Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help with google redirect virus!


  • Please log in to reply
7 replies to this topic

#1 Geo M

Geo M

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 23 October 2012 - 05:32 PM

Hey guys. Just wanted to see if I could get some help with regards to this google redirect virus that has infected my computer. It seems to be redirecting my google search results as well as bing. Anyway, I've browsed this forum for threads with similar issues but have had no success. I've also scanned with norton, ad-aware and malwarebytes but they don't find anything. I want to get this fixed so I won't have to reformat my laptop as I have lots of data and software installed.

Well, I hope someone can help me. Thanks!

Edit: Moved topic from Vista to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:56 PM

Posted 23 October 2012 - 07:34 PM

Hello and welcome,lets do these next and see how it is.

Please Download

TDSSkiller


Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

>>>>>>>


Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

>>>>>

Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Geo M

Geo M
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 26 October 2012 - 04:58 PM

Hey thanks for the reply. Ok here is the TDSSKiller log. I'll post the other logs soon.

16:52:37.0784 2208  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
16:52:38.0120 2208  ============================================================
16:52:38.0120 2208  Current date / time: 2012/10/26 16:52:38.0120
16:52:38.0120 2208  SystemInfo:
16:52:38.0120 2208  
16:52:38.0120 2208  OS Version: 6.0.6002 ServicePack: 2.0
16:52:38.0120 2208  Product type: Workstation
16:52:38.0120 2208  ComputerName: GEO-XPS1640
16:52:38.0120 2208  UserName: Geo
16:52:38.0120 2208  Windows directory: C:\Windows
16:52:38.0120 2208  System windows directory: C:\Windows
16:52:38.0120 2208  Running under WOW64
16:52:38.0120 2208  Processor architecture: Intel x64
16:52:38.0121 2208  Number of processors: 2
16:52:38.0121 2208  Page size: 0x1000
16:52:38.0121 2208  Boot type: Normal boot
16:52:38.0121 2208  ============================================================
16:52:39.0616 2208  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:52:39.0621 2208  ============================================================
16:52:39.0621 2208  \Device\Harddisk0\DR0:
16:52:39.0622 2208  MBR partitions:
16:52:39.0622 2208  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x4E800, BlocksNum 0x1E00000
16:52:39.0622 2208  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E4E800, BlocksNum 0x38537000
16:52:39.0622 2208  ============================================================
16:52:39.0655 2208  C: <-> \Device\Harddisk0\DR0\Partition2
16:52:39.0682 2208  D: <-> \Device\Harddisk0\DR0\Partition1
16:52:39.0682 2208  ============================================================
16:52:39.0682 2208  Initialize success
16:52:39.0682 2208  ============================================================
16:53:22.0327 18468  ============================================================
16:53:22.0327 18468  Scan started
16:53:22.0327 18468  Mode: Manual; TDLFS; 
16:53:22.0327 18468  ============================================================
16:53:22.0707 18468  ================ Scan system memory ========================
16:53:22.0707 18468  System memory - ok
16:53:22.0707 18468  ================ Scan services =============================
16:53:22.0867 18468  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
16:53:22.0877 18468  ACPI - ok
16:53:23.0007 18468  [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:53:23.0007 18468  AdobeFlashPlayerUpdateSvc - ok
16:53:23.0087 18468  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:53:23.0097 18468  adp94xx - ok
16:53:23.0117 18468  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:53:23.0127 18468  adpahci - ok
16:53:23.0137 18468  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
16:53:23.0147 18468  adpu160m - ok
16:53:23.0157 18468  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:53:23.0167 18468  adpu320 - ok
16:53:23.0277 18468  [ 9EABD21316CCF59E508BD4662AD02843 ] AdvancedSystemCareService C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
16:53:23.0277 18468  AdvancedSystemCareService - ok
16:53:23.0297 18468  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:53:23.0297 18468  AeLookupSvc - ok
16:53:23.0417 18468  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
16:53:23.0427 18468  AESTFilters - ok
16:53:23.0517 18468  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
16:53:23.0517 18468  AFD - ok
16:53:23.0597 18468  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:53:23.0597 18468  agp440 - ok
16:53:23.0667 18468  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
16:53:23.0667 18468  aic78xx - ok
16:53:23.0687 18468  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
16:53:23.0687 18468  ALG - ok
16:53:23.0697 18468  [ 9544C2C55541C0C6BFD7B489D0E7D430 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:53:23.0697 18468  aliide - ok
16:53:23.0767 18468  [ 9A5495EDEBE7D6B3F7E9A86EBE5EA248 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:53:23.0777 18468  AMD External Events Utility - ok
16:53:23.0797 18468  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
16:53:23.0797 18468  amdide - ok
16:53:23.0817 18468  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:53:23.0817 18468  AmdK8 - ok
16:53:23.0927 18468  [ 375640F39F2D613B6FDCF8C2F956205A ] Apache2.2       C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
16:53:23.0937 18468  Apache2.2 - ok
16:53:24.0017 18468  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
16:53:24.0017 18468  Appinfo - ok
16:53:24.0117 18468  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:53:24.0117 18468  Apple Mobile Device - ok
16:53:24.0177 18468  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
16:53:24.0177 18468  arc - ok
16:53:24.0247 18468  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:53:24.0247 18468  arcsas - ok
16:53:24.0317 18468  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:53:24.0327 18468  aspnet_state - ok
16:53:24.0367 18468  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:53:24.0367 18468  AsyncMac - ok
16:53:24.0387 18468  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:53:24.0387 18468  atapi - ok
16:53:24.0397 18468  atashost - ok
16:53:24.0457 18468  [ 6309D37A01E04EB01A6C15AC87EC8294 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
16:53:24.0457 18468  AtiHdmiService - ok
16:53:24.0597 18468  [ A08339AE90972E268B9622C668F450E8 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:53:24.0687 18468  atikmdag - ok
16:53:24.0757 18468  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:53:24.0757 18468  AudioEndpointBuilder - ok
16:53:24.0767 18468  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:53:24.0767 18468  AudioSrv - ok
16:53:24.0867 18468  [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:53:24.0867 18468  BBSvc - ok
16:53:24.0897 18468  Beep - ok
16:53:24.0947 18468  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll
16:53:24.0957 18468  BFE - ok
16:53:25.0147 18468  [ 652F4D186325B69FFE80EE18AE9ACC77 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20121005.002\BHDrvx64.sys
16:53:25.0167 18468  BHDrvx64 - ok
16:53:25.0237 18468  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\system32\qmgr.dll
16:53:25.0267 18468  BITS - ok
16:53:25.0297 18468  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
16:53:25.0297 18468  blbdrive - ok
16:53:25.0397 18468  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:53:25.0397 18468  Bonjour Service - ok
16:53:25.0427 18468  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:53:25.0427 18468  bowser - ok
16:53:25.0477 18468  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
16:53:25.0477 18468  BrFiltLo - ok
16:53:25.0497 18468  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
16:53:25.0497 18468  BrFiltUp - ok
16:53:25.0547 18468  [ 71142FA02068CB93C9319417737C915D ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
16:53:25.0557 18468  Bridge - ok
16:53:25.0557 18468  [ 71142FA02068CB93C9319417737C915D ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
16:53:25.0557 18468  BridgeMP - ok
16:53:25.0657 18468  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
16:53:25.0657 18468  Browser - ok
16:53:25.0707 18468  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
16:53:25.0707 18468  Brserid - ok
16:53:25.0727 18468  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
16:53:25.0727 18468  BrSerWdm - ok
16:53:25.0737 18468  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
16:53:25.0737 18468  BrUsbMdm - ok
16:53:25.0757 18468  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
16:53:25.0757 18468  BrUsbSer - ok
16:53:25.0817 18468  [ 09F926A0D9C0BAFD8417A4307D2ED13C ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
16:53:25.0827 18468  BthEnum - ok
16:53:25.0867 18468  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:53:25.0877 18468  BTHMODEM - ok
16:53:25.0927 18468  [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:53:25.0927 18468  BthPan - ok
16:53:25.0997 18468  [ E1466882252FF51EDDE48C3F7EDA2591 ] BthPort         C:\Windows\system32\Drivers\BTHport.sys
16:53:26.0017 18468  BthPort - ok
16:53:26.0077 18468  [ 22E65FFD640F16968F855F5B3528D366 ] BthServ         C:\Windows\System32\bthserv.dll
16:53:26.0077 18468  BthServ - ok
16:53:26.0107 18468  [ 970192CDED77A128E7E30722E5EE6B9C ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
16:53:26.0107 18468  BTHUSB - ok
16:53:26.0127 18468  [ 319C67F7D157EAAC519DCC5F29E929D0 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
16:53:26.0127 18468  btwaudio - ok
16:53:26.0137 18468  [ 0B79273C8C2846D28AAB936E7A2DBAAD ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
16:53:26.0147 18468  btwavdt - ok
16:53:26.0187 18468  [ 6C32A638EE80FD832418CE78E516FFA1 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
16:53:26.0207 18468  btwdins - ok
16:53:26.0277 18468  [ FDA1B5124E07003C3D0D279E5050485E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
16:53:26.0277 18468  btwl2cap - ok
16:53:26.0327 18468  [ 47216D8B5F4042E6D0736BFA2E57B5DF ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
16:53:26.0327 18468  btwrchid - ok
16:53:26.0327 18468  catchme - ok
16:53:26.0347 18468  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:53:26.0347 18468  cdfs - ok
16:53:26.0407 18468  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:53:26.0407 18468  cdrom - ok
16:53:26.0487 18468  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:53:26.0487 18468  CertPropSvc - ok
16:53:26.0507 18468  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:53:26.0507 18468  circlass - ok
16:53:26.0537 18468  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
16:53:26.0547 18468  CLFS - ok
16:53:26.0597 18468  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:53:26.0597 18468  clr_optimization_v2.0.50727_32 - ok
16:53:26.0647 18468  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:53:26.0647 18468  clr_optimization_v2.0.50727_64 - ok
16:53:26.0747 18468  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:53:26.0757 18468  clr_optimization_v4.0.30319_32 - ok
16:53:26.0773 18468  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:53:26.0773 18468  clr_optimization_v4.0.30319_64 - ok
16:53:26.0866 18468  [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:53:26.0866 18468  CmBatt - ok
16:53:26.0882 18468  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:53:26.0882 18468  cmdide - ok
16:53:26.0897 18468  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:53:26.0913 18468  Compbatt - ok
16:53:26.0913 18468  COMSysApp - ok
