Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to remove ilitili.com


  • Please log in to reply
17 replies to this topic

#1 Na1a

Na1a

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 17 October 2012 - 01:14 AM

Getting popups from ilitili.com

Anyone know how to remove this?

Thanks

Edited by hamluis, 17 October 2012 - 06:44 AM.
Moved from Breaking Virus News to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 PM

Posted 17 October 2012 - 07:28 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Na1a

Na1a
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 06 November 2012 - 10:12 PM

TDSSkiller Log

17:01:58.0573 3780 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:01:59.0056 3780 ============================================================
17:01:59.0056 3780 Current date / time: 2012/11/06 17:01:59.0056
17:01:59.0056 3780 SystemInfo:
17:01:59.0056 3780
17:01:59.0056 3780 OS Version: 6.1.7601 ServicePack: 1.0
17:01:59.0056 3780 Product type: Workstation
17:01:59.0056 3780 ComputerName: HOME-PC
17:01:59.0056 3780 UserName: Home
17:01:59.0056 3780 Windows directory: C:\Windows
17:01:59.0056 3780 System windows directory: C:\Windows
17:01:59.0056 3780 Running under WOW64
17:01:59.0056 3780 Processor architecture: Intel x64
17:01:59.0056 3780 Number of processors: 4
17:01:59.0056 3780 Page size: 0x1000
17:01:59.0056 3780 Boot type: Normal boot
17:01:59.0056 3780 ============================================================
17:02:00.0164 3780 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:02:00.0180 3780 Drive \Device\Harddisk1\DR1 - Size: 0xEFBFFE00 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:02:08.0229 3780 Drive \Device\Harddisk6\DR6 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:02:08.0229 3780 ============================================================
17:02:08.0229 3780 \Device\Harddisk0\DR0:
17:02:08.0245 3780 MBR partitions:
17:02:08.0245 3780 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:02:08.0245 3780 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC350000
17:02:08.0245 3780 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72EDE1C1, BlocksNum 0x1827800
17:02:08.0245 3780 \Device\Harddisk1\DR1:
17:02:08.0245 3780 MBR partitions:
17:02:08.0245 3780 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x26, BlocksNum 0x779FC2
17:02:08.0245 3780 \Device\Harddisk6\DR6:
17:02:08.0245 3780 MBR partitions:
17:02:08.0245 3780 \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1
17:02:08.0245 3780 ============================================================
17:02:08.0245 3780 C: <-> \Device\Harddisk0\DR0\Partition2
17:02:08.0276 3780 D: <-> \Device\Harddisk0\DR0\Partition3
17:02:08.0307 3780 J: <-> \Device\Harddisk6\DR6\Partition1
17:02:08.0307 3780 ============================================================
17:02:08.0307 3780 Initialize success
17:02:08.0307 3780 ============================================================
17:02:39.0195 5912 ============================================================
17:02:39.0195 5912 Scan started
17:02:39.0195 5912 Mode: Manual; TDLFS;
17:02:39.0195 5912 ============================================================
17:02:39.0382 5912 ================ Scan system memory ========================
17:02:39.0382 5912 System memory - ok
17:02:39.0382 5912 ================ Scan services =============================
17:02:39.0429 5912 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:02:39.0429 5912 !SASCORE - ok
17:02:39.0507 5912 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:02:39.0507 5912 1394ohci - ok
17:02:39.0538 5912 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:02:39.0538 5912 ACPI - ok
17:02:39.0538 5912 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:02:39.0538 5912 AcpiPmi - ok
17:02:39.0601 5912 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:02:39.0601 5912 AdobeARMservice - ok
17:02:39.0679 5912 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:02:39.0694 5912 AdobeFlashPlayerUpdateSvc - ok
17:02:39.0710 5912 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:02:39.0710 5912 adp94xx - ok
17:02:39.0726 5912 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:02:39.0726 5912 adpahci - ok
17:02:39.0741 5912 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:02:39.0741 5912 adpu320 - ok
17:02:39.0772 5912 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:02:39.0772 5912 AeLookupSvc - ok
17:02:39.0804 5912 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:02:39.0819 5912 AFD - ok
17:02:39.0819 5912 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:02:39.0819 5912 agp440 - ok
17:02:39.0850 5912 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:02:39.0850 5912 ALG - ok
17:02:39.0850 5912 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:02:39.0850 5912 aliide - ok
17:02:39.0882 5912 [ 998021E7C3DE3E97E441ABACE498FFB6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:02:39.0882 5912 AMD External Events Utility - ok
17:02:39.0897 5912 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:02:39.0897 5912 amdide - ok
17:02:39.0897 5912 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:02:39.0913 5912 AmdK8 - ok
17:02:40.0006 5912 [ 250D5B746FFF9B7D88591EE60B63B3E4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:02:40.0100 5912 amdkmdag - ok
17:02:40.0131 5912 [ 781DAEC0C3E63950CCA53D193582F2E8 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:02:40.0131 5912 amdkmdap - ok
17:02:40.0147 5912 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:02:40.0147 5912 AmdPPM - ok
17:02:40.0162 5912 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:02:40.0162 5912 amdsata - ok
17:02:40.0178 5912 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:02:40.0178 5912 amdsbs - ok
17:02:40.0194 5912 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:02:40.0194 5912 amdxata - ok
17:02:40.0209 5912 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:02:40.0209 5912 AppID - ok
17:02:40.0209 5912 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:02:40.0209 5912 AppIDSvc - ok
17:02:40.0225 5912 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:02:40.0225 5912 Appinfo - ok
17:02:40.0256 5912 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:02:40.0256 5912 Apple Mobile Device - ok
17:02:40.0272 5912 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:02:40.0287 5912 arc - ok
17:02:40.0287 5912 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:02:40.0287 5912 arcsas - ok
17:02:40.0334 5912 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:02:40.0334 5912 aspnet_state - ok
17:02:40.0365 5912 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:02:40.0365 5912 AsyncMac - ok
17:02:40.0365 5912 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:02:40.0365 5912 atapi - ok
17:02:40.0474 5912 [ 250D5B746FFF9B7D88591EE60B63B3E4 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:02:40.0521 5912 atikmdag - ok
17:02:40.0537 5912 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:02:40.0537 5912 AudioEndpointBuilder - ok
17:02:40.0552 5912 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:02:40.0552 5912 AudioSrv - ok
17:02:40.0568 5912 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:02:40.0568 5912 AxInstSV - ok
17:02:40.0584 5912 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:02:40.0599 5912 b06bdrv - ok
17:02:40.0615 5912 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:02:40.0615 5912 b57nd60a - ok
17:02:40.0646 5912 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
17:02:40.0646 5912 BBSvc - ok
17:02:40.0677 5912 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
17:02:40.0677 5912 BBUpdate - ok
17:02:40.0693 5912 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:02:40.0693 5912 BDESVC - ok
17:02:40.0693 5912 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:02:40.0708 5912 Beep - ok
17:02:40.0724 5912 [ DEB50775179A87BC038515B5024E78B3 ] BeFrugal.com Service C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe
17:02:40.0724 5912 BeFrugal.com Service - ok
17:02:40.0755 5912 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:02:40.0755 5912 BFE - ok
17:02:40.0786 5912 [ 1B63F2B7CA6B5290CC124CDD07520BC9 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
17:02:40.0786 5912 BingDesktopUpdate - ok
17:02:40.0802 5912 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:02:40.0818 5912 BITS - ok
17:02:40.0818 5912 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:02:40.0818 5912 blbdrive - ok
17:02:40.0849 5912 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:02:40.0849 5912 Bonjour Service - ok
17:02:40.0880 5912 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:02:40.0880 5912 bowser - ok
17:02:40.0896 5912 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:02:40.0896 5912 BrFiltLo - ok
17:02:40.0911 5912 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:02:40.0911 5912 BrFiltUp - ok
17:02:40.0927 5912 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:02:40.0927 5912 Browser - ok
17:02:40.0942 5912 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:02:40.0958 5912 Brserid - ok
17:02:40.0958 5912 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:02:40.0958 5912 BrSerWdm - ok
17:02:40.0989 5912 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:02:40.0989 5912 BrUsbMdm - ok
17:02:40.0989 5912 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:02:40.0989 5912 BrUsbSer - ok
17:02:41.0005 5912 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:02:41.0005 5912 BTHMODEM - ok
17:02:41.0020 5912 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:02:41.0020 5912 bthserv - ok
17:02:41.0036 5912 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:02:41.0036 5912 cdfs - ok
17:02:41.0052 5912 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:02:41.0052 5912 cdrom - ok
