18.0439 6088 WinRM - ok
19:52:18.0486 6088 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:52:18.0488 6088 WinUsb - ok
19:52:18.0542 6088 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:52:18.0580 6088 Wlansvc - ok
19:52:18.0733 6088 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:52:18.0816 6088 wlidsvc - ok
19:52:18.0864 6088 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:52:18.0867 6088 WmiAcpi - ok
19:52:18.0913 6088 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:52:18.0920 6088 wmiApSrv - ok
19:52:18.0958 6088 WMPNetworkSvc - ok
19:52:18.0977 6088 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:52:18.0987 6088 WPCSvc - ok
19:52:19.0021 6088 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:52:19.0027 6088 WPDBusEnum - ok
19:52:19.0078 6088 [ B40CEF9AC9A29A9CBF767571172DB993 ] WRkrn C:\Windows\system32\drivers\WRkrn.sys
19:52:19.0083 6088 WRkrn - ok
19:52:19.0157 6088 [ FA473DF8D8E9DAAFEACE8965B5A64EDC ] WRSVC C:\Program Files\Webroot\WRSA.exe
19:52:19.0180 6088 WRSVC - ok
19:52:19.0201 6088 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:52:19.0203 6088 ws2ifsl - ok
19:52:19.0233 6088 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:52:19.0241 6088 wscsvc - ok
19:52:19.0249 6088 WSearch - ok
19:52:19.0360 6088 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:52:19.0411 6088 wuauserv - ok
19:52:19.0435 6088 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:52:19.0438 6088 WudfPf - ok
19:52:19.0499 6088 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:52:19.0506 6088 WUDFRd - ok
19:52:19.0546 6088 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:52:19.0570 6088 wudfsvc - ok
19:52:19.0622 6088 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:52:19.0644 6088 WwanSvc - ok
19:52:19.0669 6088 ================ Scan global ===============================
19:52:19.0802 6088 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:52:19.0867 6088 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:52:19.0917 6088 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:52:19.0954 6088 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:52:19.0993 6088 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:52:20.0001 6088 [Global] - ok
19:52:20.0001 6088 ================ Scan MBR ==================================
19:52:20.0012 6088 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:52:20.0338 6088 \Device\Harddisk0\DR0 - ok
19:52:20.0338 6088 ================ Scan VBR ==================================
19:52:20.0341 6088 [ D4E14106F3BBD8AEAB9E9265507BAF24 ] \Device\Harddisk0\DR0\Partition1
19:52:20.0343 6088 \Device\Harddisk0\DR0\Partition1 - ok
19:52:20.0352 6088 [ 0402F2BCF11075F733AEB019397EA53D ] \Device\Harddisk0\DR0\Partition2
19:52:20.0354 6088 \Device\Harddisk0\DR0\Partition2 - ok
19:52:20.0355 6088 ============================================================
19:52:20.0355 6088 Scan finished
19:52:20.0355 6088 ============================================================
19:52:20.0368 3428 Detected object count: 0
19:52:20.0368 3428 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-14 19:54:41
-----------------------------
19:54:41.946 OS Version: Windows x64 6.1.7601 Service Pack 1
19:54:41.947 Number of processors: 2 586 0x603
19:54:41.951 ComputerName: OWNER-PC UserName: Owner
19:54:43.378 Initialize success
19:54:45.615 AVAST engine defs: 12101401
19:54:55.243 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:54:55.247 Disk 0 Vendor: WDC_WD3200BEVT-22A23T0 01.01A01 Size: 305245MB BusType: 11
19:54:55.291 Disk 0 MBR read successfully
19:54:55.296 Disk 0 MBR scan
19:54:55.302 Disk 0 Windows 7 default MBR code
19:54:55.308 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14336 MB offset 2048
19:54:55.334 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 29362176
19:54:55.349 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290807 MB offset 29566976
19:54:55.365 Disk 0 scanning C:\Windows\system32\drivers
19:55:11.852 Service scanning
19:55:45.734 Service WRkrn C:\Windows\System32\drivers\WRkrn.sys **LOCKED** 32
19:55:47.098 Modules scanning
19:55:47.135 Disk 0 trace - called modules:
19:55:47.164 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:55:47.177 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80042da130]
19:55:47.184 3 CLASSPNP.SYS[fffff880019c543f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80042a6060]
19:55:48.109 AVAST engine scan C:\Windows
19:55:55.687 AVAST engine scan C:\Windows\system32
20:00:35.618 AVAST engine scan C:\Windows\system32\drivers
20:00:48.173 AVAST engine scan C:\Users\Owner
20:07:20.736 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
20:07:20.966 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"