16:53:26.0913 18468  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:53:26.0913 18468  crcdisk - ok
16:53:26.0975 18468  [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:53:26.0991 18468  CryptSvc - ok
16:53:27.0022 18468  [ FC1F55BA03832FBB0DAF965F746C47BB ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:53:27.0022 18468  CtClsFlt - ok
16:53:27.0053 18468  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:53:27.0069 18468  DcomLaunch - ok
16:53:27.0147 18468  [ 2AB40D0F2C34549604C75DC0B54451E7 ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
16:53:27.0163 18468  DefaultTabSearch - ok
16:53:27.0287 18468  [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\Geo\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
16:53:27.0287 18468  DefaultTabUpdate - ok
16:53:27.0319 18468  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:53:27.0334 18468  DfsC - ok
16:53:27.0428 18468  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
16:53:27.0490 18468  DFSR - ok
16:53:27.0568 18468  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
16:53:27.0568 18468  Dhcp - ok
16:53:27.0584 18468  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
16:53:27.0599 18468  disk - ok
16:53:27.0662 18468  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:53:27.0662 18468  Dnscache - ok
16:53:27.0755 18468  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
16:53:27.0755 18468  DockLoginService - ok
16:53:27.0787 18468  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:53:27.0787 18468  dot3svc - ok
16:53:27.0849 18468  [ 74C02B1717740C3B8039539E23E4B53F ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
16:53:27.0849 18468  Dot4 - ok
16:53:27.0865 18468  [ 08321D1860235BF42CF2854234337AEA ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:53:27.0865 18468  Dot4Print - ok
16:53:27.0896 18468  [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
16:53:27.0896 18468  dot4usb - ok
16:53:27.0943 18468  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
16:53:27.0943 18468  DPS - ok
16:53:28.0021 18468  [ 2489534FAF912FEE937812A21CD4BFC2 ] DragonSvc       C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
16:53:28.0036 18468  DragonSvc - ok
16:53:28.0145 18468  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:53:28.0145 18468  drmkaud - ok
16:53:28.0301 18468  [ 0BB913F9F02677BD4AE96D4967CACFEE ] dsl-db          C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
16:53:28.0395 18468  dsl-db - ok
16:53:28.0473 18468  [ 5D0A71316D6BFEA3C88C30AD81FDB606 ] dsl-fs-sync     C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
16:53:28.0473 18468  dsl-fs-sync - ok
16:53:28.0504 18468  [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:53:28.0535 18468  DXGKrnl - ok
16:53:28.0567 18468  [ 17D40652EF3E55EEAE187A89DF40965A ] e1express       C:\Windows\system32\DRIVERS\e1e6032e.sys
16:53:28.0582 18468  e1express - ok
16:53:28.0598 18468  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
16:53:28.0598 18468  E1G60 - ok
16:53:28.0613 18468  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
16:53:28.0629 18468  EapHost - ok
16:53:28.0676 18468  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
16:53:28.0676 18468  Ecache - ok
16:53:28.0769 18468  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:53:28.0785 18468  eeCtrl - ok
16:53:28.0832 18468  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:53:28.0847 18468  ehRecvr - ok
16:53:28.0863 18468  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
16:53:28.0863 18468  ehSched - ok
16:53:28.0879 18468  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
16:53:28.0879 18468  ehstart - ok
16:53:28.0894 18468  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:53:28.0910 18468  elxstor - ok
16:53:28.0941 18468  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
16:53:28.0941 18468  EMDMgmt - ok
16:53:28.0972 18468  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:53:28.0972 18468  EraserUtilRebootDrv - ok
16:53:28.0988 18468  [ 991FAB6AA066E1214EFB5B496FB7959A ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:53:28.0988 18468  ErrDev - ok
16:53:29.0081 18468  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
16:53:29.0097 18468  EventSystem - ok
16:53:29.0206 18468  [ 87C42A7743B6B2CCE5EC29A2EAD26662 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:53:29.0253 18468  EvtEng - ok
16:53:29.0284 18468  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:53:29.0300 18468  exfat - ok
16:53:29.0362 18468  [ E7F412035B832013FA32F412246C5BFF ] FACAP           C:\Windows\system32\DRIVERS\facap.sys
16:53:29.0378 18468  FACAP - ok
16:53:29.0471 18468  [ 4CD1D92DBF3BF28D43CFB98DFB91B7AB ] FAService       C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
16:53:29.0518 18468  FAService - ok
16:53:29.0549 18468  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:53:29.0549 18468  fastfat - ok
16:53:29.0581 18468  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:53:29.0581 18468  fdc - ok
16:53:29.0612 18468  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
16:53:29.0612 18468  fdPHost - ok
16:53:29.0612 18468  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
16:53:29.0627 18468  FDResPub - ok
16:53:29.0627 18468  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:53:29.0627 18468  FileInfo - ok
16:53:29.0659 18468  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:53:29.0659 18468  Filetrace - ok
16:53:29.0721 18468  [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:53:29.0737 18468  FLEXnet Licensing Service - ok
16:53:29.0752 18468  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:53:29.0762 18468  flpydisk - ok
16:53:29.0782 18468  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:53:29.0782 18468  FltMgr - ok
16:53:29.0872 18468  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll
16:53:29.0892 18468  FontCache - ok
16:53:29.0932 18468  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:53:29.0942 18468  FontCache3.0.0.0 - ok
16:53:29.0962 18468  [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:53:29.0962 18468  fssfltr - ok
16:53:30.0042 18468  [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:53:30.0072 18468  fsssvc - ok
16:53:30.0092 18468  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:53:30.0092 18468  Fs_Rec - ok
16:53:30.0102 18468  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:53:30.0112 18468  gagp30kx - ok
16:53:30.0172 18468  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:53:30.0172 18468  GEARAspiWDM - ok
16:53:30.0202 18468  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:53:30.0222 18468  gpsvc - ok
16:53:30.0292 18468  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:53:30.0302 18468  gupdate - ok
16:53:30.0332 18468  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:53:30.0332 18468  gupdatem - ok
16:53:30.0382 18468  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:53:30.0392 18468  gusvc - ok
16:53:30.0432 18468  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:53:30.0462 18468  HDAudBus - ok
16:53:30.0472 18468  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:53:30.0472 18468  HidBth - ok
16:53:30.0502 18468  [ 5F47839455D01FF6403B008D481A6F5B ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:53:30.0512 18468  HidIr - ok
16:53:30.0572 18468  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\System32\hidserv.dll
16:53:30.0572 18468  hidserv - ok
16:53:30.0582 18468  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:53:30.0582 18468  HidUsb - ok
16:53:30.0602 18468  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:53:30.0612 18468  hkmsvc - ok
16:53:30.0632 18468  [ 583431A6989FD8B901D1883C0299C471 ] hnmsvc          c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
16:53:30.0742 18468  hnmsvc - ok
16:53:30.0792 18468  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
16:53:30.0792 18468  HpCISSs - ok
16:53:30.0902 18468  [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:53:30.0902 18468  hpqcxs08 - ok
16:53:30.0912 18468  hpqcxs0832 - ok
16:53:30.0922 18468  [ DF446BA625CC441617843E87798CE048 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:53:30.0922 18468  hpqddsvc - ok
16:53:30.0962 18468  [ 969F2F6571B915BADA4FA68228C2CBBC ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:53:30.0982 18468  HPSLPSVC - ok
16:53:31.0002 18468  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:53:31.0012 18468  HTTP - ok
16:53:31.0032 18468  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
16:53:31.0032 18468  i2omp - ok
16:53:31.0092 18468  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:53:31.0102 18468  i8042prt - ok
16:53:31.0112 18468  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
16:53:31.0122 18468  iaStorV - ok
16:53:31.0152 18468  [ 6F37465EAF6E043A20B432228FED2BF5 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
16:53:31.0152 18468  IDMWFP - ok
16:53:31.0252 18468  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
16:53:31.0262 18468  IDriverT - ok
16:53:31.0342 18468  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:53:31.0362 18468  idsvc - ok
16:53:31.0722 18468  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20121025.001\IDSvia64.sys
16:53:31.0732 18468  IDSVia64 - ok
16:53:31.0772 18468  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:53:31.0772 18468  iirsp - ok
16:53:31.0891 18468  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
16:53:31.0891 18468  IKEEXT - ok
16:53:31.0954 18468  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
16:53:31.0954 18468  intelide - ok
16:53:31.0985 18468  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:53:31.0985 18468  intelppm - ok
16:53:32.0047 18468  [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
16:53:32.0047 18468  IntuitUpdateServiceV4 - ok
16:53:32.0094 18468  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:53:32.0094 18468  IPBusEnum - ok
16:53:32.0125 18468  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:53:32.0125 18468  IpFilterDriver - ok
16:53:32.0157 18468  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:53:32.0157 18468  iphlpsvc - ok
16:53:32.0157 18468  IpInIp - ok
16:53:32.0172 18468  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
16:53:32.0172 18468  IPMIDRV - ok
16:53:32.0188 18468  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
16:53:32.0188 18468  IPNAT - ok
16:53:32.0266 18468  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:53:32.0297 18468  iPod Service - ok
16:53:32.0313 18468  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:53:32.0313 18468  IRENUM - ok
16:53:32.0359 18468  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:53:32.0359 18468  isapnp - ok
16:53:32.0406 18468  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
16:53:32.0406 18468  iScsiPrt - ok
16:53:32.0422 18468  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
16:53:32.0422 18468  iteatapi - ok
16:53:32.0469 18468  [ E157D6B89D87A1B467ECDD66D280A1C2 ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
16:53:32.0469 18468  itecir - ok
16:53:32.0515 18468  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
16:53:32.0531 18468  iteraid - ok
16:53:32.0547 18468  ivusb - ok
16:53:32.0609 18468  JakNDisMP - ok
16:53:32.0625 18468  [ EB5C7891B9E6E4A1A4428F2160B12B53 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
16:53:32.0640 18468  k57nd60a - ok
16:53:32.0656 18468  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:53:32.0656 18468  kbdclass - ok
16:53:32.0671 18468  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:53:32.0671 18468  kbdhid - ok
16:53:32.0687 18468  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
16:53:32.0687 18468  KeyIso - ok
16:53:32.0718 18468  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:53:32.0734 18468  KSecDD - ok
