Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop-up ads in the bottom corners of my browser and occasional redirects


  • Please log in to reply
13 replies to this topic

#1 SicBoi

SicBoi

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 23 October 2012 - 12:20 AM

I am getting pop-up ads in the bottom right of my browser window and occasional invisible ads in the bottom left. I also receive the rare link redirect. I have updated and ran complete scans with Malware-Bytes, Spybot S&D, and Avast! Anti-virus Free.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:44 PM

Posted 23 October 2012 - 12:37 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 SicBoi

SicBoi
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 23 October 2012 - 03:08 AM

TDSSkiller
01:58:27.0242 5320 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
01:58:27.0555 5320 ============================================================
01:58:27.0555 5320 Current date / time: 2012/10/23 01:58:27.0555
01:58:27.0555 5320 SystemInfo:
01:58:27.0555 5320
01:58:27.0556 5320 OS Version: 6.1.7600 ServicePack: 0.0
01:58:27.0556 5320 Product type: Workstation
01:58:27.0556 5320 ComputerName: NEW-PUTER
01:58:27.0557 5320 UserName: Ray
01:58:27.0557 5320 Windows directory: C:\Windows
01:58:27.0557 5320 System windows directory: C:\Windows
01:58:27.0557 5320 Running under WOW64
01:58:27.0557 5320 Processor architecture: Intel x64
01:58:27.0557 5320 Number of processors: 4
01:58:27.0557 5320 Page size: 0x1000
01:58:27.0557 5320 Boot type: Normal boot
01:58:27.0557 5320 ============================================================
01:58:28.0605 5320 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:58:28.0649 5320 ============================================================
01:58:28.0649 5320 \Device\Harddisk0\DR0:
01:58:28.0649 5320 MBR partitions:
01:58:28.0649 5320 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
01:58:28.0649 5320 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x728D3800
01:58:28.0649 5320 ============================================================
01:58:28.0678 5320 C: <-> \Device\Harddisk0\DR0\Partition2
01:58:28.0678 5320 ============================================================
01:58:28.0679 5320 Initialize success
01:58:28.0679 5320 ============================================================
01:58:50.0376 2452 ============================================================
01:58:50.0376 2452 Scan started
01:58:50.0376 2452 Mode: Manual; TDLFS;
01:58:50.0376 2452 ============================================================
01:58:51.0579 2452 ================ Scan system memory ========================
01:58:51.0580 2452 System memory - ok
01:58:51.0581 2452 ================ Scan services =============================
01:58:51.0839 2452 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
01:58:51.0846 2452 1394ohci - ok
01:58:51.0868 2452 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
01:58:51.0875 2452 ACPI - ok
01:58:51.0904 2452 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
01:58:51.0906 2452 AcpiPmi - ok
01:58:51.0934 2452 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
01:58:51.0942 2452 adp94xx - ok
01:58:51.0964 2452 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
01:58:51.0971 2452 adpahci - ok
01:58:51.0980 2452 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
01:58:51.0984 2452 adpu320 - ok
01:58:52.0029 2452 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:58:52.0031 2452 AeLookupSvc - ok
01:58:52.0060 2452 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
01:58:52.0068 2452 AFD - ok
01:58:52.0078 2452 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
01:58:52.0079 2452 agp440 - ok
01:58:52.0093 2452 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:58:52.0094 2452 ALG - ok
01:58:52.0116 2452 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
01:58:52.0118 2452 aliide - ok
01:58:52.0124 2452 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
01:58:52.0125 2452 amdide - ok
01:58:52.0144 2452 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:58:52.0146 2452 AmdK8 - ok
01:58:52.0171 2452 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
01:58:52.0173 2452 AmdPPM - ok
01:58:52.0179 2452 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
01:58:52.0182 2452 amdsata - ok
01:58:52.0189 2452 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
01:58:52.0193 2452 amdsbs - ok
01:58:52.0209 2452 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
01:58:52.0211 2452 amdxata - ok
01:58:52.0220 2452 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
01:58:52.0222 2452 AppID - ok
01:58:52.0240 2452 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:58:52.0241 2452 AppIDSvc - ok
01:58:52.0260 2452 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
01:58:52.0261 2452 Appinfo - ok
01:58:52.0267 2452 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
01:58:52.0270 2452 arc - ok
01:58:52.0276 2452 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
01:58:52.0278 2452 arcsas - ok
01:58:52.0389 2452 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:58:52.0412 2452 aspnet_state - ok
01:58:52.0448 2452 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
01:58:52.0450 2452 aswFsBlk - ok
01:58:52.0492 2452 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
01:58:52.0494 2452 aswMonFlt - ok
01:58:52.0511 2452 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
01:58:52.0513 2452 aswRdr - ok
01:58:52.0542 2452 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
01:58:52.0557 2452 aswSnx - ok
01:58:52.0581 2452 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
01:58:52.0587 2452 aswSP - ok
01:58:52.0606 2452 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
01:58:52.0608 2452 aswTdi - ok
01:58:52.0623 2452 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:58:52.0624 2452 AsyncMac - ok
01:58:52.0641 2452 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
01:58:52.0642 2452 atapi - ok
01:58:52.0667 2452 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:58:52.0675 2452 AudioEndpointBuilder - ok
01:58:52.0699 2452 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:58:52.0706 2452 AudioSrv - ok
01:58:52.0781 2452 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
01:58:52.0784 2452 avast! Antivirus - ok
01:58:52.0817 2452 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:58:52.0820 2452 AxInstSV - ok
01:58:52.0851 2452 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
01:58:52.0860 2452 b06bdrv - ok
01:58:52.0900 2452 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:58:52.0906 2452 b57nd60a - ok
01:58:52.0933 2452 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:58:52.0935 2452 BDESVC - ok
01:58:52.0958 2452 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:58:52.0960 2452 Beep - ok
01:58:52.0985 2452 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:58:52.0988 2452 blbdrive - ok
01:58:52.0999 2452 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:58:53.0001 2452 bowser - ok
01:58:53.0017 2452 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:58:53.0019 2452 BrFiltLo - ok
01:58:53.0036 2452 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:58:53.0038 2452 BrFiltUp - ok
01:58:53.0052 2452 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
01:58:53.0055 2452 Browser - ok
01:58:53.0072 2452 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:58:53.0077 2452 Brserid - ok
01:58:53.0095 2452 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:58:53.0097 2452 BrSerWdm - ok
01:58:53.0114 2452 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:58:53.0116 2452 BrUsbMdm - ok
01:58:53.0121 2452 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:58:53.0123 2452 BrUsbSer - ok
01:58:53.0129 2452 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
01:58:53.0131 2452 BTHMODEM - ok
01:58:53.0151 2452 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:58:53.0152 2452 bthserv - ok
01:58:53.0163 2452 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:58:53.0165 2452 cdfs - ok
01:58:53.0184 2452 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:58:53.0187 2452 cdrom - ok
01:58:53.0209 2452 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
01:58:53.0211 2452 CertPropSvc - ok
01:58:53.0216 2452 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
01:58:53.0218 2452 circlass - ok
01:58:53.0236 2452 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:58:53.0240 2452 CLFS - ok
01:58:53.0287 2452 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:58:53.0288 2452 clr_optimization_v2.0.50727_32 - ok
01:58:53.0308 2452 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:58:53.0309 2452 clr_optimization_v2.0.50727_64 - ok
01:58:53.0392 2452 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:58:53.0427 2452 clr_optimization_v4.0.30319_32 - ok
01:58:53.0442 2452 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:58:53.0447 2452 clr_optimization_v4.0.30319_64 - ok
01:58:53.0467 2452 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:58:53.0469 2452 CmBatt - ok
01:58:53.0482 2452 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
01:58:53.0483 2452 cmdide - ok
01:58:53.0514 2452 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
01:58:53.0518 2452 CNG - ok
01:58:53.0524 2452 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:58:53.0525 2452 Compbatt - ok
01:58:53.0553 2452 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
01:58:53.0555 2452 CompositeBus - ok
01:58:53.0561 2452 COMSysApp - ok
01:58:53.0572 2452 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
01:58:53.0573 2452 crcdisk - ok
01:58:53.0597 2452 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:58:53.0599 2452 CryptSvc - ok
01:58:53.0634 2452 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:58:53.0641 2452 DcomLaunch - ok
01:58:53.0673 2452 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:58:53.0677 2452 defragsvc - ok
01:58:53.0692 2452 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:58:53.0693 2452 DfsC - ok
01:58:53.0724 2452 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
01:58:53.0728 2452 Dhcp - ok
01:58:53.0741 2452 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:58:53.0742 2452 discache - ok
01:58:53.0763 2452 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
01:58:53.0765 2452 Disk - ok
01:58:53.0778 2452 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:58:53.0781 2452 Dnscache - ok
01:58:53.0789 2452 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
01:58:53.0793 2452 dot3svc - ok
01:58:53.0804 2452 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
01:58:53.0807 2452 DPS - ok
01:58:53.0830 2452 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:58:53.0832 2452 drmkaud - ok
01:58:53.0873 2452 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
01:58:53.0877 2452 dtsoftbus01 - ok
01:58:53.0908 2452 [ 7CB7D2B73813CE05C7BC0F5F95D27CEC ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:58:53.0916 2452 DXGKrnl - ok
01:58:53.0940 2452 [ 761B9EDD97A021AA1922501B7A056635 ] e1yexpress C:\Windows\system32\DRIVERS\e1y62x64.sys
01:58:53.0945 2452 e1yexpress - ok
01:58:53.0963 2452 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:58:53.0966 2452 EapHost - ok
01:58:54.0080 2452 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
01:58:54.0205 2452 ebdrv - ok
01:58:54.0218 2452 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
01:58:54.0221 2452 EFS - ok
01:58:54.0279 2452 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:58:54.0291 2452 ehRecvr - ok
