Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help clean up - Genieo


  • Please log in to reply
13 replies to this topic

#1 kathydeee

kathydeee

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 01 November 2012 - 08:35 AM

Hi,

Thanks for the help. Happy to have found this site. It appears my computer (windows 7) is infected by Genieo and I can't seem to find a solution that works.

Was constantly redirected to a genieo yahoo home page through google chrome & had problems on the internet: slow, trouble retrieving emails, freezing up, etc.

I uninstalled Genieo through the control panel but still had symptoms, scanned with AVG, Spybot, a Malware program,(another antivirus program a computer friend suggested/can't remember the name right now), tried Genieo's "uninstall" program (which didn't do much). Cleaned some problems but still the redirect to genieo page persisted.

Finally managed to switch my home page away from genieo through options in Chrome (which has seemed effective) - but flashing & talking ads keep appearing on Chrome - My email access is currently better. Recently the ads showed up on Facebook & some functions are affected.

I uninstalled most programs/updates dating back several months to try to eliminate the inflection. Don't feel knowledgeable enough with computers to try the manual deletion processes explained on some sites - so am running out of answers.

The computer is performing quite a bit better but I keep seeing/hearing ads as a reminder that the problem is still lurking. Unfortunately, I do not have a saved restore point (which will change after this is cleared up).

Ran into this discussion about cleaning Genieo - http://www.bleepingcomputer.com/forums/topic469357.html. Not very knowledgeable about computers. Is it best to just try to follow all these directions or perhaps one of you would be kind enough to look at the scan results and guide?

Any help is much appreciated.

Thanks,

Kathy

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:12 AM

Posted 01 November 2012 - 08:47 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 kathydeee

kathydeee
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 01 November 2012 - 09:48 PM

Thanks so much for the help.

Ran TDSSKILLer in "TDLFS file system"
Posting log:

19:37:07.0333 2608 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:37:07.0943 2608 ============================================================
19:37:07.0943 2608 Current date / time: 2012/11/01 19:37:07.0943
19:37:07.0943 2608 SystemInfo:
19:37:07.0943 2608
19:37:07.0943 2608 OS Version: 6.1.7601 ServicePack: 1.0
19:37:07.0943 2608 Product type: Workstation
19:37:07.0943 2608 ComputerName: MININT-T98QMLJ
19:37:07.0943 2608 UserName: kathy
19:37:07.0943 2608 Windows directory: C:\Windows
19:37:07.0943 2608 System windows directory: C:\Windows
19:37:07.0943 2608 Running under WOW64
19:37:07.0943 2608 Processor architecture: Intel x64
19:37:07.0944 2608 Number of processors: 2
19:37:07.0944 2608 Page size: 0x1000
19:37:07.0944 2608 Boot type: Normal boot
19:37:07.0944 2608 ============================================================
19:37:09.0051 2608 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:37:09.0060 2608 Drive \Device\Harddisk1\DR1 - Size: 0x76E480000 (29.72 Gb), SectorSize: 0x200, Cylinders: 0xF28, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:37:09.0071 2608 ============================================================
19:37:09.0071 2608 \Device\Harddisk0\DR0:
19:37:09.0071 2608 MBR partitions:
19:37:09.0071 2608 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x238D5000
19:37:09.0072 2608 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x238D5800, BlocksNum 0x1B58800
19:37:09.0072 2608 \Device\Harddisk1\DR1:
19:37:09.0073 2608 MBR partitions:
19:37:09.0074 2608 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3B70400
19:37:09.0074 2608 ============================================================
19:37:09.0090 2608 C: <-> \Device\Harddisk0\DR0\Partition1
19:37:09.0133 2608 D: <-> \Device\Harddisk0\DR0\Partition2
19:37:09.0133 2608 ============================================================
19:37:09.0133 2608 Initialize success
19:37:09.0134 2608 ============================================================
19:37:21.0096 4660 ============================================================
19:37:21.0096 4660 Scan started
19:37:21.0096 4660 Mode: Manual; TDLFS;
19:37:21.0096 4660 ============================================================
19:37:21.0887 4660 ================ Scan system memory ========================
19:37:21.0887 4660 System memory - ok
19:37:21.0888 4660 ================ Scan services =============================
19:37:22.0047 4660 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:37:22.0050 4660 1394ohci - ok
19:37:22.0085 4660 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:37:22.0089 4660 ACPI - ok
19:37:22.0106 4660 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:37:22.0107 4660 AcpiPmi - ok
19:37:22.0137 4660 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:37:22.0142 4660 adp94xx - ok
19:37:22.0164 4660 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:37:22.0169 4660 adpahci - ok
19:37:22.0190 4660 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:37:22.0193 4660 adpu320 - ok
19:37:22.0225 4660 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:37:22.0227 4660 AeLookupSvc - ok
19:37:22.0275 4660 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
19:37:22.0277 4660 AERTFilters - ok
19:37:22.0342 4660 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:37:22.0347 4660 AFD - ok
19:37:22.0369 4660 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:37:22.0371 4660 agp440 - ok
19:37:22.0395 4660 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:37:22.0397 4660 ALG - ok
19:37:22.0418 4660 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:37:22.0419 4660 aliide - ok
19:37:22.0439 4660 [ CAA6ED31C6DA3C505A684162B3492166 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:37:22.0442 4660 AMD External Events Utility - ok
19:37:22.0461 4660 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:37:22.0462 4660 amdide - ok
19:37:22.0477 4660 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:37:22.0479 4660 AmdK8 - ok
19:37:22.0748 4660 [ CC0B8B1912967D429C4A2D2BD7A9E52D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:37:22.0816 4660 amdkmdag - ok
19:37:22.0837 4660 [ B855C99C23A57EDECA29F49A3210B95C ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:37:22.0840 4660 amdkmdap - ok
19:37:22.0852 4660 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:37:22.0854 4660 AmdPPM - ok
19:37:22.0888 4660 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:37:22.0891 4660 amdsata - ok
19:37:22.0931 4660 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:37:22.0935 4660 amdsbs - ok
19:37:22.0955 4660 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:37:22.0956 4660 amdxata - ok
19:37:22.0979 4660 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:37:22.0980 4660 AppID - ok
19:37:23.0005 4660 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:37:23.0006 4660 AppIDSvc - ok
19:37:23.0020 4660 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:37:23.0022 4660 Appinfo - ok
19:37:23.0044 4660 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:37:23.0046 4660 arc - ok
19:37:23.0057 4660 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:37:23.0059 4660 arcsas - ok
19:37:23.0082 4660 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:37:23.0083 4660 AsyncMac - ok
19:37:23.0097 4660 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:37:23.0098 4660 atapi - ok
19:37:23.0148 4660 [ 7E2F5A758F63F80F8B03F889B4E6B19F ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
19:37:23.0150 4660 AtiHdmiService - ok
19:37:23.0180 4660 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\drivers\AtiPcie.sys
19:37:23.0182 4660 AtiPcie - ok
19:37:23.0229 4660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:37:23.0237 4660 AudioEndpointBuilder - ok
19:37:23.0271 4660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:37:23.0279 4660 AudioSrv - ok
19:37:23.0340 4660 [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
19:37:23.0341 4660 Avgfwfd - ok
19:37:23.0477 4660 [ BD5D11CEDBCDE4FA97D2387E7069B1FF ] avgfws C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
19:37:23.0501 4660 avgfws - ok
19:37:23.0644 4660 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
19:37:23.0696 4660 AVGIDSAgent - ok
19:37:23.0745 4660 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:37:23.0747 4660 AVGIDSDriver - ok
19:37:23.0793 4660 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
19:37:23.0795 4660 AVGIDSFilter - ok
19:37:23.0812 4660 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
19:37:23.0813 4660 AVGIDSHA - ok
19:37:23.0841 4660 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
19:37:23.0845 4660 Avgldx64 - ok
19:37:23.0863 4660 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
19:37:23.0865 4660 Avgmfx64 - ok
19:37:23.0939 4660 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
19:37:23.0941 4660 Avgrkx64 - ok
19:37:23.0962 4660 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
19:37:23.0967 4660 Avgtdia - ok
19:37:24.0010 4660 [ BFD698CC6E1DE2E0D23155DECC513D2F ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
19:37:24.0011 4660 avgtp - ok
19:37:24.0055 4660 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:37:24.0058 4660 avgwd - ok
19:37:24.0091 4660 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:37:24.0094 4660 AxInstSV - ok
19:37:24.0139 4660 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:37:24.0145 4660 b06bdrv - ok