The third did not give me a log. I will try again tomorrow and post the results if they are found. I do know it found two threats.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:03 PM

Posted 15 October 2012 - 12:26 AM

Ok.Post these logs together with ESET log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 RythmicJea

RythmicJea
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 16 October 2012 - 09:53 PM

ESET says that there were no threats found. Like I said previously, there were two threats found before so I went to "manage quarentine" and the two listed there are as follows:

C:\$RECYCLE.BIN\S-1-5-27-2444426472-3964989636-3504410827-1000\$RYD0JND.exe
C:\$RECYCLE.BIN\S-1-5-27-2444426472-3964989636-3504410827-1000\$RF1V5SZ.exe


Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Owner :: OWNER-PC [administrator]

10/15/2012 11:55:30 PM
mbam-log-2012-10-15 (23-55-30).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 359792
Time elapsed: 1 hour(s), 44 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox by Farbar Version: 23-07-2012
Ran by Owner (administrator) on 16-10-2012 at 20:02:55
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR5B93 Wireless Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : columbus.rr.com

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 88-AE-1D-13-0E-04
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : columbus.rr.com
Description . . . . . . . . . . . : Atheros AR5B93 Wireless Network Adapter
Physical Address. . . . . . . . . : 70-1A-04-E0-8F-3B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::edc9:381d:972c:fee7%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 16, 2012 7:55:32 PM
Lease Expires . . . . . . . . . . : Wednesday, October 17, 2012 7:55:32 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 191896068
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-B2-7E-7E-70-1A-04-E0-8F-3B
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.columbus.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : columbus.rr.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:106b:34c4:3f57:fe99(Preferred)
Link-local IPv6 Address . . . . . : fe80::106b:34c4:3f57:fe99%23(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2001:4860:400a:800::1003
74.125.225.35
74.125.225.36
74.125.225.37
74.125.225.38
74.125.225.39
74.125.225.40
74.125.225.41
74.125.225.46
74.125.225.32
74.125.225.33
74.125.225.34


Pinging google.com [74.125.225.37] with 32 bytes of data:
Request timed out.
Reply from 74.125.225.37: bytes=32 time=1219ms TTL=54

Ping statistics for 74.125.225.37:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 1219ms, Maximum = 1219ms, Average = 1219ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 209.18.47.61

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=1555ms TTL=52
Reply from 72.30.38.140: bytes=32 time=447ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 447ms, Maximum = 1555ms, Average = 1001ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...88 ae 1d 13 0e 04 ......Broadcom NetLink ™ Gigabit Ethernet
10...70 1a 04 e0 8f 3b ......Atheros AR5B93 Wireless Network Adapter
1...........................Software Loopback Interface 1
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
23...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.102 281
192.168.1.102 255.255.255.255 On-link 192.168.1.102 281
192.168.1.255 255.255.255.255 On-link 192.168.1.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
23 58 ::/0 On-link
1 306 ::1/128 On-link
23 58 2001::/32 On-link
23 306 2001:0:4137:9e76:106b:34c4:3f57:fe99/128
On-link
10 281 fe80::/64 On-link
23 306 fe80::/64 On-link
23 306 fe80::106b:34c4:3f57:fe99/128
On-link
10 281 fe80::edc9:381d:972c:fee7/128
On-link
1 306 ff00::/8 On-link
23 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/16/2012 03:00:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 02:55:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2012 02:55:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2012 02:55:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2012 02:55:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2012 02:43:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 02:41:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (10/15/2012 06:30:45 PM) (Source: Chrome) (User: Owner-PC)Owner-PC
Description: Chrome has encountered a fatal error.
ver=22.0.1229.94;lang=;id=;is_machine=0;upload=1;minidump=C:\Users\Owner\AppData\Local\Google\CrashReports\ec6ff208-43c7-4d47-a1ef-d32acc9136ac.dmp