16:53:32.0734 18468  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:53:32.0734 18468  ksthunk - ok
16:53:32.0812 18468  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:53:32.0827 18468  KtmRm - ok
16:53:32.0937 18468  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\System32\srvsvc.dll
16:53:32.0937 18468  LanmanServer - ok
16:53:32.0952 18468  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:53:32.0968 18468  LanmanWorkstation - ok
16:53:33.0015 18468  Lavasoft Ad-Aware Service - ok
16:53:33.0046 18468  Lavasoft Kernexplorer - ok
16:53:33.0046 18468  Lbd - ok
16:53:33.0139 18468  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:53:33.0155 18468  LBTServ - ok
16:53:33.0171 18468  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:53:33.0171 18468  LHidFilt - ok
16:53:33.0186 18468  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:53:33.0202 18468  lltdio - ok
16:53:33.0233 18468  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:53:33.0233 18468  lltdsvc - ok
16:53:33.0249 18468  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:53:33.0249 18468  lmhosts - ok
16:53:33.0264 18468  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:53:33.0264 18468  LMouFilt - ok
16:53:33.0280 18468  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:53:33.0280 18468  LSI_FC - ok
16:53:33.0295 18468  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:53:33.0295 18468  LSI_SAS - ok
16:53:33.0311 18468  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:53:33.0311 18468  LSI_SCSI - ok
16:53:33.0327 18468  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:53:33.0327 18468  luafv - ok
16:53:33.0389 18468  [ A94EED8C13E0E1392F49EC2016C420BA ] MADFUCONECTIV   C:\Windows\system32\DRIVERS\MAudioConectiv_DFU.sys
16:53:33.0405 18468  MADFUCONECTIV - ok
16:53:33.0467 18468  [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
16:53:33.0467 18468  ManyCam - ok
16:53:33.0498 18468  [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus       C:\Windows\system32\DRIVERS\MarvinBus64.sys
16:53:33.0498 18468  MarvinBus - ok
16:53:33.0529 18468  [ 79D7035195B0B380C20AB325514B5F98 ] MAUSBCONECTIV   C:\Windows\system32\DRIVERS\MAudioConectiv.sys
16:53:33.0545 18468  MAUSBCONECTIV - ok
16:53:33.0561 18468  [ 6EA9AA4A432871225938CC6869E59213 ] MAUSBMIDI       C:\Windows\system32\DRIVERS\MAudioUSBMIDI.sys
16:53:33.0576 18468  MAUSBMIDI - ok
16:53:33.0592 18468  [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:53:33.0592 18468  MBAMProtector - ok
16:53:33.0632 18468  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:53:33.0632 18468  MBAMScheduler - ok
16:53:33.0662 18468  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:53:33.0662 18468  MBAMService - ok
16:53:33.0692 18468  [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
16:53:33.0692 18468  mcaudrv_simple - ok
16:53:33.0762 18468  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
16:53:33.0782 18468  mcdbus - ok
16:53:33.0802 18468  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:53:33.0812 18468  Mcx2Svc - ok
16:53:33.0862 18468  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
16:53:33.0862 18468  MDM - ok
16:53:33.0932 18468  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
16:53:33.0932 18468  megasas - ok
16:53:34.0002 18468  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
16:53:34.0012 18468  MegaSR - ok
16:53:34.0072 18468  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:53:34.0072 18468  Microsoft Office Groove Audit Service - ok
16:53:34.0092 18468  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
16:53:34.0092 18468  MMCSS - ok
16:53:34.0112 18468  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
16:53:34.0112 18468  Modem - ok
16:53:34.0122 18468  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:53:34.0122 18468  monitor - ok
16:53:34.0132 18468  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:53:34.0132 18468  mouclass - ok
16:53:34.0192 18468  [ 21B7ACEA1BB49C3371DD5427BF309D6A ] moufiltr        C:\Windows\system32\DRIVERS\moufiltr.sys
16:53:34.0192 18468  moufiltr - ok
16:53:34.0212 18468  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:53:34.0212 18468  mouhid - ok
16:53:34.0222 18468  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
16:53:34.0222 18468  MountMgr - ok
16:53:34.0252 18468  [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:53:34.0272 18468  MozillaMaintenance - ok
16:53:34.0372 18468  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:53:34.0372 18468  mpio - ok
16:53:34.0392 18468  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:53:34.0392 18468  mpsdrv - ok
16:53:34.0422 18468  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:53:34.0432 18468  MpsSvc - ok
16:53:34.0452 18468  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
16:53:34.0452 18468  Mraid35x - ok
16:53:34.0482 18468  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:53:34.0492 18468  MRxDAV - ok
16:53:34.0512 18468  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:53:34.0522 18468  mrxsmb - ok
16:53:34.0552 18468  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:53:34.0562 18468  mrxsmb10 - ok
16:53:34.0572 18468  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:53:34.0572 18468  mrxsmb20 - ok
16:53:34.0632 18468  [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:53:34.0632 18468  msahci - ok
16:53:34.0652 18468  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:53:34.0652 18468  msdsm - ok
16:53:34.0672 18468  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
16:53:34.0682 18468  MSDTC - ok
16:53:34.0682 18468  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:53:34.0692 18468  Msfs - ok
16:53:34.0742 18468  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:53:34.0742 18468  msisadrv - ok
16:53:34.0772 18468  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:53:34.0792 18468  MSiSCSI - ok
16:53:34.0792 18468  msiserver - ok
16:53:34.0802 18468  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:53:34.0812 18468  MSKSSRV - ok
16:53:34.0822 18468  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:53:34.0822 18468  MSPCLOCK - ok
16:53:34.0842 18468  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:53:34.0842 18468  MSPQM - ok
16:53:34.0872 18468  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:53:34.0882 18468  MsRPC - ok
16:53:34.0892 18468  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:53:34.0892 18468  mssmbios - ok
16:53:34.0942 18468  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:53:34.0942 18468  MSTEE - ok
16:53:34.0962 18468  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:53:34.0962 18468  Mup - ok
16:53:35.0032 18468  [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
16:53:35.0032 18468  N360 - ok
16:53:35.0062 18468  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
16:53:35.0072 18468  napagent - ok
16:53:35.0132 18468  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:53:35.0132 18468  NativeWifiP - ok
16:53:35.0222 18468  [ E4534BCCDD1EA7A7A256BB9D6688A5FC ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
16:53:35.0232 18468  NAUpdate - ok
16:53:35.0322 18468  [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20121026.002\ENG64.SYS
16:53:35.0332 18468  NAVENG - ok
16:53:35.0452 18468  [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20121026.002\EX64.SYS
16:53:35.0552 18468  NAVEX15 - ok
16:53:35.0612 18468  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:53:35.0632 18468  NDIS - ok
16:53:35.0652 18468  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:53:35.0652 18468  NdisTapi - ok
16:53:35.0682 18468  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:53:35.0682 18468  Ndisuio - ok
16:53:35.0722 18468  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:53:35.0722 18468  NdisWan - ok
16:53:35.0732 18468  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:53:35.0732 18468  NDProxy - ok
16:53:35.0792 18468  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:53:35.0802 18468  Net Driver HPZ12 - ok
16:53:35.0812 18468  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:53:35.0812 18468  NetBIOS - ok
16:53:35.0842 18468  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
16:53:35.0842 18468  netbt - ok
16:53:35.0852 18468  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
16:53:35.0862 18468  Netlogon - ok
16:53:35.0882 18468  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
16:53:35.0892 18468  Netman - ok
16:53:35.0942 18468  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:35.0952 18468  NetMsmqActivator - ok
16:53:35.0952 18468  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:35.0952 18468  NetPipeActivator - ok
16:53:35.0972 18468  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
16:53:35.0982 18468  netprofm - ok
16:53:35.0982 18468  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:35.0982 18468  NetTcpActivator - ok
16:53:35.0982 18468  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:35.0982 18468  NetTcpPortSharing - ok
16:53:36.0102 18468  [ F17EDA58C8C5B1A4F873B322729168FF ] NETw5v64        C:\Windows\system32\DRIVERS\NETw5v64.sys
16:53:36.0182 18468  NETw5v64 - ok
16:53:36.0332 18468  [ B72C97693A13E7C5806F05ADFDB2388D ] NETwNv64        C:\Windows\system32\DRIVERS\NETwNv64.sys
16:53:36.0452 18468  NETwNv64 - ok
16:53:36.0482 18468  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:53:36.0492 18468  nfrd960 - ok
16:53:36.0512 18468  NIHardwareService - ok
16:53:36.0532 18468  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:53:36.0532 18468  NlaSvc - ok
16:53:36.0572 18468  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:53:36.0582 18468  Npfs - ok
16:53:36.0582 18468  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
16:53:36.0592 18468  nsi - ok
16:53:36.0602 18468  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:53:36.0602 18468  nsiproxy - ok
16:53:36.0652 18468  [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:53:36.0672 18468  Ntfs - ok
16:53:36.0692 18468  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
16:53:36.0692 18468  Null - ok
16:53:36.0712 18468  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:53:36.0712 18468  nvraid - ok
16:53:36.0732 18468  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:53:36.0732 18468  nvstor - ok
16:53:36.0752 18468  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:53:36.0752 18468  nv_agp - ok
16:53:36.0762 18468  NwlnkFlt - ok
16:53:36.0762 18468  NwlnkFwd - ok
16:53:36.0832 18468  [ 404B0121AE1A75D9A63B6934EB07C258 ] OA001Ufd        C:\Windows\system32\DRIVERS\OA001Ufd.sys
16:53:36.0832 18468  OA001Ufd - ok
16:53:36.0852 18468  [ 4B69D156DB42B26425AB3B172FA50D92 ] OA001Vid        C:\Windows\system32\DRIVERS\OA001Vid.sys
16:53:36.0852 18468  OA001Vid - ok
16:53:36.0912 18468  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:53:36.0922 18468  odserv - ok
16:53:36.0982 18468  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
16:53:36.0982 18468  ohci1394 - ok
16:53:37.0002 18468  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:53:37.0012 18468  ose - ok
16:53:37.0052 18468  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
16:53:37.0072 18468  p2pimsvc - ok
16:53:37.0092 18468  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
16:53:37.0102 18468  p2psvc - ok
16:53:37.0112 18468  [ 99E6AA0AE2D05389BA7F7DFF6866B569 ] Packet          C:\Windows\system32\DRIVERS\packet.sys
16:53:37.0112 18468  Packet - ok
16:53:37.0132 18468  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
16:53:37.0142 18468  Parport - ok
16:53:37.0162 18468  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:53:37.0172 18468  partmgr - ok
16:53:37.0192 18468  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:53:37.0192 18468  PcaSvc - ok
16:53:37.0212 18468  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