17:02:41.0067 5912 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:02:41.0067 5912 CertPropSvc - ok
17:02:41.0083 5912 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:02:41.0083 5912 circlass - ok
17:02:41.0098 5912 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:02:41.0114 5912 CLFS - ok
17:02:41.0130 5912 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:02:41.0130 5912 clr_optimization_v2.0.50727_32 - ok
17:02:41.0161 5912 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:02:41.0176 5912 clr_optimization_v2.0.50727_64 - ok
17:02:41.0208 5912 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:02:41.0208 5912 clr_optimization_v4.0.30319_32 - ok
17:02:41.0223 5912 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:02:41.0223 5912 clr_optimization_v4.0.30319_64 - ok
17:02:41.0223 5912 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:02:41.0223 5912 CmBatt - ok
17:02:41.0239 5912 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:02:41.0239 5912 cmdide - ok
17:02:41.0254 5912 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
17:02:41.0254 5912 CNG - ok
17:02:41.0270 5912 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:02:41.0270 5912 Compbatt - ok
17:02:41.0286 5912 [ 59D203C3F46F3CA536ECAC0E084CD887 ] CompFilter64 C:\Windows\system32\DRIVERS\lvbflt64.sys
17:02:41.0286 5912 CompFilter64 - ok
17:02:41.0301 5912 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:02:41.0301 5912 CompositeBus - ok
17:02:41.0301 5912 COMSysApp - ok
17:02:41.0317 5912 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:02:41.0317 5912 crcdisk - ok
17:02:41.0332 5912 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:02:41.0332 5912 CryptSvc - ok
17:02:41.0348 5912 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:02:41.0348 5912 DcomLaunch - ok
17:02:41.0379 5912 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:02:41.0379 5912 defragsvc - ok
17:02:41.0395 5912 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:02:41.0395 5912 DfsC - ok
17:02:41.0410 5912 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:02:41.0410 5912 Dhcp - ok
17:02:41.0410 5912 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:02:41.0410 5912 discache - ok
17:02:41.0442 5912 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:02:41.0442 5912 Disk - ok
17:02:41.0457 5912 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:02:41.0457 5912 Dnscache - ok
17:02:41.0473 5912 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:02:41.0473 5912 dot3svc - ok
17:02:41.0488 5912 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:02:41.0488 5912 DPS - ok
17:02:41.0504 5912 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:02:41.0504 5912 drmkaud - ok
17:02:41.0535 5912 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:02:41.0535 5912 DXGKrnl - ok
17:02:41.0551 5912 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:02:41.0551 5912 EapHost - ok
17:02:41.0598 5912 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:02:41.0629 5912 ebdrv - ok
17:02:41.0660 5912 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:02:41.0660 5912 EFS - ok
17:02:41.0691 5912 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:02:41.0691 5912 ehRecvr - ok
17:02:41.0707 5912 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:02:41.0707 5912 ehSched - ok
17:02:41.0722 5912 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:02:41.0738 5912 elxstor - ok
17:02:41.0738 5912 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:02:41.0754 5912 ErrDev - ok
17:02:41.0769 5912 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:02:41.0769 5912 EventSystem - ok
17:02:41.0785 5912 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:02:41.0785 5912 exfat - ok
17:02:41.0800 5912 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:02:41.0816 5912 fastfat - ok
17:02:41.0832 5912 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:02:41.0832 5912 Fax - ok
17:02:41.0847 5912 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:02:41.0847 5912 fdc - ok
17:02:41.0863 5912 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:02:41.0863 5912 fdPHost - ok
17:02:41.0878 5912 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:02:41.0878 5912 FDResPub - ok
17:02:41.0894 5912 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:02:41.0894 5912 FileInfo - ok
17:02:41.0910 5912 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:02:41.0910 5912 Filetrace - ok
17:02:41.0910 5912 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:02:41.0910 5912 flpydisk - ok
17:02:41.0925 5912 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:02:41.0941 5912 FltMgr - ok
17:02:41.0956 5912 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:02:41.0988 5912 FontCache - ok
17:02:42.0019 5912 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:02:42.0019 5912 FontCache3.0.0.0 - ok
17:02:42.0019 5912 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:02:42.0034 5912 FsDepends - ok
17:02:42.0034 5912 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:02:42.0034 5912 Fs_Rec - ok
17:02:42.0050 5912 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:02:42.0066 5912 fvevol - ok
17:02:42.0066 5912 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:02:42.0066 5912 gagp30kx - ok
17:02:42.0097 5912 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:02:42.0097 5912 GEARAspiWDM - ok
17:02:42.0112 5912 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:02:42.0128 5912 gpsvc - ok
17:02:42.0128 5912 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:02:42.0128 5912 hcw85cir - ok
17:02:42.0159 5912 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:02:42.0175 5912 HdAudAddService - ok
17:02:42.0190 5912 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:02:42.0190 5912 HDAudBus - ok
17:02:42.0206 5912 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:02:42.0206 5912 HidBatt - ok
17:02:42.0206 5912 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:02:42.0206 5912 HidBth - ok
17:02:42.0222 5912 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:02:42.0222 5912 HidIr - ok
17:02:42.0237 5912 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:02:42.0237 5912 hidserv - ok
17:02:42.0253 5912 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:02:42.0253 5912 HidUsb - ok
17:02:42.0268 5912 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:02:42.0268 5912 hkmsvc - ok
17:02:42.0268 5912 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:02:42.0284 5912 HomeGroupListener - ok
17:02:42.0300 5912 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:02:42.0300 5912 HomeGroupProvider - ok
17:02:42.0362 5912 [ 97AAC45A375168C6A2297BEEB9692E31 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:02:42.0362 5912 hpqcxs08 - ok
17:02:42.0378 5912 [ 19A4FB67B1C97EA18EDFF44340973CD9 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:02:42.0378 5912 hpqddsvc - ok
17:02:42.0393 5912 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:02:42.0393 5912 HpSAMD - ok
17:02:42.0424 5912 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:02:42.0424 5912 HPSLPSVC - ok
17:02:42.0456 5912 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:02:42.0456 5912 HTTP - ok
17:02:42.0471 5912 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:02:42.0471 5912 hwpolicy - ok
17:02:42.0471 5912 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:02:42.0487 5912 i8042prt - ok
17:02:42.0502 5912 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:02:42.0518 5912 iaStorV - ok
17:02:42.0549 5912 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:02:42.0549 5912 idsvc - ok
17:02:42.0565 5912 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:02:42.0580 5912 iirsp - ok
17:02:42.0596 5912 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:02:42.0612 5912 IKEEXT - ok
17:02:42.0643 5912 [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:02:42.0658 5912 IntcAzAudAddService - ok
17:02:42.0674 5912 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:02:42.0690 5912 intelide - ok
17:02:42.0690 5912 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:02:42.0690 5912 intelppm - ok
17:02:42.0705 5912 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:02:42.0705 5912 IPBusEnum - ok
17:02:42.0721 5912 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:02:42.0721 5912 IpFilterDriver - ok
17:02:42.0736 5912 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:02:42.0752 5912 iphlpsvc - ok
17:02:42.0752 5912 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:02:42.0752 5912 IPMIDRV - ok
17:02:42.0768 5912 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:02:42.0768 5912 IPNAT - ok
17:02:42.0799 5912 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:02:42.0814 5912 iPod Service - ok
17:02:42.0814 5912 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:02:42.0814 5912 IRENUM - ok
17:02:42.0830 5912 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:02:42.0830 5912 isapnp - ok
17:02:42.0846 5912 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:02:42.0846 5912 iScsiPrt - ok
17:02:42.0861 5912 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:02:42.0861 5912 kbdclass - ok
17:02:42.0861 5912 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:02:42.0861 5912 kbdhid - ok
17:02:42.0877 5912 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:02:42.0877 5912 KeyIso - ok
17:02:42.0908 5912 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:02:42.0908 5912 KSecDD - ok
17:02:42.0924 5912 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:02:42.0924 5912 KSecPkg - ok
17:02:42.0924 5912 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:02:42.0924 5912 ksthunk - ok
17:02:42.0939 5912 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:02:42.0939 5912 KtmRm - ok