Error: (10/15/2012 06:23:01 PM) (Source: Chrome) (User: Owner-PC)Owner-PC
Description: Chrome has encountered a fatal error.
ver=22.0.1229.94;lang=;id=;is_machine=0;upload=1;minidump=C:\Users\Owner\AppData\Local\Google\CrashReports\907a31f3-e5d6-4cdb-8df3-153d02bdaf47.dmp

Error: (10/15/2012 06:07:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (10/16/2012 08:02:35 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.102.
The computer with the IP address 192.168.1.101 did not allow the name to be claimed by
this computer.

Error: (10/16/2012 08:00:00 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (10/16/2012 08:00:00 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (10/16/2012 08:00:00 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (10/16/2012 08:00:00 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (10/16/2012 08:00:00 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (10/16/2012 08:00:00 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (10/16/2012 08:00:00 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (10/16/2012 08:00:00 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (10/16/2012 08:00:00 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 2.0.4)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advertising Center (Version: 0.0.0.2)
AMD USB Filter Driver (Version: 1.0.15.94)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Artemis Artemis (Version: 1.51.0)
ATI Catalyst Install Manager (Version: 3.0.765.0)
avast! Free Antivirus (Version: 7.0.1466.0)
AVG 2011 (Version: 10.0.1325)
AVG 2011 (Version: 10.0.1375)
Avira Free Antivirus (Version: 12.0.0.1199)
Backup Manager Basic (Version: 2.0.0.60)
Belarc Advisor 8.2 (Version: 8.2.7.5)
Best Buy Software Installer (Version: 2.3.0.1)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0329.836.13543)
Catalyst Control Center Graphics Full Existing (Version: 2010.0329.836.13543)
Catalyst Control Center Graphics Full New (Version: 2010.0329.836.13543)
Catalyst Control Center Graphics Light (Version: 2010.0329.836.13543)
Catalyst Control Center Graphics Previews Common (Version: 2010.0329.836.13543)
Catalyst Control Center InstallProxy (Version: 2010.0329.836.13543)
Catalyst Control Center Localization All (Version: 2010.0329.836.13543)
ccc-core-static (Version: 2010.0329.836.13543)
ccc-utility64 (Version: 2010.0329.836.13543)
CCC Help Chinese Standard (Version: 2010.0329.0835.13543)
CCC Help Chinese Traditional (Version: 2010.0329.0835.13543)
CCC Help Czech (Version: 2010.0329.0835.13543)
CCC Help Danish (Version: 2010.0329.0835.13543)
CCC Help Dutch (Version: 2010.0329.0835.13543)
CCC Help English (Version: 2010.0329.0835.13543)
CCC Help Finnish (Version: 2010.0329.0835.13543)
CCC Help French (Version: 2010.0329.0835.13543)
CCC Help German (Version: 2010.0329.0835.13543)
CCC Help Greek (Version: 2010.0329.0835.13543)
CCC Help Hungarian (Version: 2010.0329.0835.13543)
CCC Help Italian (Version: 2010.0329.0835.13543)
CCC Help Japanese (Version: 2010.0329.0835.13543)
CCC Help Korean (Version: 2010.0329.0835.13543)
CCC Help Norwegian (Version: 2010.0329.0835.13543)
CCC Help Polish (Version: 2010.0329.0835.13543)
CCC Help Portuguese (Version: 2010.0329.0835.13543)
CCC Help Russian (Version: 2010.0329.0835.13543)
CCC Help Spanish (Version: 2010.0329.0835.13543)
CCC Help Swedish (Version: 2010.0329.0835.13543)
CCC Help Thai (Version: 2010.0329.0835.13543)
CCC Help Turkish (Version: 2010.0329.0835.13543)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Complitly
Coupon Printer for Windows (Version: 5.0.0.1)
Curse Client (Version: 5.1.1.502)
CyberLink PowerDVD 9 (Version: 9.0.3216.50)
D3DX10 (Version: 15.4.2368.0902)
DivX Setup (Version: 2.6.1.9)
Elo Touchscreen Driver 5.3.0 (Version: 5.3.0 )
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Freecorder 5 (Version: 5.1)
Freecorder Toolbar (Version: 5.0.0.0)
Gateway InfoCentre (Version: 3.02.3000)
Gateway MyBackup (Version: 2.0.0.60)
Gateway Power Management (Version: 5.00.3003)
Gateway Recovery Management (Version: 4.05.3011)
Gateway Registration (Version: 1.03.3002)
Gateway ScreenSaver (Version: 1.1.0121.2010)
Gateway Social Networks (Version: 1.0.1721)
Gateway Updater (Version: 1.02.3001)
Google Chrome (Version: 22.0.1229.94)
Google Talk Plugin (Version: 3.9.1.9832)
Grapevine 3.0
HiJackThis (Version: 1.0.0)
Identity Card (Version: 1.00.3003)
ImagXpress (Version: 7.0.74.0)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 4.0.7)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Reader
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MotoHelper 2.0.24 Driver 4.7.1 (Version: 2.0.24)
MotoHelper MergeModules (Version: 1.0.0)
Motorola Mobile Drivers Installation 4.7.1 (Version: 4.7.1)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.6.2.101)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.37.100)
Nero StartSmart Help (Version: 9.4.27.100)
Nero StartSmart OEM (Version: 9.4.10.100)
NeroExpress (Version: 9.4.33.100)
neroxml (Version: 1.0.0)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
PowerDVD (Version: 9.00.0000)
QuickTime (Version: 7.72.80.56)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.5992)
Realtek High Definition Audio Driver (Version: 6.0.1.6004)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30113)
Skype™ 5.10 (Version: 5.10.116)
Spotify (Version: 0.8.4.124.ga3559d86)
SpywareBlaster 4.4 (Version: 4.4.0)
Synaptics Pointing Device Driver (Version: 14.0.19.0)
Tinker (Version: 1.0.0000.131)
Tinker (Version: 1.0.0001.131)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Ventrilo Client (Version: 3.0.7)
Veoh Web Player (Version: 1.1.2.0000)
Video Web Camera (Version: 0.5.31.1)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Webroot SecureAnywhere (Version: 8.0.2.27)
Welcome Center (Version: 1.01.3002)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPatrol (Version: 19.3.2010.5)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
World of Warcraft (Version: 5.0.5.16057)
Xvid MPEG-4 Video Codec