16:53:37.0212 18468  pci - ok
16:53:37.0232 18468  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:53:37.0232 18468  pciide - ok
16:53:37.0252 18468  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:53:37.0262 18468  pcmcia - ok
16:53:37.0282 18468  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:53:37.0292 18468  PEAUTH - ok
16:53:37.0372 18468  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:53:37.0372 18468  PerfHost - ok
16:53:37.0412 18468  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
16:53:37.0442 18468  pla - ok
16:53:37.0472 18468  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:53:37.0482 18468  PlugPlay - ok
16:53:37.0502 18468  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:53:37.0502 18468  Pml Driver HPZ12 - ok
16:53:37.0532 18468  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
16:53:37.0532 18468  PNRPAutoReg - ok
16:53:37.0562 18468  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
16:53:37.0562 18468  PNRPsvc - ok
16:53:37.0602 18468  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:53:37.0602 18468  PolicyAgent - ok
16:53:37.0632 18468  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:53:37.0642 18468  PptpMiniport - ok
16:53:37.0662 18468  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
16:53:37.0662 18468  Processor - ok
16:53:37.0692 18468  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
16:53:37.0692 18468  ProfSvc - ok
16:53:37.0702 18468  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:53:37.0702 18468  ProtectedStorage - ok
16:53:37.0732 18468  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
16:53:37.0732 18468  PSched - ok
16:53:37.0752 18468  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
16:53:37.0752 18468  PxHlpa64 - ok
16:53:37.0802 18468  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:53:37.0822 18468  ql2300 - ok
16:53:37.0842 18468  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:53:37.0842 18468  ql40xx - ok
16:53:37.0872 18468  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
16:53:37.0882 18468  QWAVE - ok
16:53:37.0892 18468  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:53:37.0892 18468  QWAVEdrv - ok
16:53:38.0042 18468  [ A08339AE90972E268B9622C668F450E8 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
16:53:38.0062 18468  R300 - ok
16:53:38.0192 18468  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:53:38.0192 18468  RasAcd - ok
16:53:38.0252 18468  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
16:53:38.0252 18468  RasAuto - ok
16:53:38.0282 18468  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:53:38.0292 18468  Rasl2tp - ok
16:53:38.0302 18468  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
16:53:38.0312 18468  RasMan - ok
16:53:38.0332 18468  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:53:38.0342 18468  RasPppoe - ok
16:53:38.0362 18468  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:53:38.0362 18468  RasSstp - ok
16:53:38.0392 18468  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:53:38.0402 18468  rdbss - ok
16:53:38.0422 18468  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:53:38.0422 18468  RDPCDD - ok
16:53:38.0442 18468  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
16:53:38.0452 18468  rdpdr - ok
16:53:38.0462 18468  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:53:38.0462 18468  RDPENCDD - ok
16:53:38.0492 18468  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:53:38.0502 18468  RDPWD - ok
16:53:38.0602 18468  [ 23120A62DFA0109FDED9218BE5F7D460 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:53:38.0632 18468  RegSrvc - ok
16:53:38.0682 18468  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:53:38.0692 18468  RemoteAccess - ok
16:53:38.0722 18468  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:53:38.0732 18468  RemoteRegistry - ok
16:53:38.0762 18468  [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
16:53:38.0762 18468  Revoflt - ok
16:53:38.0802 18468  [ CD71E053D7260E4102D99A28F9196070 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:53:38.0802 18468  RFCOMM - ok
16:53:38.0832 18468  [ D13D70FAC45FC1DF69F88559B1F72F0A ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
16:53:38.0832 18468  rimmptsk - ok
16:53:38.0852 18468  [ BB9EDC55B0B8CB4FCD713428820E0776 ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys
16:53:38.0852 18468  rimsptsk - ok
16:53:38.0912 18468  [ 481C3FDEACAAE04B74C58288DBC91DF9 ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys
16:53:38.0912 18468  rismxdp - ok
16:53:38.0932 18468  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
16:53:38.0932 18468  RpcLocator - ok
16:53:38.0962 18468  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
16:53:38.0972 18468  RpcSs - ok
16:53:38.0992 18468  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:53:38.0992 18468  rspndr - ok
16:53:39.0002 18468  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
16:53:39.0002 18468  SamSs - ok
16:53:39.0022 18468  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:53:39.0022 18468  sbp2port - ok
16:53:39.0042 18468  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:53:39.0052 18468  SCardSvr - ok
16:53:39.0072 18468  [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
16:53:39.0072 18468  SCDEmu - ok
16:53:39.0102 18468  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
16:53:39.0122 18468  Schedule - ok
16:53:39.0142 18468  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:53:39.0142 18468  SCPolicySvc - ok
16:53:39.0192 18468  [ BE100BC2BE2513314C717BB2C4CFFF10 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
16:53:39.0192 18468  sdbus - ok
16:53:39.0222 18468  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:53:39.0222 18468  SDRSVC - ok
16:53:39.0312 18468  [ 78779EE07231C658B483B1F38B5088DF ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:53:39.0312 18468  SeaPort - ok
16:53:39.0332 18468  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:53:39.0332 18468  secdrv - ok
16:53:39.0352 18468  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
16:53:39.0352 18468  seclogon - ok
16:53:39.0362 18468  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\system32\sens.dll
16:53:39.0362 18468  SENS - ok
16:53:39.0382 18468  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:53:39.0382 18468  Serenum - ok
16:53:39.0402 18468  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
16:53:39.0402 18468  Serial - ok
16:53:39.0422 18468  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:53:39.0422 18468  sermouse - ok
16:53:39.0452 18468  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:53:39.0462 18468  SessionEnv - ok
16:53:39.0482 18468  [ 3A19C899BCF0EA24CFEC2038E6A489DB ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
16:53:39.0482 18468  sffdisk - ok
16:53:39.0502 18468  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:53:39.0502 18468  sffp_mmc - ok
16:53:39.0522 18468  [ FDCA63A2EEE528585EB66CEAC183EC22 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
16:53:39.0522 18468  sffp_sd - ok
16:53:39.0542 18468  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:53:39.0542 18468  sfloppy - ok
16:53:39.0572 18468  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:53:39.0572 18468  SharedAccess - ok
16:53:39.0632 18468  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:53:39.0642 18468  ShellHWDetection - ok
16:53:39.0652 18468  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
16:53:39.0652 18468  SiSRaid2 - ok
16:53:39.0662 18468  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:53:39.0672 18468  SiSRaid4 - ok
16:53:39.0732 18468  [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:53:39.0742 18468  SkypeUpdate - ok
16:53:39.0802 18468  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
16:53:39.0842 18468  slsvc - ok
16:53:39.0862 18468  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
16:53:39.0862 18468  SLUINotify - ok
16:53:39.0892 18468  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:53:39.0892 18468  Smb - ok
16:53:39.0902 18468  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:53:39.0902 18468  SNMPTRAP - ok
16:53:39.0972 18468  [ 7455ED832A33FEF453407F5411C3342D ] speedfan        C:\Windows\syswow64\speedfan.sys
16:53:39.0982 18468  speedfan - ok
16:53:40.0002 18468  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
16:53:40.0012 18468  spldr - ok
16:53:40.0032 18468  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
16:53:40.0042 18468  Spooler - ok
16:53:40.0152 18468  [ C3716EC0D36AD924B6888D794563E647 ] sprtsvc_ddoctorv2 C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe
16:53:40.0152 18468  sprtsvc_ddoctorv2 - ok
16:53:40.0212 18468  [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
16:53:40.0222 18468  sprtsvc_DellSupportCenter - ok
16:53:40.0292 18468  [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP           C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
16:53:40.0302 18468  SRTSP - ok
16:53:40.0322 18468  [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX          C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
16:53:40.0322 18468  SRTSPX - ok
16:53:40.0352 18468  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:53:40.0362 18468  srv - ok
16:53:40.0382 18468  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:53:40.0392 18468  srv2 - ok
16:53:40.0412 18468  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:53:40.0422 18468  srvnet - ok
16:53:40.0432 18468  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:53:40.0442 18468  SSDPSRV - ok
16:53:40.0502 18468  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:53:40.0502 18468  SstpSvc - ok
16:53:40.0922 18468  [ C5DF63AE2693C9B6B01B4A2E6C1C64AC ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
16:53:40.0922 18468  STacSV - ok
16:53:40.0982 18468  StarWindServiceAE - ok
16:53:41.0012 18468  [ BA16447226ABFD342E130D2F24F73D32 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
16:53:41.0022 18468  STHDA - ok
16:53:41.0082 18468  [ 14B4DB4381E4A55F570D8BB699B791D6 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
16:53:41.0082 18468  StillCam - ok
16:53:41.0122 18468  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
16:53:41.0132 18468  stisvc - ok
16:53:41.0142 18468  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:53:41.0142 18468  swenum - ok
16:53:41.0212 18468  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:53:41.0222 18468  SwitchBoard - ok
16:53:41.0252 18468  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
16:53:41.0262 18468  swprv - ok
16:53:41.0272 18468  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
16:53:41.0282 18468  Symc8xx - ok
16:53:41.0312 18468  [ 6160145C7A87FC7672E8E3B886888176 ] SymDS           C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
16:53:41.0322 18468  SymDS - ok
16:53:41.0352 18468  [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA          C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
16:53:41.0372 18468  SymEFA - ok
16:53:41.0402 18468  [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:53:41.0402 18468  SymEvent - ok
16:53:41.0422 18468  [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON         C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
16:53:41.0422 18468  SymIRON - ok
16:53:41.0452 18468  [ 61D06BE74FA23EBB7D816E4468EDD19E ] SYMTDIv         C:\Windows\System32\Drivers\N360x64\0502020.003\SYMTDIV.SYS
16:53:41.0452 18468  SYMTDIv - ok
16:53:41.0472 18468  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
16:53:41.0472 18468  Sym_hi - ok
16:53:41.0492 18468  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
16:53:41.0492 18468  Sym_u3 - ok
16:53:41.0562 18468  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
16:53:41.0582 18468  SysMain - ok