17:02:42.0970 5912 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:02:42.0970 5912 LanmanServer - ok
17:02:42.0986 5912 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:02:43.0002 5912 LanmanWorkstation - ok
17:02:43.0017 5912 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:02:43.0017 5912 lltdio - ok
17:02:43.0033 5912 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:02:43.0033 5912 lltdsvc - ok
17:02:43.0048 5912 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:02:43.0048 5912 lmhosts - ok
17:02:43.0064 5912 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:02:43.0064 5912 LSI_FC - ok
17:02:43.0080 5912 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:02:43.0080 5912 LSI_SAS - ok
17:02:43.0095 5912 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:02:43.0095 5912 LSI_SAS2 - ok
17:02:43.0111 5912 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:02:43.0111 5912 LSI_SCSI - ok
17:02:43.0126 5912 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:02:43.0126 5912 luafv - ok
17:02:43.0158 5912 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
17:02:43.0158 5912 LVRS64 - ok
17:02:43.0220 5912 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
17:02:43.0282 5912 LVUVC64 - ok
17:02:43.0298 5912 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:02:43.0314 5912 Mcx2Svc - ok
17:02:43.0314 5912 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:02:43.0314 5912 megasas - ok
17:02:43.0329 5912 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:02:43.0329 5912 MegaSR - ok
17:02:43.0376 5912 Microsoft SharePoint Workspace Audit Service - ok
17:02:43.0392 5912 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:02:43.0392 5912 MMCSS - ok
17:02:43.0392 5912 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:02:43.0392 5912 Modem - ok
17:02:43.0407 5912 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:02:43.0407 5912 monitor - ok
17:02:43.0423 5912 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:02:43.0423 5912 mouclass - ok
17:02:43.0423 5912 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:02:43.0423 5912 mouhid - ok
17:02:43.0438 5912 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:02:43.0454 5912 mountmgr - ok
17:02:43.0470 5912 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:02:43.0470 5912 MozillaMaintenance - ok
17:02:43.0501 5912 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:02:43.0501 5912 MpFilter - ok
17:02:43.0516 5912 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:02:43.0516 5912 mpio - ok
17:02:43.0532 5912 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:02:43.0532 5912 mpsdrv - ok
17:02:43.0548 5912 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:02:43.0563 5912 MpsSvc - ok
17:02:43.0563 5912 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:02:43.0579 5912 MRxDAV - ok
17:02:43.0594 5912 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:02:43.0594 5912 mrxsmb - ok
17:02:43.0594 5912 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:02:43.0610 5912 mrxsmb10 - ok
17:02:43.0610 5912 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:02:43.0610 5912 mrxsmb20 - ok
17:02:43.0626 5912 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:02:43.0626 5912 msahci - ok
17:02:43.0626 5912 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:02:43.0641 5912 msdsm - ok
17:02:43.0641 5912 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:02:43.0657 5912 MSDTC - ok
17:02:43.0672 5912 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:02:43.0672 5912 Msfs - ok
17:02:43.0688 5912 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:02:43.0688 5912 mshidkmdf - ok
17:02:43.0704 5912 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:02:43.0704 5912 msisadrv - ok
17:02:43.0719 5912 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:02:43.0719 5912 MSiSCSI - ok
17:02:43.0735 5912 msiserver - ok
17:02:43.0735 5912 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:02:43.0735 5912 MSKSSRV - ok
17:02:43.0782 5912 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:02:43.0782 5912 MsMpSvc - ok
17:02:43.0782 5912 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:02:43.0797 5912 MSPCLOCK - ok
17:02:43.0797 5912 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:02:43.0813 5912 MSPQM - ok
17:02:43.0813 5912 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:02:43.0828 5912 MsRPC - ok
17:02:43.0844 5912 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:02:43.0844 5912 mssmbios - ok
17:02:43.0844 5912 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:02:43.0844 5912 MSTEE - ok
17:02:43.0860 5912 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:02:43.0860 5912 MTConfig - ok
17:02:43.0875 5912 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:02:43.0875 5912 Mup - ok
17:02:43.0891 5912 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:02:43.0891 5912 napagent - ok
17:02:43.0906 5912 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:02:43.0922 5912 NativeWifiP - ok
17:02:43.0953 5912 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:02:43.0969 5912 NDIS - ok
17:02:43.0969 5912 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:02:43.0969 5912 NdisCap - ok
17:02:43.0984 5912 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:02:43.0984 5912 NdisTapi - ok
17:02:44.0000 5912 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:02:44.0000 5912 Ndisuio - ok
17:02:44.0016 5912 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:02:44.0031 5912 NdisWan - ok
17:02:44.0031 5912 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:02:44.0047 5912 NDProxy - ok
17:02:44.0094 5912 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:02:44.0094 5912 Net Driver HPZ12 - ok
17:02:44.0094 5912 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:02:44.0094 5912 NetBIOS - ok
17:02:44.0125 5912 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:02:44.0125 5912 NetBT - ok
17:02:44.0125 5912 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:02:44.0125 5912 Netlogon - ok
17:02:44.0156 5912 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:02:44.0156 5912 Netman - ok
17:02:44.0172 5912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:44.0172 5912 NetMsmqActivator - ok
17:02:44.0187 5912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:44.0187 5912 NetPipeActivator - ok
17:02:44.0187 5912 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:02:44.0203 5912 netprofm - ok
17:02:44.0203 5912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:44.0203 5912 NetTcpActivator - ok
17:02:44.0218 5912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:44.0218 5912 NetTcpPortSharing - ok
17:02:44.0234 5912 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:02:44.0234 5912 nfrd960 - ok
17:02:44.0234 5912 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:02:44.0234 5912 NisDrv - ok
17:02:44.0250 5912 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:02:44.0250 5912 NisSrv - ok
17:02:44.0296 5912 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:02:44.0312 5912 NlaSvc - ok
17:02:44.0312 5912 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:02:44.0312 5912 Npfs - ok
17:02:44.0328 5912 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:02:44.0328 5912 nsi - ok
17:02:44.0328 5912 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:02:44.0343 5912 nsiproxy - ok
17:02:44.0374 5912 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:02:44.0390 5912 Ntfs - ok
17:02:44.0390 5912 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:02:44.0406 5912 Null - ok
17:02:44.0421 5912 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:02:44.0421 5912 nvraid - ok
17:02:44.0437 5912 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:02:44.0437 5912 nvstor - ok
17:02:44.0452 5912 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:02:44.0452 5912 nv_agp - ok
17:02:44.0468 5912 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:02:44.0468 5912 ohci1394 - ok
17:02:44.0499 5912 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:02:44.0499 5912 ose - ok
17:02:44.0577 5912 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:02:44.0640 5912 osppsvc - ok
17:02:44.0655 5912 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:02:44.0671 5912 p2pimsvc - ok
17:02:44.0686 5912 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:02:44.0686 5912 p2psvc - ok
17:02:44.0702 5912 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:02:44.0702 5912 Parport - ok
17:02:44.0733 5912 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:02:44.0733 5912 partmgr - ok
17:02:44.0749 5912 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:02:44.0749 5912 PcaSvc - ok
17:02:44.0764 5912 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:02:44.0764 5912 pci - ok
17:02:44.0780 5912 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:02:44.0780 5912 pciide - ok
17:02:44.0780 5912 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:02:44.0796 5912 pcmcia - ok
17:02:44.0796 5912 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:02:44.0811 5912 pcw - ok
17:02:44.0827 5912 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:02:44.0827 5912 PEAUTH - ok
17:02:44.0874 5912 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:02:44.0889 5912 PerfHost - ok
17:02:44.0920 5912 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:02:44.0936 5912 pla - ok
17:02:44.0967 5912 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:02:44.0967 5912 PlugPlay - ok
17:02:45.0014 5912 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:02:45.0014 5912 Pml Driver HPZ12 - ok
17:02:45.0030 5912 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:02:45.0030 5912 PNRPAutoReg - ok