========================= Memory info: ===================================

Percentage of memory in use: 54%
Total physical RAM: 3834.9 MB
Available physical RAM: 1728.63 MB
Total Pagefile: 7667.99 MB
Available Pagefile: 5094.13 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.82 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:283.99 GB) (Free:186.19 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest Owner

========================= Restore Points ==================================

24-09-2012 03:09:38 Windows Backup
24-09-2012 03:11:36 Windows Update
27-09-2012 23:16:55 Windows Update
30-09-2012 23:00:12 Windows Backup
01-10-2012 23:00:39 Windows Update
02-10-2012 22:24:09 Windows Update
06-10-2012 01:23:39 Windows Update
08-10-2012 02:58:02 Windows Backup
09-10-2012 23:51:02 Windows Update
12-10-2012 04:19:08 Windows Update
14-10-2012 23:00:13 Windows Backup

**** End of log ****


Farbar Service Scanner Version: 07-10-2012
Ran by Owner (administrator) on 16-10-2012 at 20:06:53
Running from "C:\Users\Owner\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-10 22:11] - [2012-06-02 01:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v2.005 - Logfile created 10/16/2012 at 20:12:07
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Owner - OWNER-PC
# Boot Mode : Normal
# Running from : C:\Users\Owner\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Complitly
Folder Deleted : C:\Program Files (x86)\WebEnhancements
Folder Deleted : C:\ProgramData\~0
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Folder Deleted : C:\Users\Owner\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Owner\AppData\Roaming\Complitly
Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\gtmstvod.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}

***** [Registry] *****

Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\gtmstvod.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3272 octets] - [16/10/2012 20:12:07]

########## EOF - C:\AdwCleaner[S1].txt - [3332 octets] ##########


The last is still scanning and I will post it once it is done.