01:58:54.0313 2452 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:58:54.0315 2452 ehSched - ok
01:58:54.0345 2452 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
01:58:54.0354 2452 elxstor - ok
01:58:54.0368 2452 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
01:58:54.0370 2452 ErrDev - ok
01:58:54.0403 2452 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:58:54.0406 2452 EventSystem - ok
01:58:54.0420 2452 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:58:54.0421 2452 exfat - ok
01:58:54.0436 2452 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:58:54.0438 2452 fastfat - ok
01:58:54.0469 2452 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
01:58:54.0474 2452 Fax - ok
01:58:54.0485 2452 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:58:54.0487 2452 fdc - ok
01:58:54.0513 2452 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:58:54.0515 2452 fdPHost - ok
01:58:54.0526 2452 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:58:54.0528 2452 FDResPub - ok
01:58:54.0538 2452 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:58:54.0539 2452 FileInfo - ok
01:58:54.0554 2452 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:58:54.0555 2452 Filetrace - ok
01:58:54.0572 2452 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:58:54.0574 2452 flpydisk - ok
01:58:54.0592 2452 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:58:54.0594 2452 FltMgr - ok
01:58:54.0621 2452 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
01:58:54.0628 2452 FontCache - ok
01:58:54.0674 2452 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:58:54.0677 2452 FontCache3.0.0.0 - ok
01:58:54.0687 2452 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:58:54.0689 2452 FsDepends - ok
01:58:54.0706 2452 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:58:54.0708 2452 Fs_Rec - ok
01:58:54.0723 2452 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:58:54.0726 2452 fvevol - ok
01:58:54.0743 2452 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
01:58:54.0745 2452 gagp30kx - ok
01:58:54.0847 2452 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
01:58:54.0850 2452 GameConsoleService - ok
01:58:54.0870 2452 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
01:58:54.0875 2452 gpsvc - ok
01:58:54.0914 2452 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
01:58:54.0927 2452 Greg_Service - ok
01:58:54.0987 2452 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:58:54.0992 2452 gupdate - ok
01:58:55.0005 2452 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:58:55.0007 2452 gupdatem - ok
01:58:55.0028 2452 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:58:55.0030 2452 hcw85cir - ok
01:58:55.0044 2452 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:58:55.0049 2452 HdAudAddService - ok
01:58:55.0071 2452 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:58:55.0073 2452 HDAudBus - ok
01:58:55.0084 2452 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
01:58:55.0086 2452 HidBatt - ok
01:58:55.0094 2452 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
01:58:55.0096 2452 HidBth - ok
01:58:55.0109 2452 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
01:58:55.0110 2452 HidIr - ok
01:58:55.0143 2452 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
01:58:55.0147 2452 hidserv - ok
01:58:55.0175 2452 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:58:55.0178 2452 HidUsb - ok
01:58:55.0197 2452 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:58:55.0201 2452 hkmsvc - ok
01:58:55.0217 2452 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:58:55.0222 2452 HomeGroupListener - ok
01:58:55.0255 2452 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:58:55.0259 2452 HomeGroupProvider - ok
01:58:55.0273 2452 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
01:58:55.0274 2452 HpSAMD - ok
01:58:55.0298 2452 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:58:55.0302 2452 HTTP - ok
01:58:55.0320 2452 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:58:55.0320 2452 hwpolicy - ok
01:58:55.0338 2452 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:58:55.0340 2452 i8042prt - ok
01:58:55.0361 2452 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
01:58:55.0367 2452 iaStor - ok
01:58:55.0385 2452 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
01:58:55.0390 2452 iaStorV - ok
01:58:55.0454 2452 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:58:55.0468 2452 idsvc - ok
01:58:55.0609 2452 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
01:58:55.0736 2452 igfx - ok
01:58:55.0755 2452 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
01:58:55.0757 2452 iirsp - ok
01:58:55.0797 2452 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
01:58:55.0802 2452 IKEEXT - ok
01:58:55.0893 2452 [ E7E0E8F2F44BCB48143FBBA70106D8C1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:58:55.0947 2452 IntcAzAudAddService - ok
01:58:55.0957 2452 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
01:58:55.0959 2452 intelide - ok
01:58:55.0963 2452 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:58:55.0965 2452 intelppm - ok
01:58:55.0975 2452 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:58:55.0977 2452 IPBusEnum - ok
01:58:55.0981 2452 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:58:55.0982 2452 IpFilterDriver - ok
01:58:55.0987 2452 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
01:58:55.0990 2452 IPMIDRV - ok
01:58:55.0994 2452 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:58:55.0995 2452 IPNAT - ok
01:58:56.0006 2452 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:58:56.0007 2452 IRENUM - ok
01:58:56.0020 2452 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
01:58:56.0022 2452 isapnp - ok
01:58:56.0042 2452 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
01:58:56.0045 2452 iScsiPrt - ok
01:58:56.0056 2452 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:58:56.0058 2452 kbdclass - ok
01:58:56.0062 2452 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:58:56.0063 2452 kbdhid - ok
01:58:56.0075 2452 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
01:58:56.0077 2452 KeyIso - ok
01:58:56.0095 2452 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:58:56.0096 2452 KSecDD - ok
01:58:56.0106 2452 [ BBE1BF6D9B661C354D4857D5FADB943B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:58:56.0108 2452 KSecPkg - ok
01:58:56.0125 2452 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:58:56.0126 2452 ksthunk - ok
01:58:56.0144 2452 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:58:56.0147 2452 KtmRm - ok
01:58:56.0177 2452 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:58:56.0181 2452 LanmanServer - ok
01:58:56.0196 2452 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:58:56.0200 2452 LanmanWorkstation - ok
01:58:56.0225 2452 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:58:56.0227 2452 lltdio - ok
01:58:56.0240 2452 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:58:56.0243 2452 lltdsvc - ok
01:58:56.0260 2452 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:58:56.0263 2452 lmhosts - ok
01:58:56.0289 2452 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
01:58:56.0291 2452 LSI_FC - ok
01:58:56.0295 2452 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
01:58:56.0297 2452 LSI_SAS - ok
01:58:56.0302 2452 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:58:56.0303 2452 LSI_SAS2 - ok
01:58:56.0308 2452 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:58:56.0310 2452 LSI_SCSI - ok
01:58:56.0323 2452 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:58:56.0324 2452 luafv - ok
01:58:56.0336 2452 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:58:56.0338 2452 Mcx2Svc - ok
01:58:56.0342 2452 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
01:58:56.0344 2452 megasas - ok
01:58:56.0363 2452 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
01:58:56.0366 2452 MegaSR - ok
01:58:56.0390 2452 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:58:56.0392 2452 MMCSS - ok
01:58:56.0397 2452 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:58:56.0398 2452 Modem - ok
01:58:56.0402 2452 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:58:56.0403 2452 monitor - ok
01:58:56.0418 2452 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:58:56.0420 2452 mouclass - ok
01:58:56.0436 2452 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:58:56.0437 2452 mouhid - ok
01:58:56.0450 2452 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:58:56.0451 2452 mountmgr - ok
01:58:56.0524 2452 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:58:56.0527 2452 MozillaMaintenance - ok
01:58:56.0544 2452 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
01:58:56.0546 2452 mpio - ok
01:58:56.0560 2452 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:58:56.0561 2452 mpsdrv - ok
01:58:56.0567 2452 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:58:56.0568 2452 MRxDAV - ok
01:58:56.0587 2452 [ CFDCD8CA87C2A657DEBC150AC35B5E08 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:58:56.0588 2452 mrxsmb - ok
01:58:56.0595 2452 [ 1BEE517B220B7F024F411AEC1571DD5A ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:58:56.0597 2452 mrxsmb10 - ok
01:58:56.0609 2452 [ 6B2D5FEF385828B6E485C1C90AFB8195 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:58:56.0610 2452 mrxsmb20 - ok
01:58:56.0615 2452 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
01:58:56.0616 2452 msahci - ok
01:58:56.0633 2452 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
01:58:56.0636 2452 msdsm - ok
01:58:56.0656 2452 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:58:56.0659 2452 MSDTC - ok
01:58:56.0678 2452 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:58:56.0679 2452 Msfs - ok
01:58:56.0696 2452 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:58:56.0697 2452 mshidkmdf - ok
01:58:56.0710 2452 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
01:58:56.0711 2452 msisadrv - ok
01:58:56.0734 2452 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:58:56.0736 2452 MSiSCSI - ok
01:58:56.0740 2452 msiserver - ok
01:58:56.0802 2452 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:58:56.0805 2452 MSKSSRV - ok
01:58:56.0821 2452 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:58:56.0824 2452 MSPCLOCK - ok
01:58:56.0833 2452 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:58:56.0835 2452 MSPQM - ok
01:58:56.0849 2452 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:58:56.0852 2452 MsRPC - ok
01:58:56.0870 2452 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
01:58:56.0872 2452 mssmbios - ok
01:58:56.0877 2452 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:58:56.0879 2452 MSTEE - ok
01:58:56.0890 2452 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
01:58:56.0892 2452 MTConfig - ok
01:58:56.0915 2452 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:58:56.0917 2452 Mup - ok
01:58:56.0945 2452 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
01:58:56.0952 2452 napagent - ok
01:58:56.0969 2452 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:58:56.0972 2452 NativeWifiP - ok
01:58:57.0006 2452 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
01:58:57.0014 2452 NDIS - ok
01:58:57.0029 2452 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:58:57.0030 2452 NdisCap - ok
01:58:57.0046 2452 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:58:57.0048 2452 NdisTapi - ok
01:58:57.0064 2452 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:58:57.0066 2452 Ndisuio - ok