17:02:45.0045 5912 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:02:45.0045 5912 PNRPsvc - ok
17:02:45.0076 5912 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:02:45.0076 5912 PolicyAgent - ok
17:02:45.0092 5912 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:02:45.0092 5912 Power - ok
17:02:45.0123 5912 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:02:45.0123 5912 PptpMiniport - ok
17:02:45.0139 5912 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:02:45.0139 5912 Processor - ok
17:02:45.0170 5912 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:02:45.0170 5912 ProfSvc - ok
17:02:45.0186 5912 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:02:45.0186 5912 ProtectedStorage - ok
17:02:45.0186 5912 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:02:45.0186 5912 Psched - ok
17:02:45.0217 5912 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:02:45.0232 5912 ql2300 - ok
17:02:45.0248 5912 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:02:45.0248 5912 ql40xx - ok
17:02:45.0264 5912 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:02:45.0264 5912 QWAVE - ok
17:02:45.0279 5912 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:02:45.0279 5912 QWAVEdrv - ok
17:02:45.0388 5912 [ F98487B25828441B1C6488C642C2AC10 ] RapportCerberus_43926 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys
17:02:45.0388 5912 RapportCerberus_43926 - ok
17:02:45.0435 5912 [ 463F084AD6E8EB0AD8656165C41289C2 ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
17:02:45.0435 5912 RapportEI64 - ok
17:02:45.0466 5912 [ BB3D8C466178BF72FEB084FC85D764E6 ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys
17:02:45.0466 5912 RapportKE64 - ok
17:02:45.0482 5912 [ 2E35747769F297086505138E0B0A08F3 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
17:02:45.0498 5912 RapportMgmtService - ok
17:02:45.0513 5912 [ 3A3CA7B0D258E272DA572DEAE27D6A30 ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
17:02:45.0513 5912 RapportPG64 - ok
17:02:45.0529 5912 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:02:45.0529 5912 RasAcd - ok
17:02:45.0544 5912 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:02:45.0544 5912 RasAgileVpn - ok
17:02:45.0560 5912 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:02:45.0560 5912 RasAuto - ok
17:02:45.0576 5912 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:02:45.0576 5912 Rasl2tp - ok
17:02:45.0576 5912 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:02:45.0591 5912 RasMan - ok
17:02:45.0622 5912 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:02:45.0622 5912 RasPppoe - ok
17:02:45.0622 5912 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:02:45.0622 5912 RasSstp - ok
17:02:45.0638 5912 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:02:45.0638 5912 rdbss - ok
17:02:45.0654 5912 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:02:45.0654 5912 rdpbus - ok
17:02:45.0669 5912 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:02:45.0669 5912 RDPCDD - ok
17:02:45.0685 5912 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:02:45.0685 5912 RDPENCDD - ok
17:02:45.0700 5912 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:02:45.0700 5912 RDPREFMP - ok
17:02:45.0732 5912 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:02:45.0732 5912 RdpVideoMiniport - ok
17:02:45.0747 5912 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:02:45.0747 5912 RDPWD - ok
17:02:45.0763 5912 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:02:45.0763 5912 rdyboost - ok
17:02:45.0778 5912 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:02:45.0778 5912 RemoteAccess - ok
17:02:45.0794 5912 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:02:45.0794 5912 RemoteRegistry - ok
17:02:45.0825 5912 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:02:45.0825 5912 RpcEptMapper - ok
17:02:45.0825 5912 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:02:45.0841 5912 RpcLocator - ok
17:02:45.0841 5912 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:02:45.0856 5912 RpcSs - ok
17:02:45.0872 5912 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:02:45.0872 5912 rspndr - ok
17:02:45.0888 5912 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:02:45.0888 5912 RTL8167 - ok
17:02:45.0903 5912 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:02:45.0903 5912 SamSs - ok
17:02:45.0919 5912 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:02:45.0919 5912 SASDIFSV - ok
17:02:45.0934 5912 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:02:45.0934 5912 SASKUTIL - ok
17:02:45.0950 5912 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:02:45.0950 5912 sbp2port - ok
17:02:45.0966 5912 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:02:45.0966 5912 SCardSvr - ok
17:02:45.0966 5912 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:02:45.0966 5912 scfilter - ok
17:02:45.0997 5912 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:02:46.0012 5912 Schedule - ok
17:02:46.0028 5912 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:02:46.0028 5912 SCPolicySvc - ok
17:02:46.0044 5912 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:02:46.0044 5912 SDRSVC - ok
17:02:46.0059 5912 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:02:46.0059 5912 secdrv - ok
17:02:46.0059 5912 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:02:46.0075 5912 seclogon - ok
17:02:46.0075 5912 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:02:46.0075 5912 SENS - ok
17:02:46.0106 5912 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:02:46.0106 5912 SensrSvc - ok
17:02:46.0122 5912 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:02:46.0122 5912 Serenum - ok
17:02:46.0137 5912 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:02:46.0137 5912 Serial - ok
17:02:46.0153 5912 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:02:46.0153 5912 sermouse - ok
17:02:46.0184 5912 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:02:46.0184 5912 SessionEnv - ok
17:02:46.0200 5912 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:02:46.0200 5912 sffdisk - ok
17:02:46.0200 5912 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:02:46.0200 5912 sffp_mmc - ok
17:02:46.0215 5912 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:02:46.0215 5912 sffp_sd - ok
17:02:46.0231 5912 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:02:46.0231 5912 sfloppy - ok
17:02:46.0246 5912 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:02:46.0246 5912 SharedAccess - ok
17:02:46.0262 5912 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:02:46.0262 5912 ShellHWDetection - ok
17:02:46.0278 5912 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:02:46.0278 5912 SiSRaid2 - ok
17:02:46.0293 5912 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:02:46.0293 5912 SiSRaid4 - ok
17:02:46.0293 5912 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:02:46.0293 5912 Smb - ok
17:02:46.0324 5912 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:02:46.0324 5912 SNMPTRAP - ok
17:02:46.0340 5912 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:02:46.0340 5912 spldr - ok
17:02:46.0356 5912 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:02:46.0371 5912 Spooler - ok
17:02:46.0402 5912 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:02:46.0449 5912 sppsvc - ok
17:02:46.0465 5912 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:02:46.0480 5912 sppuinotify - ok
17:02:46.0496 5912 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:02:46.0496 5912 srv - ok
17:02:46.0512 5912 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:02:46.0527 5912 srv2 - ok
17:02:46.0527 5912 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:02:46.0527 5912 srvnet - ok
17:02:46.0543 5912 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:02:46.0558 5912 SSDPSRV - ok
17:02:46.0558 5912 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:02:46.0558 5912 SstpSvc - ok
17:02:46.0574 5912 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:02:46.0590 5912 stexstor - ok
17:02:46.0605 5912 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:02:46.0605 5912 StillCam - ok
17:02:46.0621 5912 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:02:46.0636 5912 stisvc - ok
17:02:46.0636 5912 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:02:46.0636 5912 swenum - ok
17:02:46.0652 5912 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:02:46.0652 5912 swprv - ok
17:02:46.0683 5912 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:02:46.0714 5912 SysMain - ok
17:02:46.0714 5912 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:02:46.0730 5912 TabletInputService - ok
17:02:46.0746 5912 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:02:46.0746 5912 TapiSrv - ok
17:02:46.0761 5912 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:02:46.0761 5912 TBS - ok
17:02:46.0808 5912 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:02:46.0824 5912 Tcpip - ok
17:02:46.0855 5912 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:02:46.0870 5912 TCPIP6 - ok
17:02:46.0886 5912 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:02:46.0886 5912 tcpipreg - ok
17:02:46.0902 5912 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:02:46.0902 5912 TDPIPE - ok
17:02:46.0917 5912 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:02:46.0917 5912 TDTCP - ok
17:02:46.0933 5912 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:02:46.0933 5912 tdx - ok
17:02:46.0933 5912 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:02:46.0948 5912 TermDD - ok
17:02:46.0964 5912 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:02:46.0964 5912 TermService - ok
17:02:46.0980 5912 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:02:46.0980 5912 Themes - ok