However, the ads from facebook have disappeared and I am able to do things on it that I wasn't before (like clicking "see more" and actually seeing more). But I do not know if the problem has been fixed or not.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:03 PM

Posted 16 October 2012 - 10:20 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 RythmicJea

RythmicJea
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 17 October 2012 - 10:46 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.6.7 (10.16.2012)
OS: Windows 7 Home Premium x64
Ran by Owner on Tue 10/16/2012 at 20:33:09.88
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files:

Successfully deleted: [FILE] C:\Program Files (x86)\coupons\Coupons.ico
Successfully deleted: [FILE] C:\Program Files (x86)\coupons\CouponsDotCom.url
Successfully deleted: [FILE] C:\Program Files (x86)\coupons\uninstall.exe



*** Folders:

Successfully deleted: [FOLDER] "C:\Program Files (x86)\coupons"
Successfully deleted: [FOLDER] "C:\Program Files (x86)\freecorder"



*** FireFox detected and repaired

Successfully deleted: [bing-zugo.xml] from C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\gtmstvod.default\searchplugins
Successfully deleted: [bing.xml.old] from "C:\Program Files (x86)\mozilla firefox\searchplugins"
Successfully deleted: [npCouponPrinter.dll] from [FF plugins]
Successfully deleted: [npMozCouponPrinter.dll] from [FF plugins]


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Wed 10/17/2012 at 23:20:25.57
End of Report


Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/17/2012 11:41:05 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Owner\AppData\Local\Apps\2.0\LPEKB2V2.G4V\1064BROG.1DV\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe (PID: 3928) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

Program finished at: 10/17/2012 11:41:45 PM
Execution time: 0 hours(s), 0 minute(s), and 39 seconds(s)