01:58:57.0079 2452 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:58:57.0081 2452 NdisWan - ok
01:58:57.0100 2452 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:58:57.0101 2452 NDProxy - ok
01:58:57.0180 2452 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
01:58:57.0197 2452 Nero BackItUp Scheduler 4.0 - ok
01:58:57.0223 2452 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:58:57.0226 2452 NetBIOS - ok
01:58:57.0235 2452 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:58:57.0238 2452 NetBT - ok
01:58:57.0252 2452 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
01:58:57.0256 2452 Netlogon - ok
01:58:57.0297 2452 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:58:57.0304 2452 Netman - ok
01:58:57.0346 2452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:58:57.0351 2452 NetMsmqActivator - ok
01:58:57.0357 2452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:58:57.0359 2452 NetPipeActivator - ok
01:58:57.0371 2452 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:58:57.0379 2452 netprofm - ok
01:58:57.0388 2452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:58:57.0389 2452 NetTcpActivator - ok
01:58:57.0393 2452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:58:57.0395 2452 NetTcpPortSharing - ok
01:58:57.0412 2452 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
01:58:57.0413 2452 nfrd960 - ok
01:58:57.0436 2452 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:58:57.0440 2452 NlaSvc - ok
01:58:57.0452 2452 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:58:57.0454 2452 Npfs - ok
01:58:57.0464 2452 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:58:57.0467 2452 nsi - ok
01:58:57.0475 2452 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:58:57.0476 2452 nsiproxy - ok
01:58:57.0517 2452 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:58:57.0528 2452 Ntfs - ok
01:58:57.0559 2452 [ BD691091AC7D9713D8F0B07C6B099E6C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
01:58:57.0561 2452 NTI IScheduleSvc - ok
01:58:57.0580 2452 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
01:58:57.0583 2452 NTIDrvr - ok
01:58:57.0606 2452 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:58:57.0609 2452 Null - ok
01:58:57.0645 2452 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
01:58:57.0649 2452 NVHDA - ok
01:58:57.0919 2452 [ B34E9BFBD9C61048EF6281C3E7EC210A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:58:58.0146 2452 nvlddmkm - ok
01:58:58.0173 2452 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
01:58:58.0175 2452 nvraid - ok
01:58:58.0181 2452 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
01:58:58.0184 2452 nvstor - ok
01:58:58.0208 2452 [ DFDA089BB2CD0FF7E789E2EF6BA1E4BA ] nvsvc C:\Windows\system32\nvvsvc.exe
01:58:58.0221 2452 nvsvc - ok
01:58:58.0297 2452 [ E7818CD4FB51284C948D68A7A85A69B8 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
01:58:58.0314 2452 nvUpdatusService - ok
01:58:58.0331 2452 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
01:58:58.0333 2452 nv_agp - ok
01:58:58.0379 2452 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:58:58.0391 2452 odserv - ok
01:58:58.0401 2452 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
01:58:58.0405 2452 ohci1394 - ok
01:58:58.0450 2452 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:58:58.0454 2452 ose - ok
01:58:58.0490 2452 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:58:58.0496 2452 p2pimsvc - ok
01:58:58.0537 2452 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:58:58.0544 2452 p2psvc - ok
01:58:58.0581 2452 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
01:58:58.0584 2452 Parport - ok
01:58:58.0593 2452 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:58:58.0594 2452 partmgr - ok
01:58:58.0601 2452 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:58:58.0606 2452 PcaSvc - ok
01:58:58.0625 2452 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
01:58:58.0629 2452 pci - ok
01:58:58.0645 2452 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
01:58:58.0647 2452 pciide - ok
01:58:58.0664 2452 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
01:58:58.0668 2452 pcmcia - ok
01:58:58.0688 2452 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:58:58.0689 2452 pcw - ok
01:58:58.0714 2452 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:58:58.0718 2452 PEAUTH - ok
01:58:58.0802 2452 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:58:58.0808 2452 PerfHost - ok
01:58:58.0858 2452 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
01:58:58.0872 2452 pla - ok
01:58:58.0897 2452 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:58:58.0902 2452 PlugPlay - ok
01:58:58.0919 2452 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:58:58.0922 2452 PNRPAutoReg - ok
01:58:58.0934 2452 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:58:58.0938 2452 PNRPsvc - ok
01:58:58.0962 2452 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:58:58.0966 2452 PolicyAgent - ok
01:58:58.0974 2452 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
01:58:58.0978 2452 Power - ok
01:58:59.0023 2452 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:58:59.0024 2452 PptpMiniport - ok
01:58:59.0043 2452 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
01:58:59.0046 2452 Processor - ok
01:58:59.0075 2452 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
01:58:59.0083 2452 ProfSvc - ok
01:58:59.0097 2452 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
01:58:59.0100 2452 ProtectedStorage - ok
01:58:59.0116 2452 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:58:59.0118 2452 Psched - ok
01:58:59.0162 2452 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
01:58:59.0194 2452 ql2300 - ok
01:58:59.0201 2452 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
01:58:59.0203 2452 ql40xx - ok
01:58:59.0227 2452 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:58:59.0232 2452 QWAVE - ok
01:58:59.0250 2452 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:58:59.0253 2452 QWAVEdrv - ok
01:58:59.0279 2452 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:58:59.0281 2452 RasAcd - ok
01:58:59.0306 2452 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:58:59.0308 2452 RasAgileVpn - ok
01:58:59.0327 2452 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:58:59.0332 2452 RasAuto - ok
01:58:59.0343 2452 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:58:59.0345 2452 Rasl2tp - ok
01:58:59.0367 2452 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
01:58:59.0373 2452 RasMan - ok
01:58:59.0387 2452 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:58:59.0389 2452 RasPppoe - ok
01:58:59.0399 2452 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:58:59.0401 2452 RasSstp - ok
01:58:59.0424 2452 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:58:59.0426 2452 rdbss - ok
01:58:59.0432 2452 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:58:59.0433 2452 rdpbus - ok
01:58:59.0451 2452 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:58:59.0452 2452 RDPCDD - ok
01:58:59.0473 2452 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:58:59.0475 2452 RDPENCDD - ok
01:58:59.0485 2452 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:58:59.0486 2452 RDPREFMP - ok
01:58:59.0503 2452 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:58:59.0505 2452 RDPWD - ok
01:58:59.0512 2452 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:58:59.0515 2452 rdyboost - ok
01:58:59.0541 2452 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:58:59.0544 2452 RemoteAccess - ok
01:58:59.0563 2452 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:58:59.0568 2452 RemoteRegistry - ok
01:58:59.0580 2452 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:58:59.0584 2452 RpcEptMapper - ok
01:58:59.0607 2452 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:58:59.0610 2452 RpcLocator - ok
01:58:59.0635 2452 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
01:58:59.0642 2452 RpcSs - ok
01:58:59.0658 2452 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:58:59.0659 2452 rspndr - ok
01:58:59.0684 2452 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
01:58:59.0692 2452 RTL8167 - ok
01:58:59.0708 2452 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
01:58:59.0711 2452 SamSs - ok
01:58:59.0723 2452 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
01:58:59.0726 2452 sbp2port - ok
01:58:59.0816 2452 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
01:58:59.0851 2452 SBSDWSCService - ok
01:58:59.0869 2452 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:58:59.0878 2452 SCardSvr - ok
01:58:59.0892 2452 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:58:59.0894 2452 scfilter - ok
01:58:59.0918 2452 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
01:58:59.0930 2452 Schedule - ok
01:58:59.0954 2452 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:58:59.0955 2452 SCPolicySvc - ok
01:58:59.0973 2452 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:58:59.0981 2452 SDRSVC - ok
01:59:00.0009 2452 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:59:00.0011 2452 secdrv - ok
01:59:00.0021 2452 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
01:59:00.0026 2452 seclogon - ok
01:59:00.0037 2452 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
01:59:00.0042 2452 SENS - ok
01:59:00.0052 2452 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:59:00.0056 2452 SensrSvc - ok
01:59:00.0061 2452 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:59:00.0063 2452 Serenum - ok
01:59:00.0078 2452 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:59:00.0080 2452 Serial - ok
01:59:00.0085 2452 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
01:59:00.0087 2452 sermouse - ok
01:59:00.0098 2452 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
01:59:00.0101 2452 SessionEnv - ok
01:59:00.0126 2452 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
01:59:00.0128 2452 sffdisk - ok
01:59:00.0133 2452 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
01:59:00.0135 2452 sffp_mmc - ok
01:59:00.0138 2452 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
01:59:00.0140 2452 sffp_sd - ok
01:59:00.0154 2452 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
01:59:00.0155 2452 sfloppy - ok
01:59:00.0183 2452 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:59:00.0187 2452 ShellHWDetection - ok
01:59:00.0200 2452 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:59:00.0201 2452 SiSRaid2 - ok
01:59:00.0205 2452 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
01:59:00.0207 2452 SiSRaid4 - ok
01:59:00.0215 2452 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:59:00.0216 2452 Smb - ok
01:59:00.0237 2452 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:59:00.0241 2452 SNMPTRAP - ok
01:59:00.0253 2452 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:59:00.0255 2452 spldr - ok
01:59:00.0277 2452 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\Windows\System32\spoolsv.exe
01:59:00.0282 2452 Spooler - ok
01:59:00.0363 2452 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
01:59:00.0389 2452 sppsvc - ok
01:59:00.0406 2452 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:59:00.0410 2452 sppuinotify - ok
01:59:00.0423 2452 [ EC8F67289105BF270498095F14963464 ] srv C:\Windows\system32\DRIVERS\srv.sys
01:59:00.0426 2452 srv - ok
01:59:00.0444 2452 [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:59:00.0447 2452 srv2 - ok
01:59:00.0457 2452 [ 26E84D3649019C3244622E654DFCD75B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:59:00.0458 2452 srvnet - ok