16:53:41.0602 18468  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:53:41.0602 18468  TabletInputService - ok
16:53:41.0632 18468  [ 3B73C849B41FB20D77B0E553214061A5 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
16:53:41.0662 18468  tap0901 - ok
16:53:41.0702 18468  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:53:41.0702 18468  TapiSrv - ok
16:53:41.0712 18468  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
16:53:41.0722 18468  TBS - ok
16:53:41.0762 18468  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:53:41.0792 18468  Tcpip - ok
16:53:41.0822 18468  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
16:53:41.0832 18468  Tcpip6 - ok
16:53:41.0852 18468  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:53:41.0852 18468  tcpipreg - ok
16:53:41.0872 18468  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:53:41.0872 18468  TDPIPE - ok
16:53:41.0882 18468  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:53:41.0892 18468  TDTCP - ok
16:53:41.0902 18468  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:53:41.0912 18468  tdx - ok
16:53:41.0932 18468  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:53:41.0932 18468  TermDD - ok
16:53:41.0952 18468  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
16:53:41.0962 18468  TermService - ok
16:53:41.0972 18468  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
16:53:41.0982 18468  Themes - ok
16:53:42.0002 18468  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:53:42.0002 18468  THREADORDER - ok
16:53:42.0022 18468  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
16:53:42.0022 18468  TrkWks - ok
16:53:42.0072 18468  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:53:42.0072 18468  TrustedInstaller - ok
16:53:42.0082 18468  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:53:42.0092 18468  tssecsrv - ok
16:53:42.0102 18468  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
16:53:42.0112 18468  tunmp - ok
16:53:42.0132 18468  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:53:42.0132 18468  tunnel - ok
16:53:42.0142 18468  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:53:42.0142 18468  uagp35 - ok
16:53:42.0172 18468  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:53:42.0182 18468  udfs - ok
16:53:42.0202 18468  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:53:42.0202 18468  UI0Detect - ok
16:53:42.0222 18468  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:53:42.0222 18468  uliagpkx - ok
16:53:42.0232 18468  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
16:53:42.0242 18468  uliahci - ok
16:53:42.0262 18468  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
16:53:42.0272 18468  UlSata - ok
16:53:42.0282 18468  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
16:53:42.0282 18468  ulsata2 - ok
16:53:42.0302 18468  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:53:42.0302 18468  umbus - ok
16:53:42.0322 18468  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
16:53:42.0332 18468  upnphost - ok
16:53:42.0392 18468  [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:53:42.0392 18468  USBAAPL64 - ok
16:53:42.0412 18468  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:53:42.0422 18468  usbaudio - ok
16:53:42.0472 18468  [ FA552037600586365CF77B4A90270BF9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:53:42.0472 18468  usbccgp - ok
16:53:42.0492 18468  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:53:42.0492 18468  usbcir - ok
16:53:42.0522 18468  [ 70B687BA1468C0E5D01B22CCF46DD3DF ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:53:42.0522 18468  usbehci - ok
16:53:42.0552 18468  [ 0F6DA5BC652CE9AC75602F7A703F0585 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:53:42.0562 18468  usbhub - ok
16:53:42.0692 18468  [ 8D557006BB327C29CDD6A01BA49E0E4E ] USBMIDIAudioDevMon C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe
16:53:42.0722 18468  USBMIDIAudioDevMon - ok
16:53:42.0742 18468  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:53:42.0742 18468  usbohci - ok
16:53:42.0772 18468  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:53:42.0772 18468  usbprint - ok
16:53:42.0802 18468  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:53:42.0802 18468  USBSTOR - ok
16:53:42.0822 18468  [ 3BCB145ED72BDE88E91ADD2FDA62EF69 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:53:42.0832 18468  usbuhci - ok
16:53:42.0852 18468  [ FC33099877790D51B0927B7039059855 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:53:42.0862 18468  usbvideo - ok
16:53:42.0882 18468  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
16:53:42.0892 18468  UxSms - ok
16:53:42.0922 18468  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
16:53:42.0932 18468  vds - ok
16:53:42.0952 18468  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:53:42.0982 18468  vga - ok
16:53:42.0992 18468  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:53:43.0012 18468  VgaSave - ok
16:53:43.0162 18468  [ 68F6A83C8848875AD027D038637A5BE0 ] vhidmini        C:\Windows\system32\DRIVERS\walvhid.sys
16:53:43.0192 18468  vhidmini - ok
16:53:43.0212 18468  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
16:53:43.0212 18468  viaide - ok
16:53:43.0242 18468  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:53:43.0242 18468  volmgr - ok
16:53:43.0272 18468  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:53:43.0282 18468  volmgrx - ok
16:53:43.0292 18468  [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:53:43.0292 18468  volsnap - ok
16:53:43.0312 18468  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:53:43.0322 18468  vsmraid - ok
16:53:43.0362 18468  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
16:53:43.0392 18468  VSS - ok
16:53:43.0452 18468  [ B36FB5AB82ABDEB53FFB821A2B0D6440 ] vToolbarUpdater11.1.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
16:53:43.0522 18468  vToolbarUpdater11.1.0 - ok
16:53:43.0602 18468  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
16:53:43.0612 18468  W32Time - ok
16:53:43.0622 18468  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:53:43.0622 18468  WacomPen - ok
16:53:43.0682 18468  [ 5CF6E9A685199445FEE02FE8C191C9BA ] wampapache      c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
16:53:43.0682 18468  wampapache - ok
16:53:43.0722 18468  wampmysqld - ok
16:53:43.0742 18468  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
16:53:43.0752 18468  Wanarp - ok
16:53:43.0752 18468  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:53:43.0752 18468  Wanarpv6 - ok
16:53:43.0772 18468  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:53:43.0792 18468  wcncsvc - ok
16:53:43.0812 18468  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:53:43.0812 18468  WcsPlugInService - ok
16:53:43.0842 18468  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
16:53:43.0842 18468  Wd - ok
16:53:43.0872 18468  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
16:53:43.0872 18468  WDC_SAM - ok
16:53:43.0932 18468  [ EAB3C68E3C38646AC5D5225F9D943D12 ] WDDMService.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
16:53:43.0942 18468  WDDMService.exe - ok
16:53:43.0972 18468  [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:53:43.0992 18468  Wdf01000 - ok
16:53:44.0002 18468  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:53:44.0002 18468  WdiServiceHost - ok
16:53:44.0012 18468  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:53:44.0012 18468  WdiSystemHost - ok
16:53:44.0032 18468  [ 138AB06ADBBF300AA804D7974A5AEC82 ] WDSmartWareBackgroundService C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
16:53:44.0032 18468  WDSmartWareBackgroundService - ok
16:53:44.0052 18468  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
16:53:44.0052 18468  WebClient - ok
16:53:44.0082 18468  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:53:44.0092 18468  Wecsvc - ok
16:53:44.0092 18468  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:53:44.0102 18468  wercplsupport - ok
16:53:44.0112 18468  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
16:53:44.0112 18468  WerSvc - ok
16:53:44.0122 18468  WinDefend - ok
16:53:44.0122 18468  WinHttpAutoProxySvc - ok
16:53:44.0182 18468  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:53:44.0182 18468  Winmgmt - ok
16:53:44.0222 18468  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:53:44.0262 18468  WinRM - ok
16:53:44.0292 18468  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:53:44.0302 18468  Wlansvc - ok
16:53:44.0372 18468  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:53:44.0372 18468  wlcrasvc - ok
16:53:44.0482 18468  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:53:44.0532 18468  wlidsvc - ok
16:53:44.0552 18468  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:53:44.0562 18468  WmiAcpi - ok
16:53:44.0592 18468  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:53:44.0592 18468  wmiApSrv - ok
16:53:44.0592 18468  WMPNetworkSvc - ok
16:53:44.0612 18468  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:53:44.0622 18468  WPCSvc - ok
16:53:44.0682 18468  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:53:44.0682 18468  WPDBusEnum - ok
16:53:44.0712 18468  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
16:53:44.0712 18468  WpdUsb - ok
16:53:44.0802 18468  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:53:44.0832 18468  WPFFontCache_v0400 - ok
16:53:44.0852 18468  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:53:44.0852 18468  ws2ifsl - ok
16:53:44.0872 18468  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\system32\wscsvc.dll
16:53:44.0882 18468  wscsvc - ok
16:53:44.0902 18468  [ DE5F5212AB34221DD1618B5FEFE8DB6C ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
16:53:44.0902 18468  WSDPrintDevice - ok
16:53:44.0912 18468  WSearch - ok
16:53:44.0912 18468  WTService - ok
16:53:44.0972 18468  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:53:45.0012 18468  wuauserv - ok
16:53:45.0062 18468  [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:53:45.0072 18468  WUDFRd - ok
16:53:45.0072 18468  [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:53:45.0072 18468  wudfsvc - ok
16:53:45.0182 18468  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:53:45.0192 18468  YahooAUService - ok
16:53:45.0222 18468  ================ Scan global ===============================
16:53:45.0262 18468  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
16:53:45.0292 18468  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
16:53:45.0312 18468  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
16:53:45.0342 18468  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
16:53:45.0352 18468  [Global] - ok
16:53:45.0352 18468  ================ Scan MBR ==================================
16:53:45.0362 18468  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:53:45.0882 18468  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:53:45.0882 18468  \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:53:45.0882 18468  ================ Scan VBR ==================================
16:53:45.0912 18468  [ E83B8A9780D804F915A47FC33AAD9024 ] \Device\Harddisk0\DR0\Partition1
16:53:45.0912 18468  \Device\Harddisk0\DR0\Partition1 - ok
16:53:45.0912 18468  [ 319B58EC5103438359E5789967539E4E ] \Device\Harddisk0\DR0\Partition2
16:53:45.0922 18468  \Device\Harddisk0\DR0\Partition2 - ok
16:53:45.0922 18468  ============================================================
16:53:45.0922 18468  Scan finished
16:53:45.0922 18468  ============================================================
16:53:45.0922 8716  Detected object count: 1
16:53:45.0922 8716  Actual detected object count: 1
16:53:57.0846 8716  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:53:57.0846 8716  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 