17:02:46.0995 5912 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:02:47.0011 5912 THREADORDER - ok
17:02:47.0011 5912 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:02:47.0026 5912 TrkWks - ok
17:02:47.0042 5912 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:02:47.0058 5912 TrustedInstaller - ok
17:02:47.0073 5912 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:02:47.0073 5912 tssecsrv - ok
17:02:47.0089 5912 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:02:47.0089 5912 TsUsbFlt - ok
17:02:47.0104 5912 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:02:47.0104 5912 TsUsbGD - ok
17:02:47.0136 5912 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:02:47.0136 5912 tunnel - ok
17:02:47.0136 5912 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:02:47.0151 5912 uagp35 - ok
17:02:47.0167 5912 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:02:47.0167 5912 udfs - ok
17:02:47.0182 5912 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:02:47.0198 5912 UI0Detect - ok
17:02:47.0198 5912 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:02:47.0214 5912 uliagpkx - ok
17:02:47.0214 5912 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:02:47.0229 5912 umbus - ok
17:02:47.0229 5912 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:02:47.0245 5912 UmPass - ok
17:02:47.0276 5912 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:02:47.0292 5912 UMVPFSrv - ok
17:02:47.0292 5912 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:02:47.0307 5912 upnphost - ok
17:02:47.0323 5912 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:02:47.0323 5912 USBAAPL64 - ok
17:02:47.0354 5912 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:02:47.0354 5912 usbaudio - ok
17:02:47.0354 5912 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:02:47.0370 5912 usbccgp - ok
17:02:47.0385 5912 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:02:47.0385 5912 usbcir - ok
17:02:47.0401 5912 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:02:47.0401 5912 usbehci - ok
17:02:47.0416 5912 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:02:47.0416 5912 usbhub - ok
17:02:47.0432 5912 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:02:47.0432 5912 usbohci - ok
17:02:47.0448 5912 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:02:47.0448 5912 usbprint - ok
17:02:47.0448 5912 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:02:47.0448 5912 USBSTOR - ok
17:02:47.0463 5912 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:02:47.0463 5912 usbuhci - ok
17:02:47.0479 5912 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:02:47.0479 5912 usbvideo - ok
17:02:47.0479 5912 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:02:47.0479 5912 UxSms - ok
17:02:47.0494 5912 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:02:47.0494 5912 VaultSvc - ok
17:02:47.0510 5912 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:02:47.0510 5912 vdrvroot - ok
17:02:47.0526 5912 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:02:47.0541 5912 vds - ok
17:02:47.0557 5912 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:02:47.0557 5912 vga - ok
17:02:47.0572 5912 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:02:47.0572 5912 VgaSave - ok
17:02:47.0588 5912 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:02:47.0588 5912 vhdmp - ok
17:02:47.0604 5912 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:02:47.0604 5912 viaide - ok
17:02:47.0619 5912 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:02:47.0619 5912 volmgr - ok
17:02:47.0619 5912 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:02:47.0635 5912 volmgrx - ok
17:02:47.0650 5912 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:02:47.0650 5912 volsnap - ok
17:02:47.0666 5912 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:02:47.0666 5912 vsmraid - ok
17:02:47.0697 5912 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:02:47.0713 5912 VSS - ok
17:02:47.0728 5912 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:02:47.0728 5912 vwifibus - ok
17:02:47.0744 5912 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:02:47.0744 5912 W32Time - ok
17:02:47.0760 5912 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:02:47.0760 5912 WacomPen - ok
17:02:47.0775 5912 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:02:47.0775 5912 WANARP - ok
17:02:47.0775 5912 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:02:47.0775 5912 Wanarpv6 - ok
17:02:47.0822 5912 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:02:47.0838 5912 WatAdminSvc - ok
17:02:47.0869 5912 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:02:47.0884 5912 wbengine - ok
17:02:47.0900 5912 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:02:47.0900 5912 WbioSrvc - ok
17:02:47.0916 5912 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:02:47.0916 5912 wcncsvc - ok
17:02:47.0931 5912 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:02:47.0931 5912 WcsPlugInService - ok
17:02:47.0947 5912 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:02:47.0947 5912 Wd - ok
17:02:47.0962 5912 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:02:47.0962 5912 Wdf01000 - ok
17:02:47.0978 5912 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:02:47.0994 5912 WdiServiceHost - ok
17:02:47.0994 5912 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:02:47.0994 5912 WdiSystemHost - ok
17:02:48.0009 5912 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:02:48.0009 5912 WebClient - ok
17:02:48.0025 5912 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:02:48.0025 5912 Wecsvc - ok
17:02:48.0040 5912 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:02:48.0056 5912 wercplsupport - ok
17:02:48.0072 5912 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:02:48.0072 5912 WerSvc - ok
17:02:48.0087 5912 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:02:48.0087 5912 WfpLwf - ok
17:02:48.0103 5912 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:02:48.0103 5912 WIMMount - ok
17:02:48.0103 5912 WinDefend - ok
17:02:48.0118 5912 WinHttpAutoProxySvc - ok
17:02:48.0165 5912 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:02:48.0165 5912 Winmgmt - ok
17:02:48.0196 5912 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:02:48.0228 5912 WinRM - ok
17:02:48.0259 5912 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:02:48.0259 5912 WinUsb - ok
17:02:48.0274 5912 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:02:48.0290 5912 Wlansvc - ok
17:02:48.0337 5912 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:02:48.0368 5912 wlidsvc - ok
17:02:48.0384 5912 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:02:48.0384 5912 WmiAcpi - ok
17:02:48.0399 5912 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:02:48.0399 5912 wmiApSrv - ok
17:02:48.0415 5912 WMPNetworkSvc - ok
17:02:48.0415 5912 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:02:48.0415 5912 WPCSvc - ok
17:02:48.0430 5912 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:02:48.0430 5912 WPDBusEnum - ok
17:02:48.0446 5912 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:02:48.0446 5912 ws2ifsl - ok
17:02:48.0462 5912 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:02:48.0462 5912 wscsvc - ok
17:02:48.0462 5912 WSearch - ok
17:02:48.0524 5912 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:02:48.0555 5912 wuauserv - ok
17:02:48.0555 5912 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:02:48.0555 5912 WudfPf - ok
17:02:48.0586 5912 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:02:48.0586 5912 WUDFRd - ok
17:02:48.0586 5912 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:02:48.0602 5912 wudfsvc - ok
17:02:48.0602 5912 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:02:48.0618 5912 WwanSvc - ok
17:02:48.0618 5912 ================ Scan global ===============================
17:02:48.0633 5912 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:02:48.0649 5912 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:02:48.0664 5912 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:02:48.0680 5912 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:02:48.0696 5912 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:02:48.0696 5912 [Global] - ok
17:02:48.0696 5912 ================ Scan MBR ==================================
17:02:48.0696 5912 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:02:48.0898 5912 \Device\Harddisk0\DR0 - ok
17:02:48.0898 5912 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:02:48.0992 5912 \Device\Harddisk1\DR1 - ok
17:02:48.0992 5912 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
17:02:49.0101 5912 \Device\Harddisk6\DR6 - ok
17:02:49.0101 5912 ================ Scan VBR ==================================
17:02:49.0101 5912 [ 0DA00BF48D54B0656BFAC3AB03B4BDEA ] \Device\Harddisk0\DR0\Partition1
17:02:49.0101 5912 \Device\Harddisk0\DR0\Partition1 - ok
17:02:49.0132 5912 [ 8D72883000082F4DBED5DA805D74E602 ] \Device\Harddisk0\DR0\Partition2
17:02:49.0132 5912 \Device\Harddisk0\DR0\Partition2 - ok
17:02:49.0164 5912 [ 1069F8418E653BA93E3998A93CC6055D ] \Device\Harddisk0\DR0\Partition3
17:02:49.0164 5912 \Device\Harddisk0\DR0\Partition3 - ok
17:02:49.0164 5912 [ 3F5712099266558492499776B3C3277E ] \Device\Harddisk1\DR1\Partition1
17:02:49.0164 5912 \Device\Harddisk1\DR1\Partition1 - ok
17:02:49.0164 5912 [ BC48D92745676C3BA7E99D54EF918DD3 ] \Device\Harddisk6\DR6\Partition1
17:02:49.0164 5912 \Device\Harddisk6\DR6\Partition1 - ok
17:02:49.0164 5912 ============================================================
17:02:49.0164 5912 Scan finished
17:02:49.0164 5912 ============================================================
17:02:49.0179 1204 Detected object count: 0
17:02:49.0179 1204 Actual detected object count: 0