01:59:00.0470 2452 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:59:00.0473 2452 SSDPSRV - ok
01:59:00.0478 2452 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:59:00.0481 2452 SstpSvc - ok
01:59:00.0518 2452 Steam Client Service - ok
01:59:00.0565 2452 [ 6086B60F2E36D06A063CB07ED0524332 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:59:00.0571 2452 Stereo Service - ok
01:59:00.0578 2452 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
01:59:00.0580 2452 stexstor - ok
01:59:00.0606 2452 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
01:59:00.0611 2452 stisvc - ok
01:59:00.0623 2452 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
01:59:00.0624 2452 swenum - ok
01:59:00.0642 2452 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
01:59:00.0647 2452 swprv - ok
01:59:00.0679 2452 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
01:59:00.0691 2452 SysMain - ok
01:59:00.0696 2452 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:59:00.0699 2452 TabletInputService - ok
01:59:00.0732 2452 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
01:59:00.0734 2452 tap0901t - ok
01:59:00.0741 2452 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
01:59:00.0745 2452 TapiSrv - ok
01:59:00.0758 2452 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
01:59:00.0762 2452 TBS - ok
01:59:00.0805 2452 [ 912107716BAB424C7870E8E6AF5E07E1 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:59:00.0816 2452 Tcpip - ok
01:59:00.0860 2452 [ 912107716BAB424C7870E8E6AF5E07E1 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:59:00.0870 2452 TCPIP6 - ok
01:59:00.0888 2452 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:59:00.0889 2452 tcpipreg - ok
01:59:00.0902 2452 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:59:00.0904 2452 TDPIPE - ok
01:59:00.0908 2452 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:59:00.0909 2452 TDTCP - ok
01:59:00.0919 2452 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:59:00.0920 2452 tdx - ok
01:59:00.0934 2452 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
01:59:00.0936 2452 TermDD - ok
01:59:00.0959 2452 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
01:59:00.0966 2452 TermService - ok
01:59:00.0981 2452 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
01:59:00.0985 2452 Themes - ok
01:59:01.0012 2452 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
01:59:01.0014 2452 THREADORDER - ok
01:59:01.0030 2452 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
01:59:01.0033 2452 TrkWks - ok
01:59:01.0082 2452 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:59:01.0086 2452 TrustedInstaller - ok
01:59:01.0107 2452 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:59:01.0109 2452 tssecsrv - ok
01:59:01.0138 2452 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:59:01.0140 2452 tunnel - ok
01:59:01.0198 2452 [ 1A5F1301C1EA3B49D1222E9CBB552EBB ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
01:59:01.0205 2452 TunngleService - ok
01:59:01.0295 2452 [ E0A9B5B92097211A57FD16D27F2B3750 ] TVersityMediaServer C:\ProgramData\TVersity\Media Server\MediaServer.exe
01:59:01.0315 2452 TVersityMediaServer - ok
01:59:01.0332 2452 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
01:59:01.0334 2452 uagp35 - ok
01:59:01.0371 2452 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
01:59:01.0373 2452 UBHelper - ok
01:59:01.0387 2452 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:59:01.0390 2452 udfs - ok
01:59:01.0406 2452 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:59:01.0412 2452 UI0Detect - ok
01:59:01.0417 2452 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
01:59:01.0419 2452 uliagpkx - ok
01:59:01.0425 2452 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:59:01.0427 2452 umbus - ok
01:59:01.0442 2452 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
01:59:01.0443 2452 UmPass - ok
01:59:01.0494 2452 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
01:59:01.0501 2452 Updater Service - ok
01:59:01.0528 2452 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
01:59:01.0535 2452 upnphost - ok
01:59:01.0549 2452 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:59:01.0552 2452 usbccgp - ok
01:59:01.0558 2452 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
01:59:01.0560 2452 usbcir - ok
01:59:01.0571 2452 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:59:01.0573 2452 usbehci - ok
01:59:01.0605 2452 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:59:01.0610 2452 usbhub - ok
01:59:01.0628 2452 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
01:59:01.0630 2452 usbohci - ok
01:59:01.0649 2452 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:59:01.0651 2452 usbprint - ok
01:59:01.0671 2452 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:59:01.0673 2452 USBSTOR - ok
01:59:01.0683 2452 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:59:01.0685 2452 usbuhci - ok
01:59:01.0706 2452 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
01:59:01.0711 2452 UxSms - ok
01:59:01.0719 2452 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
01:59:01.0722 2452 VaultSvc - ok
01:59:01.0743 2452 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
01:59:01.0745 2452 vdrvroot - ok
01:59:01.0763 2452 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
01:59:01.0772 2452 vds - ok
01:59:01.0777 2452 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:59:01.0779 2452 vga - ok
01:59:01.0792 2452 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
01:59:01.0794 2452 VgaSave - ok
01:59:01.0809 2452 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
01:59:01.0813 2452 vhdmp - ok
01:59:01.0819 2452 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
01:59:01.0820 2452 viaide - ok
01:59:01.0837 2452 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
01:59:01.0839 2452 volmgr - ok
01:59:01.0848 2452 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:59:01.0852 2452 volmgrx - ok
01:59:01.0883 2452 [ C9D0EAF58D6BA71E128E715EA43AD87D ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
01:59:01.0889 2452 volsnap - ok
01:59:01.0909 2452 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
01:59:01.0913 2452 vsmraid - ok
01:59:01.0973 2452 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
01:59:01.0990 2452 VSS - ok
01:59:02.0012 2452 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
01:59:02.0014 2452 vwifibus - ok
01:59:02.0027 2452 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
01:59:02.0034 2452 W32Time - ok
01:59:02.0042 2452 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
01:59:02.0043 2452 WacomPen - ok
01:59:02.0066 2452 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:59:02.0068 2452 WANARP - ok
01:59:02.0072 2452 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:59:02.0074 2452 Wanarpv6 - ok
01:59:02.0109 2452 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
01:59:02.0123 2452 wbengine - ok
01:59:02.0130 2452 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:59:02.0133 2452 WbioSrvc - ok
01:59:02.0141 2452 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:59:02.0146 2452 wcncsvc - ok
01:59:02.0158 2452 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:59:02.0162 2452 WcsPlugInService - ok
01:59:02.0166 2452 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
01:59:02.0167 2452 Wd - ok
01:59:02.0193 2452 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:59:02.0197 2452 Wdf01000 - ok
01:59:02.0202 2452 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:59:02.0205 2452 WdiServiceHost - ok
01:59:02.0209 2452 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:59:02.0212 2452 WdiSystemHost - ok
01:59:02.0221 2452 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
01:59:02.0225 2452 WebClient - ok
01:59:02.0237 2452 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:59:02.0242 2452 Wecsvc - ok
01:59:02.0249 2452 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:59:02.0253 2452 wercplsupport - ok
01:59:02.0279 2452 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:59:02.0283 2452 WerSvc - ok
01:59:02.0294 2452 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:59:02.0296 2452 WfpLwf - ok
01:59:02.0315 2452 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:59:02.0316 2452 WIMMount - ok
01:59:02.0323 2452 WinHttpAutoProxySvc - ok
01:59:02.0393 2452 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:59:02.0398 2452 Winmgmt - ok
01:59:02.0438 2452 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
01:59:02.0451 2452 WinRM - ok
01:59:02.0517 2452 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:59:02.0521 2452 WinUsb - ok
01:59:02.0568 2452 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
01:59:02.0585 2452 Wlansvc - ok
01:59:02.0595 2452 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
01:59:02.0597 2452 WmiAcpi - ok
01:59:02.0620 2452 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:59:02.0621 2452 wmiApSrv - ok
01:59:02.0639 2452 WMPNetworkSvc - ok
01:59:02.0646 2452 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:59:02.0650 2452 WPCSvc - ok
01:59:02.0661 2452 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:59:02.0664 2452 WPDBusEnum - ok
01:59:02.0674 2452 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:59:02.0676 2452 ws2ifsl - ok
01:59:02.0679 2452 WSearch - ok
01:59:02.0698 2452 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:59:02.0699 2452 WudfPf - ok
01:59:02.0717 2452 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:59:02.0719 2452 WUDFRd - ok
01:59:02.0736 2452 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:59:02.0748 2452 wudfsvc - ok
01:59:02.0770 2452 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
01:59:02.0774 2452 WwanSvc - ok
01:59:02.0837 2452 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
01:59:02.0850 2452 xnacc - ok
01:59:02.0896 2452 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
01:59:02.0899 2452 xusb21 - ok
01:59:02.0920 2452 ================ Scan global ===============================
01:59:02.0940 2452 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:59:02.0957 2452 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
01:59:02.0969 2452 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
01:59:02.0987 2452 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:59:03.0009 2452 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
01:59:03.0014 2452 [Global] - ok
01:59:03.0014 2452 ================ Scan MBR ==================================
01:59:03.0028 2452 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:59:03.0279 2452 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
01:59:03.0279 2452 \Device\Harddisk0\DR0 - detected TDSS File System (1)
01:59:03.0280 2452 ================ Scan VBR ==================================
01:59:03.0285 2452 [ 8FCB913565D613FE1464800FDD93CA5A ] \Device\Harddisk0\DR0\Partition1
01:59:03.0287 2452 \Device\Harddisk0\DR0\Partition1 - ok
01:59:03.0321 2452 [ 908AB51FEFD7A98421974CF0193EAB29 ] \Device\Harddisk0\DR0\Partition2
01:59:03.0323 2452 \Device\Harddisk0\DR0\Partition2 - ok
01:59:03.0324 2452 ============================================================
01:59:03.0324 2452 Scan finished
01:59:03.0324 2452 ============================================================
01:59:03.0349 2876 Detected object count: 1
01:59:03.0349 2876 Actual detected object count: 1
01:59:21.0207 2876 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
01:59:21.0207 2876 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