Edited by Geo M, 26 October 2012 - 04:59 PM.


#4 Geo M

Geo M
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 26 October 2012 - 05:17 PM

Ok, here is the junkware removal tool log:

Junkware Removal Tool (JRT) by Thisisu 
Version: 2.2.1 (10.26.2012) 
OS: Windows (TM) Vista Home Premium x64 
Ran by Geo on Fri 10/26/2012 at 16:55:56.66 
Blog: http://thisisudax.blogspot.com 
************************************************************** 
 
 
 
 
*** Services: 
 
Successfully stopped: [SERVICE] DefaultTabSearch 
Successfully deleted: [SERVICE] DefaultTabSearch 
Successfully stopped: [SERVICE] DefaultTabUpdate 
Successfully deleted: [SERVICE] DefaultTabUpdate 
 
 
 
*** Registry Values: 
 
Successfully deleted: [VALUE] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{30f9b915-b755-4826-820b-08fba6bd249d} 
Successfully deleted: [VALUE] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{30f9b915-b755-4826-820b-08fba6bd249d} 
 
 
 
*** Registry Keys: 
 
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\conduit" 
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\conduitengine" 
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\conduitsearchscopes" 
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\defaulttab" 
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\pricegong" 
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\toolbar" 
Successfully deleted: [KEY] "hkey_current_user\software\default tab" 
Successfully deleted: [KEY] "hkey_current_user\software\defaulttab" 
Successfully deleted: [KEY] "hkey_current_user\software\softonic" 
Successfully deleted: [KEY] "hkey_local_machine\software\babylon" 
Successfully deleted: [KEY] "hkey_local_machine\software\classes\conduit.engine" 
Successfully deleted: [KEY] "hkey_local_machine\software\conduit" 
Successfully deleted: [KEY] "hkey_local_machine\software\default tab" 
Successfully deleted: [KEY] "hkey_local_machine\software\defaulttab" 
Successfully deleted: [KEY] "hkey_local_machine\software\freeze.com" 
Successfully deleted: [KEY] "hkey_local_machine\software\google\chrome\extensions\kdidombaedgpfiiedeimiebkmbilgmlc" 
Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9} 
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{2eecd738-5844-4a99-b4b6-146bf802613b} 
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{2eecd738-5844-4a99-b4b6-146bf802613b} 
Successfully deleted: [KEY] hkey_classes_root\clsid\{30f9b915-b755-4826-820b-08fba6bd249d} 
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{30f9b915-b755-4826-820b-08fba6bd249d} 
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{30f9b915-b755-4826-820b-08fba6bd249d} 
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{30f9b915-b755-4826-820b-08fba6bd249d} 
Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1} 
Successfully deleted: [KEY] hkey_classes_root\clsid\{7f6afbf1-e065-4627-a2fd-810366367d01} 
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{7f6afbf1-e065-4627-a2fd-810366367d01} 
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{97f2ff5b-260c-4ccf-834a-2dda4e29e39e} 
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{98889811-442d-49dd-99d7-dc866be87dbc} 
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{98889811-442d-49dd-99d7-dc866be87dbc} 
Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} 
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} 
Successfully deleted: [KEY] hkey_classes_root\appid\{bdb69379-802f-4eaf-b541-f8de92dd98db} 
Successfully deleted: [KEY] hkey_classes_root\clsid\{e46c8196-b634-44a1-af6e-957c64278ab1} 
 
 
 
*** Files: 0 Detections 
 
 
 
*** Folders: 
 
Successfully deleted: [FOLDER] "C:\ProgramData\babylon" 
Successfully deleted: [FOLDER] "C:\Users\Geo\AppData\Roaming\babylon" 
Successfully deleted: [FOLDER] "C:\Users\Geo\AppData\Roaming\defaulttab" 
Successfully deleted: [FOLDER] "C:\Users\Geo\AppData\Roaming\opencandy" 
Successfully deleted: [FOLDER] "C:\Users\Geo\appdata\local\conduit" 
Successfully deleted: [FOLDER] "C:\Users\Geo\appdata\local\ilivid player" 
Successfully deleted: [FOLDER] "C:\Users\Geo\appdata\locallow\conduit" 
Successfully deleted: [FOLDER] "C:\Users\Geo\appdata\locallow\conduitengine" 
Successfully deleted: [FOLDER] "C:\Users\Geo\appdata\locallow\pricegong" 
Successfully deleted: [FOLDER] "C:\Users\Geo\appdata\locallow\toolbar4" 
Successfully deleted: [FOLDER] "C:\Program Files (x86)\conduit" 
Successfully deleted: [FOLDER] "C:\Program Files (x86)\conduitengine" 
Successfully deleted: [FOLDER] "C:\Program Files (x86)\defaulttab" 
 
 
 
*** Ask Toolbar Cleanup: 
 
Successfully deleted: [FOLDER] "C:\ProgramData\ask" 
 
 
 
*** FireFox detected and repaired 
 
Successfully deleted: [user.js] from C:\Users\Geo\AppData\Roaming\Mozilla\Firefox\Profiles\0uzpdnba.default
Successfully deleted: C:\user.js
Successfully deleted: [search-here.xml] from C:\Users\Geo\AppData\Roaming\Mozilla\Firefox\Profiles\0uzpdnba.default\searchplugins
Successfully deleted: [babylon.xml] from "C:\Program Files (x86)\mozilla firefox\searchplugins"
Successfully deleted: [TRACUR.AV] C:\Users\Geo\AppData\Roaming\Mozilla\Firefox\Profiles\0uzpdnba.default\extensions\tndutivhmu@tndutivhmu.org.xpi 
Removed the following from [prefs.js] : 
 