#4 Na1a

Na1a
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 06 November 2012 - 11:04 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-06 17:07:08
-----------------------------
17:07:08.029 OS Version: Windows x64 6.1.7601 Service Pack 1
17:07:08.029 Number of processors: 4 586 0x170A
17:07:08.029 ComputerName: HOME-PC UserName: Home
17:07:08.716 Initialize success
17:08:38.651 AVAST engine defs: 12110602
17:08:47.371 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:08:47.371 Disk 0 Vendor: ST1000DM003-9YN162 CC4D Size: 953869MB BusType: 11
17:08:47.402 Disk 0 MBR read successfully
17:08:47.402 Disk 0 MBR scan
17:08:47.418 Disk 0 Windows 7 default MBR code
17:08:47.418 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:08:47.449 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 100000 MB offset 206848
17:08:47.511 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12367 MB offset 1928192449
17:08:47.589 Disk 0 scanning C:\Windows\system32\drivers
17:09:00.101 Service scanning
17:09:24.249 Modules scanning
17:09:24.249 Disk 0 trace - called modules:
17:09:24.265 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:09:24.265 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007b40060]
17:09:24.265 3 CLASSPNP.SYS[fffff88001acf43f] -> nt!IofCallDriver -> [0xfffffa8007860520]
17:09:24.281 5 ACPI.sys[fffff88000f787a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80078521f0]
17:10:06.370 AVAST engine scan C:\Windows
17:10:07.914 AVAST engine scan C:\Windows\system32
17:13:30.514 AVAST engine scan C:\Windows\system32\drivers
17:13:44.460 AVAST engine scan C:\Users\Home
17:21:20.605 AVAST engine scan C:\ProgramData
17:23:02.442 Scan finished successfully
17:43:09.650 Disk 0 MBR has been saved successfully to "C:\Users\Home\Desktop\MBR.dat"
17:43:09.666 The log file has been saved successfully to "C:\Users\Home\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-06 17:48:57
-----------------------------
17:48:57.376 OS Version: Windows x64 6.1.7601 Service Pack 1
17:48:57.376 Number of processors: 4 586 0x170A
17:48:57.376 ComputerName: HOME-PC UserName: Home
17:48:58.374 Initialize success
17:49:05.457 AVAST engine defs: 12110602
17:49:22.476 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:49:22.476 Disk 0 Vendor: ST1000DM003-9YN162 CC4D Size: 953869MB BusType: 11
17:49:22.492 Disk 0 MBR read successfully
17:49:22.508 Disk 0 MBR scan
17:49:22.508 Disk 0 Windows 7 default MBR code
17:49:22.523 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:49:22.570 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 100000 MB offset 206848
17:49:22.601 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12367 MB offset 1928192449
17:49:22.710 Disk 0 scanning C:\Windows\system32\drivers
17:49:41.820 Service scanning
17:50:05.972 Modules scanning
17:50:05.972 Disk 0 trace - called modules:
17:50:06.034 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:50:06.050 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007b40060]
17:50:06.050 3 CLASSPNP.SYS[fffff88001acf43f] -> nt!IofCallDriver -> [0xfffffa8007860520]
17:50:06.050 5 ACPI.sys[fffff88000f787a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80078521f0]
17:50:50.900 AVAST engine scan C:\Windows
17:50:55.767 AVAST engine scan C:\Windows\system32
17:54:05.761 AVAST engine scan C:\Windows\system32\drivers
17:54:19.255 AVAST engine scan C:\Users\Home
17:58:13.895 AVAST engine scan C:\ProgramData
17:59:14.906 Scan finished successfully
17:59:55.794 Disk 0 MBR has been saved successfully to "C:\Users\Home\Desktop\MBR.dat"
17:59:55.794 The log file has been saved successfully to "C:\Users\Home\Desktop\aswMBR.txt"

#5 Na1a

Na1a
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 07 November 2012 - 01:57 AM

ESET scanner - no threats found

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 PM

Posted 07 November 2012 - 03:24 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 Na1a

Na1a
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 07 November 2012 - 11:29 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.08.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Home :: HOME-PC [administrator]

11/7/2012 5:07:05 PM
mbam-log-2012-11-07 (17-07-05).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 327093
Time elapsed: 31 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 35
HKCR\CLSID\{b4fa9c4c-95e4-4f97-ae11-53d374520b46} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.DynamicBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.DynamicBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{76e9f00f-6852-44fc-b406-bb452f232a1b} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{697fa9f6-da51-4f3c-8f01-fd5daafc18e5} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{4E60D532-F00E-495B-BD0F-75F1B96CC714} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.FeedManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.FeedManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{48708b86-3672-46f9-89cf-680f8e807b91} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{be1ede40-9c0b-4913-bf21-09f7ab5e270e} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{1BCF3F83-F9A0-4075-B0BC-53128BBC228F} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{b1c38f5a-506f-4f75-80d7-292903e8f87a} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{2238806b-78fe-443b-84c0-3c3d7647b8b8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{ca95ac1f-ebbd-4b84-aa2d-5383d029e534} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{2EEF77F9-4F97-4158-9209-A95B38C38EC1} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.XMLSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.XMLSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2238806B-78FE-443B-84C0-3C3D7647B8B8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{4ad0f9ab-db53-49fa-9c03-42e6ae1f0c7c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.Radio.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.Radio (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{627d42c1-e006-4bf2-bb79-d5fc6e0e01f0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.ScriptButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.ScriptButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{2c76e19a-5b10-4018-92dd-54de302114f9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{3852ab8e-1ca9-4b29-846f-092ca8d97969} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{4025F9A4-91CE-4F20-8486-8A3D95564DB3} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.ThirdPartyInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2C76E19A-5B10-4018-92DD-54DE302114F9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{ba1ab335-e597-40cf-a2b7-c28c27e10672} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponXplorer_5z.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 19
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zdyn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zfeedmg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zhighin.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zhkstub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zhttpct.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zidle.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zimpipe.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zmedint.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zmlbtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zmsg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zradio.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zregfft.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zreghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zregiet.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zscript.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zskplay.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5ztpinst.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zuabtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\NP5zStub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

(end)

#8 Na1a

Na1a
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 07 November 2012 - 11:38 PM

MiniToolBox by Farbar Version: 07-11-2012
Ran by Home (administrator) on 07-11-2012 at 18:36:10
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Home-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 90-E6-BA-58-55-63
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:6296:b8d3:1234:f03a:6c9b:a650:b23f(Preferred)
Temporary IPv6 Address. . . . . . : 2002:6296:b8d3:1234:e547:f10b:5357:ac3d(Preferred)
Link-local IPv6 Address . . . . . : fe80::f03a:6c9b:a650:b23f%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 07, 2012 6:30:09 PM
Lease Expires . . . . . . . . . . : Friday, November 05, 2021 6:30:08 PM
Default Gateway . . . . . . . . . : fe80::222:75ff:fefb:48f8%11
192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 244377274
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-7C-F0-7D-90-E6-BA-58-55-63
DNS Servers . . . . . . . . . . . : 192.168.2.1
192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Belkin:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.2.2%12(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.2.1
192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:303a:13f6:9d69:472c(Preferred)
Link-local IPv6 Address . . . . . : fe80::303a:13f6:9d69:472c%14(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: GNI-PC.hawaii.rr.com
Address: 192.168.2.1

Name: google.com
Addresses: 2607:f8b0:4007:800::1002
74.125.224.233
74.125.224.238
74.125.224.224
74.125.224.225
74.125.224.226
74.125.224.227
74.125.224.228
74.125.224.229
74.125.224.230
74.125.224.231
74.125.224.232


Pinging google.com [74.125.224.232] with 32 bytes of data:
Reply from 74.125.224.232: bytes=32 time=73ms TTL=52
Reply from 74.125.224.232: bytes=32 time=94ms TTL=52

Ping statistics for 74.125.224.232:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 73ms, Maximum = 94ms, Average = 83ms
Server: GNI-PC.hawaii.rr.com
Address: 192.168.2.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=187ms TTL=45
Reply from 98.139.183.24: bytes=32 time=207ms TTL=45