aswMBR
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-23 02:04:26
-----------------------------
02:04:26.903 OS Version: Windows x64 6.1.7600
02:04:26.903 Number of processors: 4 586 0x100
02:04:26.904 ComputerName: NEW-PUTER UserName: Ray
02:04:29.756 Initialize success
02:04:30.584 AVAST engine defs: 12102201
02:04:47.446 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-5
02:04:47.451 Disk 0 Vendor: WDC_WD10EADS-00M2B0 01.00A01 Size: 953869MB BusType: 3
02:04:47.471 Disk 0 MBR read successfully
02:04:47.477 Disk 0 MBR scan
02:04:47.485 Disk 0 Windows 7 default MBR code
02:04:47.492 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
02:04:47.507 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
02:04:47.526 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 938407 MB offset 31664128
02:04:47.552 Disk 0 scanning C:\Windows\system32\drivers
02:04:55.885 Service scanning
02:05:07.652 Modules scanning
02:05:07.672 Disk 0 trace - called modules:
02:05:07.689 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
02:05:07.698 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800778f060]
02:05:07.705 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa80073aee40]
02:05:07.710 5 ACPI.sys[fffff88000ef5781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T1L0-5[0xfffffa80074da060]
02:05:09.634 AVAST engine scan C:\Windows
02:05:13.368 AVAST engine scan C:\Windows\system32
02:07:12.051 AVAST engine scan C:\Windows\system32\drivers
02:07:35.187 AVAST engine scan C:\Users\Ray
02:14:24.099 AVAST engine scan C:\ProgramData
02:15:11.996 Scan finished successfully
02:15:23.151 Disk 0 MBR has been saved successfully to "C:\Users\Ray\Desktop\Virus Kill\MBR.dat"
02:15:23.176 The log file has been saved successfully to "C:\Users\Ray\Desktop\Virus Kill\aswMBR.txt"