user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
user_pref("browser.search.order.1", "Search the web (Babylon)");
user_pref("browser.startup.homepage", "http://search.babylon.com/?affID=112842&tt=031012_IKAN_4012_3&babsrc=HP_ss&mntrId=8260d15600000000000000216a77d708");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.id", "8260d15600000000000000216a77d708");
user_pref("extensions.BabylonToolbar.instlDay", "15619");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=8260d15600000000000000216a77d708&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");
user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109935&tt=270612_510");
user_pref("extensions.BabylonToolbar_i.hardId", "8260d15600000000000000216a77d708");
user_pref("extensions.BabylonToolbar_i.id", "8260d15600000000000000216a77d708");
user_pref("extensions.BabylonToolbar_i.instlDay", "15519");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.720:36:01");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\": \"Scenario_1,Scenario_2\", \"set_default_search\": \"Search Here|Search Here\", \"window_content\": \"<html>\\r\\n<head>\\r\\n<style type=\\\"text/css\\\">\\r\\nhtml,\\r\\n\\r\\n.content {\\r\\n        position: absolute;\\r\\n        top: 0;\\r\\n        right: 0;\\r\\n}\\r\\n.content1 {\\r\\n\\tpadding-left: 0px;\\r\\n\\tpadding-top: 0px;\\r\\n\\tpadding-right: 0px;\\r\\n\\tpadding-bottom: 0px;\\r\\n}\\r\\n\\r\\n</style>\\r\\n</head>\\r\\n<body>\\r\\n    <div class=\\\"content\\\">\\r\\n    <img src=\\\"http://assets.defaulttab.com/pop3.png\\\">\\r\\n    </div>\\r\\n \\r\\n</body>\\r\\n</html>\", \"version\": 1, \"search_box_default\": \"Search Here|Search Here\", \"third_party_reporting_partner\": null, \"change_home_page\": true, \"set_default_search_on_update\": true, \"change_default_search\": true, \"icon_image_file\": \"http://assets.mysearchresults.com/information-blue-16x16.ico\", \"change_dns_error_handling_on_update\": false, \"use_dns_error_handling\": true, \"set_search_box\": true, \"set_home_page_to\": \"http://www.mysearchresults.com/?c=2640&t=03\", \"enable_third_party_content\": true, \"country\": \"US\", \"search_engines\": [{\"search_engine\": \"Search Here|Search Here\", \"search_query_string\": \"&c=2640&t=03&q={searchTerms}\", \"toolbar_search_engine_config_id\": 2663, \"third_party_feed_identifier\": \"\", \"new_tab_content\": \"<!DOCTYPE html PUBLIC \\\"-//W3C//DTD XHTML 1.1//EN\\\" \\\"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\\\">\\r\\n<html xmlns=\\\"http://www.w3.org/1999/xhtml\\\">\\r\\n<head>\\r\\n\\t<meta http-equiv=\\\"Content-Type\\\" content=\\\"application/xhtml+xml; charset=utf-8\\\" />\\r\\n\\t<title>Internet Search</title>\\r\\n        <link rel=\\\"shortcut icon\\\" type=\\\"image/ico\\\" href=\\\"http://assets.defaulttab.com/favicon.ico\\\">\\r\\n        <style type=\\\"text/css\\\">\\r\\n        * { -moz-box-sizing: border-box; -webkit-box-sizing: border-box; box-sizing: border-box; }\\r\\n\\t\\thtml, body{\\r\\n\\t\\t\\theight:100%;\\r\\n\\t\\t\\tmargin:0;\\r\\n\\t\\t}\\r\\n\\t\\t.none{display:none;}\\r\\n\\t\\t.top-bar{\\r\\n\\t\\t\\tposition:fixed;\\r\\n\\t\\t\\ttop:0;\\r\\n\\t\\t\\tleft:0;\\r\\n\\t\\t\\twidth:100%;\\r\\n\\t\\t\\theight:30px;\\r\\n\\t\\t\\tbackground:#0342B7;\\r\\n\\t\\t}\\r\\n\\t\\t.top-bar ul{\\r\\n\\t\\t\\tfloat:left;\\r\\n\\t\\t\\tlist-style:none;\\r\\n\\t\\t\\tpadding:0 3px;\\r\\n\\t\\t\\tmargin:0;\\r\\n\\t\\t\\tfont:bold 15px Arial, Helvetica, sans-serif;\\r\\n\\t\\t}\\r\\n\\t\\t.top-bar ul li{\\r\\n\\t\\t\\tfloat:left;\\r\\n\\t\\t\\tpadding:6px 7px;\\t\\r\\n\\t\\t}\\r\\n\\t\\t.top-bar ul li a{\\r\\n\\t\\t\\tcolor:#7DA7F4;\\r\\n\\t\\t\\ttext-decoration:none;\\t\\r\\n\\t\\t}\\r\\n\\t\\t.top-bar ul li a:hover,\\r\\n\\t\\t.top-bar ul li a.active{color:#fff;}\\r\\n\\t\\t.top-bar .lang{\\r\\n\\t\\t\\tfloat:right;\\r\\n\\t\\t\\tpadding:6px 10px;\\r\\n\\t\\t\\tfont:bold 15px Arial, Helvetica, sans-serif;\\r\\n\\t\\t\\tcolor:#9cf;\\r\\n\\t\\t}\\r\\n\\t\\t.top-bar span{float:right;}\\r\\n\\t\\t.top-bar .choose{\\r\\n\\t\\t\\tfloat:right;\\r\\n\\t\\t\\twidth:16px;\\r\\n\\t\\t\\theight:16px;\\t\\r\\n\\t\\t\\tmargin:1px 0 1px 8px;\\r\\n\\t\\t\\tbackground:#1885f2;\\r\\n\\t\\t}\\r\\n\\t\\t.top-bar .choose em{\\r\\n\\t\\t\\tdisplay:block;\\r\\n\\t\\t\\twidth:0;\\r\\n\\t\\t\\theight:0;\\r\\n\\t\\t\\tmargin:6px auto 0;\\r\\n\\t\\t\\toverflow:hidden;\\r\\n\\t\\t\\tborder-top: 5px solid #fff;\\r\\n    \\t\\tborder-left: 5px solid transparent;\\r\\n    \\t\\tborder-right: 5px solid transparent;\\r\\n\\t\\t}\\r\\n\\t\\t.container{\\r\\n\\t\\t\\tdisplay:table;\\r\\n\\t\\t\\twidth:100%;\\r\\n\\t\\t\\theight:100%;\\t\\r\\n\\t\\t}\\r\\n\\t\\t.wrapper{\\r\\n\\t\\t\\tdisplay:table-cell;\\t\\r\\n\\t\\t\\tpadding-top: 250px;\\r\\n\\t\\t\\ttext-align:center;\\r\\n\\t\\t}\\r\\n\\t\\t.wrapper .logo,\\r\\n\\t\\t.wrapper img,\\r\\n\\t\\t.wrapper dl,\\r\\n\\t\\t.wrapper dt,\\r\\n\\t\\t.wrapper dd{\\r\\n\\t\\t\\tfloat:left;\\r\\n\\t\\t\\tmargin:0;\\r\\n\\t\\t\\tpadding:0;\\r\\n\\t\\t}\\r\\n\\t\\t.wrapper .search{\\r\\n\\t\\t\\tmargin:0 auto;\\t\\r\\n\\t\\t\\twidth:710px;\\r\\n        }\\r\\n        .wrapper .logo {\\r\\n            padding-top: 4px;\\r\\n        }\\r\\n\\t\\t*+ html .wrapper .search{margin-top:expression(this.parentNode.offsetHeight > this.offsetHeight ? ((this.parentNode.offsetHeight-this.offsetHeight)/2 + \\\"px\\\") : \\\"0\\\");}\\r\\n\\t\\t.search dl{\\r\\n\\t\\t\\tmargin:9px 0 9px 15px;\\t\\r\\n\\t\\t}\\r\\n        .search dt input{\\r\\n            \\t\\tborder:1px solid #8b8b8b;\\r\\n\\t\\t\\tpadding:2px 7px;\\r\\n\\t\\t\\theight:33px;\\r\\n\\t\\t\\tfont:15px/27px Arial, Helvetica, sans-serif;\\r\\n\\t\\t\\tcolor:#555;\\r\\n\\t\\t\\tbox-shadow:2px 2px 2px -2px #8B8B8B inset;\\r\\n\\t\\t\\t-moz-box-shadow:2px 2px 2px -2px #8B8B8B inset;\\r\\n\\t\\t\\t-webkit-box-shadow:2px 2px 2px -2px #8B8B8B inset;\\r\\n\\t\\t\\twidth:500px;\\r\\n\\t\\t\\tmargin:0;\\r\\n\\t\\t}\\r\\n\\t\\t.search dd button{\\r\\n\\t\\t\\tborder:1px solid #8b8b8b;\\r\\n\\t\\t\\tbackground:#e5e3e3;\\r\\n\\t\\t\\ttext-align:center;\\r\\n\\t\\t\\tpadding:0px 40px;\\r\\n\\t\\t\\theight:33px;\\r\\n\\t\\t\\tfont:bold 15px Arial, Helvetica, sans-serif;\\r\\n\\t\\t\\tcolor:#555;\\r\\n\\t\\t\\tmargin-left:-1px;\\r\\n\\t\\t}\\r\\n\\t\\t*+ html .wrapper .search dd button{\\r\\n\\t\\t\\tpadding-left:20px;\\r\\n\\t\\t\\tpadding-right:20px;\\r\\n\\t\\t\\tmargin-top:1px;\\r\\n\\t\\t}\\r\\n\\t\\t.search dt input:focus,\\r\\n\\t\\t.search dd button:focus{position:relative;}\\r\\n\\t\\t.search dd button::-moz-focus-inner{border:0;}\\r\\n\\t\\t.footer{\\r\\n\\t\\t\\tposition:fixed;\\r\\n\\t\\t\\tbottom:0;\\r\\n\\t\\t\\tleft:0;\\r\\n\\t\\t\\twidth:100%;\\t\\r\\n\\t\\t\\ttext-align:center;\\r\\n\\t\\t}\\r\\n\\t\\t.footer ul{\\r\\n\\t\\t\\tlist-style:none;\\r\\n\\t\\t\\tmargin:0 auto;\\r\\n\\t\\t\\tpadding:15px 0;\\r\\n\\t\\t\\tfont:11px Arial, Helvetica, sans-serif;\\t\\r\\n\\t\\t}\\r\\n\\t\\t.footer ul li{\\r\\n\\t\\t\\tdisplay:inline;\\r\\n\\t\\t\\tpadding:0 10px;\\r\\n\\t\\t\\tborder-left:1px solid #c2bfbf;\\r\\n\\t\\t\\tcolor:#555;\\t\\r\\n\\t\\t}\\r\\n\\t\\t.footer ul li:first-child{border:0;}\\r\\n\\t\\t*+ html #navigation li{border-left: expression( (this===this.parentNode.childNodes[0]) ? \\\"none\\\" : \\\"auto\\\");}\\r\\n\\t\\t.footer ul li a{\\r\\n\\t\\t\\tcolor:#555;\\r\\n\\t\\t\\ttext-decoration:none;\\t\\r\\n\\t\\t}\\r\\n\\t\\t.footer ul li em a{color:#aca8a8;}\\r\\n\\t\\t.footer ul li a:hover{text-decoration:underline;}\\r\\n\\t</style>\\r\\n</head>\\r\\n<body>\\r\\n<div class=\\\"top-bar\\\">\\r\\n\\t<ul>\\r\\n    \\t<li><a class=\\\"active\\\" href=\\\"#\\\">Web</a></li>\\r\\n        <li><a href=\\\"http://www.google.com/images\\\">Images</a></li>\\r\\n        <li><a href=\\\"http://news.google.com\\\">News</a></li>\\r\\n        <!-- <li><a href=\\\"#\\\">Games</a></li> -->\\r\\n        <li><a href=\\\"http://www.youtube.com\\\">Video</a></li>\\r\\n        <li><a href=\\\"http://www.facebook.com\\\">Facebook</a></li>\\r\\n        <li><a href=\\\"http://www.twitter.com\\\">Twitter</a></li>\\r\\n    </ul>\\r\\n    <!--\\r\\n    <div class=\\\"lang\\\">\\r\\n    \\t<a class=\\\"choose\\\" href=\\\"#\\\"><em>&nbsp;</em></a>\\r\\n        <span>English</span>\\r\\n    </div>\\r\\n    -->\\r\\n</div>\\r\\n<div class=\\\"container\\\">\\r\\n\\t<div class=\\\"wrapper\\\">\\r\\n\\t\\t<form class=\\\"search\\\" method=\\\"get\\\" action=\\\"http://www.mysearchresults.com/search\\\">\\r\\n            <div class=\\\"none\\\">\\r\\n                <input type=\\\"hidden\\\" name=\\\"ei\\\" value=\\\"utf-8\\\" />\\r\\n\\t\\t<input type=\\\"hidden\\\" name=\\\"c\\\" value=\\\"2640\\\" />\\r\\n                <input type=\\\"hidden\\\" name=\\\"t\\\" value=\\\"03\\\" />\\r\\n\\r\\n            </div><!--/.none-->\\r\\n\\t\\t\\t<div class=\\\"logo\\\">\\r\\n\\t\\t\\t\\t<img src=\\\"http://assets.defaulttab.com/sr_logo.png\\\" />\\r\\n\\t\\t\\t</div><!--/.logo-->\\r\\n            <dl>\\r\\n\\t            <dt>\\r\\n    \\t\\t        <input type=\\\"text\\\" name=\\\"q\\\" />\\r\\n            \\t</dt>\\r\\n            \\t<dd>\\r\\n\\r\\n\\t\\t            <button type=\\\"submit\\\" class=\\\"y_go\\\">Search</button>\\r\\n        \\t    </dd>\\r\\n            </dl>\\r\\n\\t\\t</form><!--/.search-->\\r\\n\\t</div><!--/.wrapper-->\\r\\n\\t<div class=\\\"footer\\\">\\r\\n        <ul>\\r\\n            <li>&copy; 2012 Search Results</li>\\r\\n\\r\\n            <li>\\r\\n        \\t    <a href=\\\"http://www.mysearchresults.com/privacy-policy\\\">Privacy</a>\\r\\n            </li>\\r\\n        </ul>\\r\\n\\t</div><!--/.footer-->\\r\\n</div><!--/.container-->\\r\\n</body>\\r\\n</html>\", \"base_url\": \"http://www.mysearchresults.com/search\", \"search_engine_id\": 99}, {\"search_engine\": \"Facebook\", \"search_query_string\": \"\", \"toolbar_search_engine_config_id\": 2664, \"third_party_feed_identifier\": \"\", \"new_tab_content\": \"\", \"base_url\": \"http://www.facebook.com/search.php?q={searchTerms}\", \"search_engine_id\": 88}, {\"search_engine\": \"YouTube\", \"search_query_string\": \"\", \"toolbar_search_engine_config_id\": 2665, \"third_party_feed_identifier\": \"\", \"new_tab_content\": \"\", \"base_url\": \"http://www.youtube.com/results?search_query={searchTerms}\", \"search_engine_id\": 90}, {\"search_engine\": \"Amazon\", \"search_query_string\": \"&tag=inline3-20&linkCode=ur2&camp=1789&field-keywords={searchTerms}\", \"toolbar_search_engine_config_id\": 2666, \"third_party_feed_identifier\": \"\", \"new_tab_content\": \"\", \"base_url\": \"http://www.amazon.com/mn/search/?encoding=UTF8\", \"search_engine_id\": 85}, {\"search_engine\": \"Wikipedia\", \"search_query_string\": \"\", \"toolbar_search_engine_config_id\": 2667, \"third_party_feed_identifier\": \"\", \"new_tab_content\": \"\", \"base_url\": \"http://en.wikipedia.org/wiki/{searchTerms}\", \"search_engine_id\": 86}, {\"search_engine\": \"Twitter\", \"search_query_string\": \"\", \"toolbar_search_engine_config_id\": 2668, \"third_party_feed_identifier\": \"\", \"new_tab_content\": \"\", \"base_url\": \"https://twitter.com/#!/search?q={searchTerms}\", \"search_engine_id\": 87}], \"set_home_page_on_update\": true, \"channel\": 2640, \"revision\": 1}}");
user_pref("keyword.URL", "http://search.babylon.com/?affID=112842&tt=031012_IKAN_4012_3&babsrc=KW_ss&mntrId=8260d15600000000000000216a77d708&q=");
 