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 187ms, Maximum = 207ms, Average = 197ms
Server: GNI-PC.hawaii.rr.com
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...90 e6 ba 58 55 63 ......Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.2 266
192.168.2.2 255.255.255.255 On-link 192.168.2.2 266
192.168.2.255 255.255.255.255 On-link 192.168.2.2 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.2 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.2 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 266 ::/0 fe80::222:75ff:fefb:48f8
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:303a:13f6:9d69:472c/128
On-link
11 18 2002:6296:b8d3:1234::/64 On-link
11 266 2002:6296:b8d3:1234:e547:f10b:5357:ac3d/128
On-link
11 266 2002:6296:b8d3:1234:f03a:6c9b:a650:b23f/128
On-link
11 266 fe80::/64 On-link
14 306 fe80::/64 On-link
12 266 fe80::5efe:192.168.2.2/128
On-link
14 306 fe80::303a:13f6:9d69:472c/128
On-link
11 266 fe80::f03a:6c9b:a650:b23f/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
11 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/07/2012 06:31:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2012 00:31:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2012 00:30:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 07:58:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 07:58:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 06:05:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 06:05:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 04:46:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x395b74e8
Faulting process id: 0xbb8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/06/2012 04:45:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x778d5056
Faulting process id: 0x1790
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/06/2012 04:20:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/07/2012 06:29:24 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/06/2012 04:17:30 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/06/2012 04:24:46 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:07:25 AM on ?11/?6/?2012 was unexpected.

Error: (11/04/2012 10:52:35 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/04/2012 04:56:54 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/02/2012 10:12:44 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/02/2012 05:06:16 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (10/31/2012 09:13:08 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (10/31/2012 04:09:09 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (10/31/2012 11:53:11 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (11/07/2012 06:31:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2012 00:31:20 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Home\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\XTISKWJF\esetsmartinstaller_enu.exe

Error: (11/07/2012 00:30:37 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (11/06/2012 07:58:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XTISKWJF\esetsmartinstaller_enu.exe

Error: (11/06/2012 07:58:15 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XTISKWJF\esetsmartinstaller_enu.exe

Error: (11/06/2012 06:05:32 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EWBRRVJJ\esetsmartinstaller_enu.exe

Error: (11/06/2012 06:05:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EWBRRVJJ\esetsmartinstaller_enu.exe

Error: (11/06/2012 04:46:13 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6unknown0.0.0.000000000c0000005395b74e8bb801cdbc92053bd33cC:\Program Files (x86)\Internet Explorer\iexplore.exeunknown4a88717e-2885-11e2-9b49-90e6ba585563

Error: (11/06/2012 04:45:34 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6unknown0.0.0.000000000c0000005778d5056179001cdbc91e7361be7C:\Program Files (x86)\Internet Explorer\iexplore.exeunknown336d0af4-2885-11e2-9b49-90e6ba585563

Error: (11/06/2012 04:20:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
8500A909_eDocs (Version: 1.00.0000)
8500A909_Help (Version: 1.00.0000)
8500A909g (Version: 140.0.000.000)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ArcadeCandy (Version: ac 1.24.366)
BeFrugal.com Toolbar
Bing Bar (Version: 7.1.361.0)
Bing Desktop (Version: 1.0.45.0)
Bonjour (Version: 3.0.0.10)
BPD_DSWizards (Version: 1.00.0000)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 140.0.000.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 140.0.213.000)
ConverterLite 1.5.1 (Version: 1.5.1)
Coupon Printer for Windows (Version: 5.0.0.1)
CutePDF Writer 3.0
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 140.0.213.000)
DocMgr (Version: 140.0.65.000)
DocProc (Version: 140.0.100.000)
ESET Online Scanner v3
Family Tree Maker 2012 (Version: 21.0.452)
Fax (Version: 140.0.213.000)
Free Audio Converter version 5.0.17.822 (Version: 5.0.17.822)
Garmin Lifetime Updater (Version: 2.1.11)
GPBaseService2 (Version: 140.0.212.000)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Officejet Pro 8500 A909 Series (Version: 14.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Product Detection (Version: 11.14.0001)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.003.001.001)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 140.0.213.000)
HPSSupply (Version: 140.0.212.000)
Image Plugin (Version: 3.04.0226)
iTunes (Version: 10.7.0.21)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 140.0.214.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.6123.5001)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MPM (Version: 1.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
ProductContext (Version: 140.0.000.000)
Rapport (Version: 3.5.1205.15)
Realtek High Definition Audio Driver (Version: 6.0.1.5910)
Scan (Version: 140.0.167.000)
Seagate Replica Client v3.0.1801.8554
Shop for HP Supplies (Version: 14.0)
ShopAtHome.com Helper (Version: 7.0.1.0)
ShopAtHome.com Toolbar (Version: 7.0.1.0)
SmartWebPrinting (Version: 140.0.213.000)
SolutionCenter (Version: 140.0.214.000)
Status (Version: 140.0.256.000)
SUPERAntiSpyware (Version: 5.6.1012)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.213.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
WebReg (Version: 140.0.213.017)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 8191.24 MB
Available physical RAM: 6443.48 MB
Total Pagefile: 16380.67 MB
Available Pagefile: 14487.29 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.4 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:97.66 GB) (Free:49.36 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:12.08 GB) (Free:2.21 GB) NTFS
8 Drive k: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
9 Drive l: () (Removable) (Total:3.74 GB) (Free:3.15 GB) FAT32

========================= Users: ========================================

User accounts for \\HOME-PC

Administrator Guest Home

========================= Restore Points ==================================

27-10-2012 04:47:41 Windows Update
29-10-2012 05:00:19 Windows Backup
30-10-2012 08:25:47 Windows Update
31-10-2012 15:03:40 Installed Rapport
02-11-2012 12:02:20 Windows Update
05-11-2012 05:00:17 Windows Backup
06-11-2012 09:04:53 Windows Update

**** End of log ****

#9 Na1a

Na1a
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 07 November 2012 - 11:43 PM

Farbar Service Scanner Version: 07-11-2012
Ran by Home (administrator) on 07-11-2012 at 18:41:58
Running from "C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2X7IQ5E5"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 Na1a

Na1a
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 07 November 2012 - 11:49 PM

# AdwCleaner v2.007 - Logfile created 11/07/2012 at 18:45:24
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Home - HOME-PC
# Boot Mode : Normal
# Running from : C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JICNNW6A\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6j3xie32.default\searchplugins\Askcom.xml
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Home\AppData\Local\CouponAlert_2p
Folder Deleted : C:\Users\Home\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Home\AppData\LocalLow\CouponAlert_2p
Folder Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6j3xie32.default\extensions\2pffxtbr@CouponAlert_2p.com

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\CouponAlert_2p
Key Deleted : HKCU\Software\AppDataLow\Software\iWon
Key Deleted : HKCU\Software\PIP
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C7E7FB02-C4FD-446E-8F5B-463A049935BF}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0F1794F2-900B-4C81-8146-9234E5CC5BE2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{21D9997E-5D2A-4737-BCBA-C958C0590295}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5F701D7D-C869-41F0-B0E2-8136F02B539C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6BDA50D2-5597-4C68-A842-9B857FCCDA49}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6CA3D0AB-F807-462C-BA7F-E27F07F91E32}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8997561D-CF0B-42C7-AAE6-78801B3ADC7F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{92580E8C-88F5-4551-9D9E-8147E7EE2C32}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A786F51D-B3C7-4F52-91EF-E1A892C2A2AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8AF87C1-0B1E-494B-AAF0-CECC3FFEDF99}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC4DAE-7794-4E16-9A98-F6001303DCD0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EAB77009-B974-48DF-8229-E70CFAA11C69}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EBAA6283-B61F-4DDD-9659-56635433A307}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFB0C189-5077-4340-9838-AF7B8E792A54}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFB4F034-3EB5-48D5-84DD-89BBCF9A182F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F9D45087-1CF1-452E-9649-FDFDAC578E03}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FF2EBC1C-6579-41DB-91DD-945A1C8DB2D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AF08E71-3657-462F-898C-F7E791948F94}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7225F6C9-CF64-4D6D-AE8A-169779FD7B4D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{004EB151-885B-4A9E-A22D-CA98DD998D75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{041278C7-DF92-486D-AE85-921BDFC75A43}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F1794F2-900B-4C81-8146-9234E5CC5BE2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1116A14B-F6A3-4FD9-A00E-FF8CF270EE48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{21D9997E-5D2A-4737-BCBA-C958C0590295}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36A7148B-639E-423C-90BB-30B6E1A40BD7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F701D7D-C869-41F0-B0E2-8136F02B539C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{61DAB0AD-AD23-4E40-84AC-7C6CE64D4EB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{65D8E17B-312E-4E12-913B-A841A8631143}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6BDA50D2-5597-4C68-A842-9B857FCCDA49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6CA3D0AB-F807-462C-BA7F-E27F07F91E32}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{860AF5D1-0735-409D-8E5F-E3E99356D7E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8997561D-CF0B-42C7-AAE6-78801B3ADC7F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{92580E8C-88F5-4551-9D9E-8147E7EE2C32}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0636D37-97D0-4DC4-95A6-93AABA07437F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A786F51D-B3C7-4F52-91EF-E1A892C2A2AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D244EAC5-A0F5-4859-A1F8-18ABC0AC3A00}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8AF87C1-0B1E-494B-AAF0-CECC3FFEDF99}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC4DAE-7794-4E16-9A98-F6001303DCD0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAB77009-B974-48DF-8229-E70CFAA11C69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EBAA6283-B61F-4DDD-9659-56635433A307}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFB0C189-5077-4340-9838-AF7B8E792A54}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFB4F034-3EB5-48D5-84DD-89BBCF9A182F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9D45087-1CF1-452E-9649-FDFDAC578E03}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF2EBC1C-6579-41DB-91DD-945A1C8DB2D2}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6j3xie32.default\prefs.js

Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");

*************************

AdwCleaner[S1].txt - [12389 octets] - [07/11/2012 18:45:24]

########## EOF - C:\AdwCleaner[S1].txt - [12450 octets] ##########

#11 Na1a

Na1a
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 08 November 2012 - 12:01 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 2.8.5 (11.07.2012)
OS: Windows 7 Home Premium x64
Ran by Home on Wed 11/07/2012 at 18:50:31.60
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ab6bd08c-db6b-4f02-8a22-4bd343e990ff}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{ab6bd08c-db6b-4f02-8a22-4bd343e990ff}



~~~ Files

Successfully deleted: [File] "C:\Windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Home\AppData\Roaming\dvdvideosoft"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\dvdvideosoft"
Failed to delete: [Folder-LOCKED!] "C:\Users\Home\appdata\local\arcadecandy"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\dvdvideosoft"



~~~ FireFox

Successfully deleted: [Registry Value] hkey_current_user\software\mozilla\firefox\extensions\\games@acandy.com
Successfully deleted: [npCouponPrinter.dll] from [FF plugins]
Successfully deleted: [npMozCouponPrinter.dll] from [FF plugins]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/07/2012 at 18:55:37.10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 PM

Posted 08 November 2012 - 12:07 AM

Please run malwarebytes once again and post the clean log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#13 Na1a

Na1a
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 08 November 2012 - 01:03 AM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.08.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Home :: HOME-PC [administrator]

11/7/2012 7:16:47 PM
mbam-log-2012-11-07 (19-16-47).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 327426
Time elapsed: 31 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#14 Na1a

Na1a
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 08 November 2012 - 01:06 AM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/07/2012 08:04:21 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Home\Desktop\rkill\rkill-11-07-2012-08-04-23.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/07/2012 08:04:29 PM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)

#15 Na1a

Na1a
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 08 November 2012 - 01:10 AM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "BingDesktop" "Bing Desktop application" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktop.exe"
+ "Garmin Lifetime Updater" "Garmin Lifetime Updater" "Garmin" "c:\program files (x86)\garmin\lifetime updater\garminlifetime.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "hpqSRMon" "HpqSRmon" "Hewlett-Packard" "c:\program files (x86)\hp\digital imaging\bin\hpqsrmon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "ShopAtHomeWatcher" "" "" "c:\users\home\appdata\roaming\shopathome\shopathomehelper\shopathomewatcher.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "SkyDrive" "Microsoft SkyDrive" "Microsoft Corporation" "c:\users\home\appdata\local\microsoft\skydrive\skydrive.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ " SkyDrive1" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\home\appdata\local\microsoft\skydrive\16.4.6013.0910\amd64\skydriveshell64.dll"
+ " SkyDrive2" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\home\appdata\local\microsoft\skydrive\16.4.6013.0910\amd64\skydriveshell64.dll"
+ " SkyDrive3" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\home\appdata\local\microsoft\skydrive\16.4.6013.0910\amd64\skydriveshell64.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ " SkyDrive1" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\home\appdata\local\microsoft\skydrive\16.4.6013.0910\skydriveshell.dll"
+ " SkyDrive2" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\home\appdata\local\microsoft\skydrive\16.4.6013.0910\skydriveshell.dll"
+ " SkyDrive3" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\home\appdata\local\microsoft\skydrive\16.4.6013.0910\skydriveshell.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "BeFrugalIEHelper" "BeFrugal.com Toolbar" "Capital Intellect, Inc." "c:\program files (x86)\common files\befrugal.com\toolbar\bftb.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.361.0\bingext.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "ShopAtHome.com Cash Back Helper" "ShopAtHome.com IE Toolbar Engine" "ShopAtHome.com" "c:\users\home\appdata\roaming\shopathome\shopathometoolbar\tbcore3u.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "BFToolbar" "BeFrugal.com Toolbar" "Capital Intellect, Inc." "c:\program files (x86)\common files\befrugal.com\toolbar\bftb.dll"
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.361.0\bingext.dll"
+ "CouponXplorer" "" "" "File not found: C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zbar.dll"
+ "ShopAtHome.com Toolbar" "ShopAtHome.com IE Toolbar Engine" "ShopAtHome.com" "c:\users\home\appdata\roaming\shopathome\shopathometoolbar\tbcore3u.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\BeFrugal.com Toolbar" "BeFrugal.com Helper" "Capital Intellect, Inc." "c:\program files (x86)\common files\befrugal.com\toolbar\bfhp.exe"
+ "\CandyUpdater" "" "" "File not found: C:\Users\Home\AppData\Local\ArcadeCandy\candyUpdater.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.361.0\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.361.0\seaport.exe"
+ "BeFrugal.com Service" "BeFrugal.com Service" "Capital Intellect, Inc." "c:\program files (x86)\common files\befrugal.com\toolbar\befrgl.exe"
+ "BingDesktopUpdate" "Bing Desktop Update Service" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktopupdater.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"
+ "HPSLPSVC" "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "RapportMgmtService" "Central Rapport Management and Monitoring Service" "Trusteer Ltd." "c:\program files (x86)\trusteer\rapport\bin\rapportmgmtservice.exe"
+ "UMVPFSrv" "UMVPF is a user mode Logitech driver" "Logitech Inc." "c:\program files (x86)\common files\logishrd\lvmvfm\umvpfsrv.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CompFilter64" "Logitech USB Video Class Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvbflt64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LVRS64" "Logitech Kernel Audio Improvement Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvrs64.sys"
+ "LVUVC64" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows\system32\drivers\lvuvc64.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RapportCerberus_43926" "" "" "c:\programdata\trusteer\rapport\store\exts\rapportcerberus\43926\rapportcerberus64_43926.sys"
+ "RapportEI64" "RapportEI64" "Trusteer Ltd." "c:\program files (x86)\trusteer\rapport\bin\x64\rapportei64.sys"
+ "RapportKE64" "RapportKE" "Trusteer Ltd." "c:\windows\system32\drivers\rapportke64.sys"
+ "RapportPG64" "RapportPG64" "Trusteer Ltd." "c:\program files (x86)\trusteer\rapport\bin\x64\rapportpg64.sys"
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 64-bit Driver " "Realtek Corporation " "c:\windows\system32\drivers\rt64win7.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcod64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\syswow64\lvcodec2.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmprevu.dll"
+ "Record Queue" "WME Record Queue" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmedque.dll"
+ "Video Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmprevu.dll"
+ "WMEnc Screen Capture Filter" "WMESrcWp Module" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmesrcwp.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "CutePDF Writer Monitor" "" "" "c:\windows\system32\cpwmon64.dll"
+ "PCL hpf3l02t" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l02t.dll"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users