ESET online scanner
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5Z4SUFPE\kitty-goes-crazy-for-laser[1].txt HTML/ScrInject.B.Gen virus deleted - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:44 PM

Posted 23 October 2012 - 03:29 AM

Run TDSSkiller again and select DELETE

01:59:21.0207 2876 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 SicBoi

SicBoi
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 23 October 2012 - 10:59 AM

Malwarebytes
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.23.05

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Ray :: NEW-PUTER [administrator]

10/23/2012 10:07:40 AM
mbam-log-2012-10-23 (10-07-40).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 375354
Time elapsed: 31 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


mini toolbox
MiniToolBox by Farbar Version: 23-07-2012
Ran by Ray (administrator) on 23-10-2012 at 09:48:39
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost








































































































































































































64.27.10.42 www.google-analytics.com.
64.27.10.42 ad-emea.doubleclick.net.
64.27.10.42 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : New-puter
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Blind

Ethernet adapter Tunngle:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)
Physical Address. . . . . . . . . : 00-FF-DA-BF-97-EF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Blind
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : C8-60-00-89-69-12
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cd12:e3f9:3f73:cb4f%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, October 22, 2012 10:00:14 PM
Lease Expires . . . . . . . . . . : Friday, November 29, 2148 4:17:01 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 248012800
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-5C-20-35-C8-60-00-89-69-12
DNS Servers . . . . . . . . . . . : 192.168.2.1
192.168.2.2
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Blind:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.2.1

Name: google.com.Blind
Address: 72.215.225.9


Pinging google.com [74.125.224.198] with 32 bytes of data:
Reply from 74.125.224.198: bytes=32 time=55ms TTL=52
Reply from 74.125.224.198: bytes=32 time=50ms TTL=53

Ping statistics for 74.125.224.198:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 55ms, Average = 52ms
Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com.Blind
Address: 72.215.225.9


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=546ms TTL=52
Reply from 98.139.183.24: bytes=32 time=546ms TTL=52

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 546ms, Maximum = 546ms, Average = 546ms
Server: UnKnown
Address: 192.168.2.1

Name: bleepingcomputer.com.Blind
Address: 72.215.225.9


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 ff da bf 97 ef ......TAP-Win32 Adapter V9 (Tunngle)
11...c8 60 00 89 69 12 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.6 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.6 276
192.168.2.6 255.255.255.255 On-link 192.168.2.6 276
192.168.2.255 255.255.255.255 On-link 192.168.2.6 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.6 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.6 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::cd12:e3f9:3f73:cb4f/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/23/2012 03:07:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/23/2012 02:17:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/23/2012 02:16:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/22/2012 04:48:03 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/22/2012 04:48:03 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/21/2012 06:52:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/21/2012 06:52:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/21/2012 06:52:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/21/2012 06:52:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/21/2012 06:52:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (10/23/2012 00:21:20 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/23/2012 00:21:20 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/23/2012 00:21:19 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/23/2012 00:21:19 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/22/2012 11:22:31 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/22/2012 11:22:31 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/22/2012 11:22:30 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/22/2012 11:22:30 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/22/2012 11:17:48 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/22/2012 11:17:48 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