 
*** Event Viewer Logs - Cleared 
 
 
 
 
 
************************************************************** 
Scan was completed on Fri 10/26/2012 at 17:10:59.17 
End of Report 



#5 Geo M

Geo M
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 26 October 2012 - 05:22 PM

and here is my minitoolbox log:

MiniToolBox by Farbar  Version: 23-07-2012
Ran by Geo (administrator) on 26-10-2012 at 17:20:45
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
ProxyServer: 187.141.66.98:31280

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 

"network.proxy.gopher", ""
"network.proxy.gopher_port", 0
"network.proxy.share_proxy_settings", true
"network.proxy.type", 0
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

MAC Bridge Miniport = Network Bridge (Disconnected)
Intel(R) WiFi Link 5300 AGN = Wireless Network Connection (Connected)
Broadcom NetLink (TM) Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
add route prefix=125.252.224.88/30 interface="iftype0_0" nexthop=192.168.0.197 metric=1
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled metric=100 nud=enabled
set interface interface="Wireless Network Connection" forwarding=enabled advertise=enabled metric=100 nud=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Geo-XPS1640
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Intel(R) WiFi Link 5300 AGN
   Physical Address. . . . . . . . . : 00-21-6A-77-D7-08
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6899:68d7:14bc:6c9c%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.65(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, October 21, 2012 6:45:56 PM
   Lease Expires . . . . . . . . . . : Saturday, October 27, 2012 3:32:02 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 201335146
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-9A-44-86-00-22-19-FD-DA-0E
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-22-19-FD-DA-0E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : isatap.gateway.2wire.net
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{75824BC9-905E-483E-AF42-084ADFADABF2}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  homeportal
Address:  192.168.1.254

Name:    google.com
Addresses:  2001:4860:400a:800::1007
	  74.125.225.5
	  74.125.225.6
	  74.125.225.7
	  74.125.225.8
	  74.125.225.9
	  74.125.225.14
	  74.125.225.0
	  74.125.225.1
	  74.125.225.2
	  74.125.225.3
	  74.125.225.4



Pinging google.com [74.125.225.9] with 32 bytes of data:

Reply from 74.125.225.9: bytes=32 time=96ms TTL=48

Reply from 74.125.225.9: bytes=32 time=124ms TTL=48



Ping statistics for 74.125.225.9:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 96ms, Maximum = 124ms, Average = 110ms

Server:  homeportal
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.139.183.24
	  72.30.38.140
	  98.138.253.109



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=134ms TTL=47

Reply from 72.30.38.140: bytes=32 time=154ms TTL=47



Ping statistics for 72.30.38.140:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 134ms, Maximum = 154ms, Average = 144ms

Server:  homeportal
Address:  192.168.1.254

Name:    bleepingcomputer.com
Address:  208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 12 ...00 21 6a 77 d7 08 ...... Intel(R) WiFi Link 5300 AGN
 11 ...00 22 19 fd da 0e ...... Broadcom NetLink (TM) Gigabit Ethernet
  1 ........................... Software Loopback Interface 1
 17 ...00 00 00 00 00 00 00 e0  isatap.gateway.2wire.net
 10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 15 ...00 00 00 00 00 00 00 e0  isatap.{75824BC9-905E-483E-AF42-084ADFADABF2}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.65    200
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.65    356
     192.168.1.65  255.255.255.255         On-link      192.168.1.65    356
    192.168.1.255  255.255.255.255         On-link      192.168.1.65    356
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.65    361
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.65    356
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
   125.252.224.88  255.255.255.252    192.168.0.197       1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::6899:68d7:14bc:6c9c/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [44032] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (12/17/2011 07:37:23 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/11/2011 05:48:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/22/2011 08:38:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 290 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/04/2010 04:41:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 222 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (07/20/2010 07:08:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 236 seconds with 0 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (Version: 9.0.0)
Amazon Kindle
Apple Mobile Device Support (Version: 6.0.0.59)
Bonjour (Version: 3.0.0.10)
ccc-utility64 (Version: 2009.0625.1812.30825)
Dell Dock (Version: 2.0)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dropbox (Version: 1.4.7)
FastAccess (Version: 2.2.13.1)
Google Chrome (Version: 22.0.1229.94)
Google Talk (remove only)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP Photosmart All-In-One Driver Software 10.0 Rel .2 (Version: 10.0)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Solution Center 10.0 (Version: 10.0)
iCloud (Version: 1.1.0.40)
Integrated Webcam Driver (1.06.03.0309)   (Version: 1.06.03.0309)
Intel PROSet Wireless
Intel(R) PROSet/Wireless WiFi Software (Version: 14.03.0000)
iTunes (Version: 10.7.0.21)
Java(TM) 7 Update 3 (64-bit) (Version: 7.0.30)
Logitech SetPoint 6.32 (Version: 6.32.20)
M-Audio Conectiv Driver 6.0.1 (x64) (Version: 6.0.1)
M-Audio USB MIDI Series Driver 5.0.1 (x64) (Version: 5.0.1)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.8.0)
Native Instruments Audio 8 DJ Driver (Version: 2.0.4.001)
Native Instruments Service Center (Version: 2.0.5.2)
Native Instruments Traktor 2 (Version: 2.0.1.10169)
NetDeviceManager64 (Version: 100.0.170.000)
OCR Software by I.R.I.S. 10.0 (Version: 10.0)
PaperPort Image Printer (Version: 1.00.0000)
PC Optimizer Pro (Version: 6.1.0.7)
PDF-XChange 3
Pinnacle Video Driver (Version: 12.1.0.030)
Quickset (Version: 9.2.19)
Revo Uninstaller Pro 2.5.3 (Version: 2.5.3)
Shop for HP Supplies (Version: 10.0)
Spotify (Version: 0.8.1.76.g4773b858)
Uninstall A Ruler for Windows (Version: 2.4.5)
USB Tablet Manager (Version: 1.00.0000)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (Version: 11.0.200)
WD SmartWare (Version: 1.1.0.2)
WIDCOMM Bluetooth Software 6.1.0.4402 (Version: 6.1.0.4402)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live Sync (Version: 14.0.8117.416)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 67%
Total physical RAM: 6107.94 MB
Available physical RAM: 1979.04 MB
Total Pagefile: 12398.91 MB
Available Pagefile: 8667.36 MB
Total Virtual: 4095.88 MB
Available Virtual: 3994.04 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:450.61 GB) (Free:28.24 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:6.41 GB) NTFS
5 Drive z: (PUBLIC) (Network) (Total:913.09 GB) (Free:15.65 GB) NTFS

========================= Users: ========================================

User accounts for \\GEO-XPS1640

Administrator            Geo                      Guest                    
RA Media Server          


**** End of log ****



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:56 PM

Posted 26 October 2012 - 08:38 PM

Sorry for the delay

rerun TDSS and change the option on these to Cure or Delete
16:53:57.0846 8716 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:53:57.0846 8716 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


Is your Antivirus thr Bonjour?

How is it now?






I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/list]
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Geo M

Geo M
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 26 October 2012 - 09:01 PM

Wow. The redirect seems to be gone. Thanks! But as far as antivirus I use norton (don't know if it's a good program or not). As far as "Is your Antivirus thr Bonjour?" I don't know what Bonjour is. I also tried the online virus scanner but I can't get updates because it says "Is proxy configured?" Do you know how I can fix this? Anyway, thanks for the help. The redirect issue seems to be gone.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:56 PM

Posted 26 October 2012 - 09:59 PM

Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users