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
+ "avgnt" "Avira System Tray Tool" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\avgnt.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
X "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "WRSVC" "Webroot SecureAnywhere" "Webroot" "c:\program files\webroot\wrsa.exe"
"C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "CurseClientStartup.ccip" "" "" "c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\startup\curseclientstartup.ccip"
X "curseclientstartup.ccip" "" "" "c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\startup\autorunsdisabled\curseclientstartup.ccip"
X "OpenOffice.org 3.3.lnk" "" "" "c:\program files (x86)\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
X "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
X "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\owner\appdata\local\google\update\googleupdate.exe"
+ "Spotify Web Helper" "" "" "c:\users\owner\appdata\roaming\spotify\data\spotifywebhelper.exe"
X "uTorrent" "µTorrent" "BitTorrent, Inc." "c:\program files (x86)\utorrent\utorrent.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\shlext64.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "WRShellExt" "Webroot SecureAnywhere" "Webroot" "c:\windows\system32\wrusr.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
+ "WRShellExt" "Webroot SecureAnywhere" "Webroot" "c:\windows\syswow64\wrusr.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "" "File not found: C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Apache Software Foundation" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\shlext64.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "WRShellExt" "Webroot SecureAnywhere" "Webroot" "c:\windows\system32\wrusr.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
+ "WRShellExt" "Webroot SecureAnywhere" "Webroot" "c:\windows\syswow64\wrusr.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
X "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg10\avgssie.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Freecorder Toolbar" "dtx Dynamic Link Library" "" "c:\program files (x86)\freecordertoolbar\vmntemplatex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Freecorder Toolbar" "dtx Dynamic Link Library" "" "c:\program files (x86)\freecordertoolbar\vmntemplatex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-2444426472-3964989836-3504410827-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\owner\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-2444426472-3964989836-3504410827-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\owner\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2444426472-3964989836-3504410827-1000Core" "Google Installer" "Google Inc." "c:\users\owner\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2444426472-3964989836-3504410827-1000UA" "Google Installer" "Google Inc." "c:\users\owner\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-2444426472-3964989836-3504410827-1000" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-2444426472-3964989836-3504410827-1000" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\RunAsStdUser Task for VeohWebPlayer" "Veoh Web Player Beta" "Veoh Networks" "c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}" "" "" "File not found: C:\Windows\Umuwoa.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AntiVirSchedulerService" "Service to schedule Avira Free Antivirus jobs and updates." "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\sched.exe"
+ "AntiVirService" "Offers permanent protection against viruses and malware with the Avira search engine." "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\avguard.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
X "avgfws" "AVG Firewall Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg10\avgfws.exe"
X "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg10\avgwdsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "WRSVC" "Webroot SecureAnywhere Antivirus v8.0.2.27" "Webroot" "c:\program files\webroot\wrsa.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atipmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie.sys"
X "Avgfwfd" "AVG network filter driver" "" "File not found: system32\DRIVERS\avgfwd6a.sys"
X "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "" "File not found: system32\DRIVERS\AVGIDSDriver.Sys"
X "AVGIDSEH" "AVG Technologies IDS Application Activity Monitor Helper Driver" "" "File not found: system32\DRIVERS\AVGIDSEH.Sys"
X "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "" "File not found: system32\DRIVERS\AVGIDSFilter.Sys"
+ "avgntflt" "Avira mini-filter driver" "Avira GmbH" "c:\windows\system32\drivers\avgntflt.sys"
+ "avipbb" "Avira Security Enhancement Driver" "Avira GmbH" "c:\windows\system32\drivers\avipbb.sys"
+ "avkmgr" "Avira Manager Driver" "Avira GmbH" "c:\windows\system32\drivers\avkmgr.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BTCFilterService" "Motorola Unsafe Removal Filter Driver" "Motorola Inc" "c:\windows\system32\drivers\motfilt.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "EloUsbG2" "EloUsbG2 Elo Touchmonitors" "Elo Touchsystems" "c:\windows\system32\drivers\elousbg2.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "motccgp" "Motorola USB Composite Device Driver" "Motorola" "c:\windows\system32\drivers\motccgp.sys"
+ "motccgpfl" "Motorola USB Composite Filter Driver" "Motorola" "c:\windows\system32\drivers\motccgpfl.sys"
+ "motmodem" "Motorola USB Modem and Ports Driver" "Motorola" "c:\windows\system32\drivers\motmodem.sys"
+ "MotoSwitchService" "" "Motorola" "c:\windows\system32\drivers\motswch.sys"
+ "Motousbnet" "Motorola USB Networking Driver" "Motorola" "c:\windows\system32\drivers\motousbnet.sys"
+ "motusbdevice" "Motorola USB Device Driver" "Motorola Inc" "c:\windows\system32\drivers\motusbdevice.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NewTech Infosystems, Inc." "c:\windows\system32\drivers\ntidrvr.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTHDMIAzAudService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rthdmivx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "UBHelper" "NTI CDROM Filter Driver" "NewTech Infosystems Corporation" "c:\windows\system32\drivers\ubhelper.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
+ "WRkrn" "Webroot SecureAnywhere" "Webroot" "c:\windows\system32\drivers\wrkrn.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder (PDVD9)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD9)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD9)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD9)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudiocd.ax"
+ "Cyberlink Demuxer 2.0" "CLDemuxer2" "Cyberlink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD9)" "DigestFilter Dynamic Link Library" "" "c:\program files (x86)\cyberlink\powerdvd9\digestfilter.dll"
+ "CyberLink DVD Navigator (PDVD9)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clnavx.ax"
+ "CyberLink FLV Splitter (PDVD9)" "CyberLink FLV Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clflvsplitter.ax"
+ "CyberLink HD/BD Mixer (PDVD9)" "CLHBMixer" " " "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD9)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clline21.ax"
+ "CyberLink Matroska Splitter (PDVD9)" "CyberLink Matroska Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clmkvsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD9)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clm4splt.ax"
+ "CyberLink RealAudio Decoder (PDVD9)" "CyberLink RealMedia Audio Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter (PDVD9)" "CyberLink RealMedia Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder (PDVD9)" "CyberLink RealMedia Video Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clrmvd.ax"
+ "Cyberlink SubTitle Importor (PDVD9)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD9)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PDVD9)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\cltzan.ax"
+ "CyberLink Video/SP Decoder (PDVD9)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clvsd.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor4" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm4.dll"
+ "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"
+ "PCL hpf3lw73" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3lw73.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:03 PM

Posted 18 October 2012 - 03:59 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 RythmicJea

RythmicJea
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 18 October 2012 - 06:39 PM

Thank you very much! This helped a lot!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:03 PM

Posted 18 October 2012 - 08:04 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users