µTorrent (Version: 3.2.1.28086)
2007 Microsoft Office Suite Service Pack 2 (SP2)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader 9.2 MUI (Version: 9.2.0)
Advertising Center (Version: 0.0.0.2)
AMD APP SDK Runtime (Version: 2.4.650.9)
ATI Catalyst Install Manager (Version: 3.0.829.0)
avast! Free Antivirus (Version: 7.0.1466.0)
Backup Manager Advance (Version: 2.0.2.19)
Borderlands 2
CDisplayEx 1.8
Choice Guard (Version: 1.2.87.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.4518.1014)
DAEMON Tools Lite (Version: 4.45.4.0315)
DC++ 0.801 (Version: 0.801)
Dishonored
Dropbox (Version: 1.4.7)
ESET Online Scanner v3
FTL version 1.01 (Version: 1.01)
Gateway Games (Version: 1.0.0.71)
Gateway InfoCentre (Version: 3.02.3000)
Gateway MyBackup (Version: 2.0.2.19)
Gateway Photo Frame 4.2.3.10 (Version: 4.2.3.10)
Gateway Recovery Management (Version: 4.05.3002)
Gateway Registration (Version: 1.02.3004)
Gateway ScreenSaver (Version: 1.1.0812)
Gateway Updater (Version: 1.01.3014)
Google Chrome (Version: 22.0.1229.94)
Google Update Helper (Version: 1.3.21.123)
Identity Card (Version: 1.00.3001)
ImagXpress (Version: 7.0.74.0)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 14.0.8064.206)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Matroska Pack
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (Version: 3.5.0.0)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
MSVCRT (Version: 14.0.1468.721)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.7.201)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.7.201)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.9.100)
Nero InfoTool (Version: 6.4.7.201)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.8.1)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.11.209)
Nero StartSmart Help (Version: 9.4.1.100)
Nero StartSmart OEM (Version: 9.4.10.100)
NeroExpress (Version: 9.4.10.505)
neroxml (Version: 1.0.0)
NVIDIA 3D Vision Controller Driver (Version: 275.33)
NVIDIA 3D Vision Controller Driver 275.33 (Version: 275.33)
NVIDIA 3D Vision Driver 275.33 (Version: 275.33)
NVIDIA Control Panel 275.33 (Version: 275.33)
NVIDIA Graphics Driver 275.33 (Version: 275.33)
NVIDIA HD Audio Driver 1.2.23.3 (Version: 1.2.23.3)
NVIDIA Install Application (Version: 2.275.80.0)
NVIDIA PhysX (Version: 9.11.1111)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.7533)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
OpenAL
PAYDAY: The Heist
Realtek Ethernet Controller Driver (Version: 7.48.823.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6446)
Sleeping Dogs version 1.4 (Version: 1.4)
Spotify (Version: 0.8.4.124.ga3559d86)
Spybot - Search & Destroy (Version: 1.6.2)
Star Trek Online
Steam (Version: 1.0.0.0)
System Requirements Lab (Version: 4.5.1.0)
System Requirements Lab CYRI (Version: 4.5.1.0)
Tunngle beta
TVersity Codec Pack 1.4 (Version: 1.4)
TVersity Media Server 1.9.3 (Version: 1.9.3)
Update for 2007 Microsoft Office System (KB967642)
VLC media player 2.0.3 (Version: 2.0.3)
Welcome Center (Version: 1.00.3005)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Mail (Version: 14.0.8064.0206)
Windows Live Messenger (Version: 14.0.8064.0206)
Windows Live Photo Gallery (Version: 14.0.8064.206)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8064.0206)
WinRAR 4.20 beta 3 (64-bit) (Version: 4.20.3)
WinZip 16.0 (Version: 16.0.9715)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 8171.49 MB
Available physical RAM: 4703.62 MB
Total Pagefile: 16341.13 MB
Available Pagefile: 12567.06 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.1 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:916.41 GB) (Free:613.83 GB) NTFS
8 Drive k: (Borderlands 2) (CDROM) (Total:7.14 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\NEW-PUTER

Administrator Guest Ray
UpdatusUser

========================= Restore Points ==================================

22-10-2012 14:19:37 Device Driver Package Install: TAP-Win32 Provider V9 (Tunngle) Network adapters
23-10-2012 13:24:00 Installed DirectX

**** End of log ****


FSS
Farbar Service Scanner Version: 19-10-2012
Ran by Ray (administrator) on 23-10-2012 at 09:53:11
Running from "C:\Users\Ray\Desktop\Virus Kill"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2009-07-13 18:25] - [2009-07-13 20:45] - 1898576 ____A (Microsoft Corporation) 912107716BAB424C7870E8E6AF5E07E1

C:\Windows\System32\dnsrslvr.dll
[2009-07-13 18:21] - [2009-07-13 20:40] - 0182272 ____A (Microsoft Corporation) 676108C4E3AA6F6B34633748BD0BEBD9

C:\Windows\System32\mpssvc.dll
[2009-07-13 19:09] - [2009-07-13 20:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 18:36] - [2009-07-13 20:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-13 19:36] - [2009-07-13 20:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


adware cleaner
# AdwCleaner v2.005 - Logfile created 10/23/2012 at 09:56:55
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Ray - NEW-PUTER
# Boot Mode : Normal
# Running from : C:\Users\Ray\Desktop\Virus Kill\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Partner
Deleted on reboot : C:\Users\Ray\AppData\Local\Temp\avg@toolbar
Deleted on reboot : C:\Users\Ray\AppData\Local\Temp\boost_interprocess
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (en-US)

Profile name : default
File : C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\3zlczz57.default\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bfa340324-0d73-4392-b588-7e376355023e%[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Ray\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.11] : homepage = "hxxp://isearch.avg.com/?cid={7DA0E4C6-3A75-4E8A-8C32-BEEDAF3C2151}&mid=a4fc4842e96747d090381929466d80e1-6c74ab5f6e6dcba028600abcbe5ed17f9fe3529f&lang=en&ds=ft011&pr=sa&d=2012-06-1521:40:02&v=11.1.0.12&sap=hp",
Deleted [l.15] : urls_to_restore_on_startup = [ "hxxp://isearch.avg.com/?cid={7DA0E4C6-3A75-4E8A-8C32-BEEDAF3C2151}&mid=a4fc4842e96747d090381929466d80e1-6c74ab5f6e6dcba028600abcbe5ed17f9fe3529f&lang=en&ds=ft011&pr=sa&d=2012-06-15 21:40:02&v=11.1.0.12&sap=hp" ]
Deleted [l.1415] : homepage = "hxxp://isearch.avg.com/?cid={7DA0E4C6-3A75-4E8A-8C32-BEEDAF3C2151}&mid=a4fc4842e96747d090381929466d80e1-6c74ab5f6e6dcba028600abcbe5ed17f9fe3529f&lang=en&ds=ft011&pr=sa&d=2012-06-1521:40:02&v=11.1.0.12&sap=hp",
Deleted [l.1779] : urls_to_restore_on_startup = [ "hxxp://isearch.avg.com/?cid={7DA0E4C6-3A75-4E8A-8C32-BEEDAF3C2151}&mid=a4fc4842e96747d090381929466d80e1-6c74ab5f6e6dcba028600abcbe5ed17f9fe3529f&lang=en&ds=ft011&pr=sa&d=2012-06-15 21:40:02&v=11.1.0.12&sap=hp" ]

*************************

AdwCleaner[S1].txt - [4087 octets] - [23/10/2012 09:56:55]

########## EOF - C:\AdwCleaner[S1].txt - [4147 octets] ##########


junkware removal tool
Junkware Removal Tool (JRT) by Thisisu
Version: 1.2.1 (10.23.2012)
OS: Windows 7 Home Premium x64
Ran by Ray on Tue 10/23/2012 at 10:44:17.78
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files:

Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Tue 10/23/2012 at 10:58:47.86
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:44 PM

Posted 23 October 2012 - 11:40 AM

Click on startmenu and type

cmd

right click on it and select run as administrator

Now copy following commands and press ENTER one by one

cd C:\windows\system32\drivers\etc
takeown /a /f hosts
cacls hosts /p everyone:f


Press Y

attrib -s -h -r hosts

After running these commands

Download

Hosts fixit

Run it,restart the PC

Now launch mini toolbox and checkmark hosts contents alone and post the new log


Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 SicBoi

SicBoi
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 24 October 2012 - 06:48 AM

mini toolbox
MiniToolBox by Farbar Version: 23-07-2012
Ran by Ray (administrator) on 24-10-2012 at 06:30:24
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

# ::1 localhost


**** End of log ****


FSS
Farbar Service Scanner Version: 19-10-2012
Ran by Ray (administrator) on 24-10-2012 at 06:38:25
Running from "C:\Users\Ray\Desktop\Virus Kill"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2009-07-13 18:25] - [2009-07-13 20:45] - 1898576 ____A (Microsoft Corporation) 912107716BAB424C7870E8E6AF5E07E1

C:\Windows\System32\dnsrslvr.dll
[2009-07-13 18:21] - [2009-07-13 20:40] - 0182272 ____A (Microsoft Corporation) 676108C4E3AA6F6B34633748BD0BEBD9

C:\Windows\System32\mpssvc.dll
[2009-07-13 19:09] - [2009-07-13 20:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 18:36] - [2009-07-13 20:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-13 19:36] - [2009-07-13 20:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


rkill
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/24/2012 06:39:57 AM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\ProgramData\TVersity\Media Server\MediaServer.exe (PID: 1432) [AU-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Ray\Desktop\rkill\rkill-10-24-2012-06-40-02.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
* HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-18\$6ebd384b26f9b05842477340e903d186\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$6ebd384b26f9b05842477340e903d186\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$6ebd384b26f9b05842477340e903d186\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$6ebd384b26f9b05842477340e903d186\L\00000004.@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$6ebd384b26f9b05842477340e903d186\L\201d3dde [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$6ebd384b26f9b05842477340e903d186\U\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-1949116141-2700493025-136547283-1000\$6ebd384b26f9b05842477340e903d186\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-1949116141-2700493025-136547283-1000\$6ebd384b26f9b05842477340e903d186\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-21-1949116141-2700493025-136547283-1000\$6ebd384b26f9b05842477340e903d186\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-1949116141-2700493025-136547283-1000\$6ebd384b26f9b05842477340e903d186\U\ [ZA Dir]

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/24/2012 06:40:10 AM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)


autoruns
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "XboxStat" "XBoxStat.exe" "Microsoft Corporation" "c:\program files\microsoft xbox 360 accessories\xboxstat.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
"C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "" "" "c:\users\ray\appdata\roaming\microsoft\windows\start menu\programs\startup\dropbox.lnk"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
+ "Spotify Web Helper" "" "" "c:\users\ray\appdata\roaming\spotify\data\spotifywebhelper.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
+ "Steam" "Steam" "Valve Corporation" "c:\program files (x86)\steam\steam.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ray\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ray\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ray\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ray\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ray\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ray\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ray\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ray\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ray\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ray\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "TunngleService" "Tunngle Service" "Tunngle.net GmbH" "c:\program files (x86)\tunngle\tnglctrl.exe"
+ "TVersityMediaServer" "The Windows service of the TVersity Media Server software." "" "c:\programdata\tversity\media server\mediaserver.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "e1yexpress" "Intel® Gigabit Network Connection NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1y62x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NewTech Infosystems, Inc." "c:\windows\system32\drivers\ntidrvr.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 275.33 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "tap0901t" "TAP-Win32 Virtual Network Driver" "Tunngle.net" "c:\windows\system32\drivers\tap0901t.sys"
+ "UBHelper" "NTI CDROM Filter Driver" "NewTech Infosystems Corporation" "c:\windows\system32\drivers\ubhelper.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Haali Matroska Muxer" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Media Splitter" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Media Splitter (AR)" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Simple Media Splitter" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Video Renderer" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\dxr.x64.dll"
+ "Haali Video Sink" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CoreFLAC Audio Decoder" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\CoreFLACDecoder.ax"
+ "CoreFLAC Audio Source" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\CoreFLACDecoder.ax"
+ "DirectVobSub" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\VSFilter.dll"
+ "DirectVobSub (auto-loading version)" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\VSFilter.dll"
+ "FLV Source" "FLV Splitter" "Gabest" "c:\program files (x86)\tversity codec pack\flvsplitter.ax"
+ "FLV Splitter" "FLV Splitter" "Gabest" "c:\program files (x86)\tversity codec pack\flvsplitter.ax"
+ "FLV4 Video Decoder" "FLV Splitter" "Gabest" "c:\program files (x86)\tversity codec pack\flvsplitter.ax"
+ "GPL MPEG-1/2 Decoder" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\GplMpgDec.ax"
+ "Haali Media Splitter (AR)" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.ax"
+ "Haali Simple Media Splitter" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.ax"
+ "Haali Video Renderer" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\dxr.dll"
+ "Haali Video Sink" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.ax"
+ "Matroska Muxer" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\MatroskaMuxer.ax"
+ "MP4 Source" "MP4 Splitter" "Gabest" "c:\program files (x86)\tversity codec pack\mp4splitter.ax"
+ "MP4 Splitter" "MP4 Splitter" "Gabest" "c:\program files (x86)\tversity codec pack\mp4splitter.ax"
+ "Mpa Source" "Mpa Splitter" "Gabest" "c:\program files (x86)\tversity codec pack\mpasplitter.ax"
+ "Mpa Splitter" "Mpa Splitter" "Gabest" "c:\program files (x86)\tversity codec pack\mpasplitter.ax"
+ "Mpeg Source" "Mpeg Splitter" "Gabest" "c:\program files (x86)\tversity codec pack\mpegsplitter.ax"
+ "Mpeg Splitter" "Mpeg Splitter" "Gabest" "c:\program files (x86)\tversity codec pack\mpegsplitter.ax"
+ "MPEG4 Video Source" "MP4 Splitter" "Gabest" "c:\program files (x86)\tversity codec pack\mp4splitter.ax"
+ "MPEG4 Video Splitter" "MP4 Splitter" "Gabest" "c:\program files (x86)\tversity codec pack\mp4splitter.ax"
+ "RealAudio Decoder" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\RealMediaSplitter.ax"
+ "RealMedia Source" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\RealMediaSplitter.ax"
+ "RealMedia Splitter" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\RealMediaSplitter.ax"
+ "RealVideo Decoder" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\RealMediaSplitter.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "True Audio Decoder" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\TTADSDecoder.ax"
+ "True Audio Splitter" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\TTADSSplitter.ax"
+ "WavPack Audio Decoder" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\WavPackDSDecoder.ax"
+ "WavPack Audio Splitter" "" "" "File not found: C:\Program Files (x86)\Matroska Pack\WavPackDSSplitter.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:44 PM

Posted 24 October 2012 - 09:25 AM

Now run RKILL given in previous instructions and post the new log

Edited by narenxp, 24 October 2012 - 09:35 AM.


#9 SicBoi

SicBoi
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 24 October 2012 - 09:33 AM

rkill
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/24/2012 09:31:49 AM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/24/2012 09:31:54 AM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:44 PM

Posted 24 October 2012 - 09:36 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#11 SicBoi

SicBoi
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 24 October 2012 - 09:54 AM

Thanks for the help. Keep up the good work.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:44 PM

Posted 24 October 2012 - 09:55 AM

You're welcome :)

#13 lewjcoolj

lewjcoolj

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 08 January 2013 - 04:32 PM

hey, new user here since seeing this thread

I have an identical problem to the one SicBoi described, pop ups in the bottom corners of my browser (some transparent) and rare link redirects. I also have ran alot of full system scans all which have come up clean.

Another problem, which i now think may be related is that my screen decides to lose signal sometimes. it works if i boot up safe mode and i can usually remedy it by disabling my graphics drivers and reinstalling them. although the problem seems to persist after a bunch of different and updated drivers.

i was wondering whether i could follow these instructions and whether they would be helpful to me?

Thanks!!

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:44 PM

Posted 09 January 2013 - 08:19 AM

Hi lewjcoolj

For pop ups issue you need to create a new topic here

http://www.bleepingcomputer.com/forums/forum103.html/

For display drivers issue start a topic here

http://www.bleepingcomputer.com/forums/forum76.html




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users