19:37:24.0176 4660 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:37:24.0180 4660 b57nd60a - ok
19:37:24.0290 4660 [ 6A32E90524E150B7AF61201168720E78 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
19:37:24.0321 4660 BCM43XX - ok
19:37:24.0369 4660 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:37:24.0372 4660 BDESVC - ok
19:37:24.0387 4660 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:37:24.0388 4660 Beep - ok
19:37:24.0440 4660 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:37:24.0448 4660 BFE - ok
19:37:24.0485 4660 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:37:24.0496 4660 BITS - ok
19:37:24.0512 4660 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:37:24.0513 4660 blbdrive - ok
19:37:24.0532 4660 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:37:24.0534 4660 bowser - ok
19:37:24.0551 4660 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:37:24.0552 4660 BrFiltLo - ok
19:37:24.0562 4660 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:37:24.0563 4660 BrFiltUp - ok
19:37:24.0606 4660 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:37:24.0609 4660 Browser - ok
19:37:24.0632 4660 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:37:24.0636 4660 Brserid - ok
19:37:24.0646 4660 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:37:24.0647 4660 BrSerWdm - ok
19:37:24.0668 4660 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:37:24.0669 4660 BrUsbMdm - ok
19:37:24.0676 4660 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:37:24.0678 4660 BrUsbSer - ok
19:37:24.0703 4660 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:37:24.0704 4660 BTHMODEM - ok
19:37:24.0746 4660 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:37:24.0748 4660 bthserv - ok
19:37:24.0775 4660 [ 43FB7FA896D87AA5A9F3E743D7E2303F ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:37:24.0777 4660 btwavdt - ok
19:37:24.0797 4660 [ 1AED551A8CB2F2343EDA09109EEF4807 ] btwrchid C:\Windows\system32\drivers\btwrchid.sys
19:37:24.0798 4660 btwrchid - ok
19:37:24.0825 4660 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:37:24.0827 4660 cdfs - ok
19:37:24.0857 4660 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:37:24.0860 4660 cdrom - ok
19:37:24.0888 4660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:37:24.0890 4660 CertPropSvc - ok
19:37:24.0909 4660 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:37:24.0910 4660 circlass - ok
19:37:24.0933 4660 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:37:24.0938 4660 CLFS - ok
19:37:24.0992 4660 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:37:24.0994 4660 clr_optimization_v2.0.50727_32 - ok
19:37:25.0021 4660 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:37:25.0023 4660 clr_optimization_v2.0.50727_64 - ok
19:37:25.0120 4660 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:37:25.0122 4660 clr_optimization_v4.0.30319_32 - ok
19:37:25.0154 4660 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:37:25.0156 4660 clr_optimization_v4.0.30319_64 - ok
19:37:25.0175 4660 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:37:25.0176 4660 CmBatt - ok
19:37:25.0204 4660 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:37:25.0206 4660 cmdide - ok
19:37:25.0259 4660 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:37:25.0265 4660 CNG - ok
19:37:25.0285 4660 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:37:25.0286 4660 Compbatt - ok
19:37:25.0311 4660 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:37:25.0312 4660 CompositeBus - ok
19:37:25.0326 4660 COMSysApp - ok
19:37:25.0346 4660 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:37:25.0347 4660 crcdisk - ok
19:37:25.0398 4660 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:37:25.0401 4660 CryptSvc - ok
19:37:25.0448 4660 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:37:25.0451 4660 CtClsFlt - ok
19:37:25.0489 4660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:37:25.0496 4660 DcomLaunch - ok
19:37:25.0540 4660 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:37:25.0544 4660 defragsvc - ok
19:37:25.0567 4660 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:37:25.0569 4660 DfsC - ok
19:37:25.0590 4660 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:37:25.0594 4660 Dhcp - ok
19:37:25.0615 4660 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:37:25.0616 4660 discache - ok
19:37:25.0650 4660 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:37:25.0652 4660 Disk - ok
19:37:25.0681 4660 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:37:25.0684 4660 Dnscache - ok
19:37:25.0727 4660 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:37:25.0731 4660 dot3svc - ok
19:37:25.0784 4660 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:37:25.0786 4660 Dot4 - ok
19:37:25.0830 4660 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:37:25.0832 4660 Dot4Print - ok
19:37:25.0846 4660 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:37:25.0848 4660 dot4usb - ok
19:37:25.0867 4660 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:37:25.0870 4660 DPS - ok
19:37:25.0894 4660 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:37:25.0896 4660 drmkaud - ok
19:37:25.0946 4660 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:37:25.0956 4660 DXGKrnl - ok
19:37:25.0973 4660 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:37:25.0976 4660 EapHost - ok
19:37:26.0056 4660 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:37:26.0090 4660 ebdrv - ok
19:37:26.0137 4660 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:37:26.0139 4660 EFS - ok
19:37:26.0197 4660 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:37:26.0205 4660 ehRecvr - ok
19:37:26.0234 4660 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:37:26.0236 4660 ehSched - ok
19:37:26.0269 4660 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:37:26.0275 4660 elxstor - ok
19:37:26.0293 4660 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:37:26.0294 4660 ErrDev - ok
19:37:26.0335 4660 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:37:26.0341 4660 EventSystem - ok
19:37:26.0365 4660 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:37:26.0368 4660 exfat - ok
19:37:26.0390 4660 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:37:26.0393 4660 fastfat - ok
19:37:26.0425 4660 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:37:26.0433 4660 Fax - ok
19:37:26.0442 4660 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:37:26.0444 4660 fdc - ok
19:37:26.0461 4660 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:37:26.0463 4660 fdPHost - ok
19:37:26.0479 4660 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:37:26.0481 4660 FDResPub - ok
19:37:26.0491 4660 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:37:26.0493 4660 FileInfo - ok
19:37:26.0508 4660 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:37:26.0510 4660 Filetrace - ok
19:37:26.0520 4660 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:37:26.0521 4660 flpydisk - ok
19:37:26.0544 4660 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:37:26.0547 4660 FltMgr - ok
19:37:26.0596 4660 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:37:26.0609 4660 FontCache - ok
19:37:26.0649 4660 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:37:26.0651 4660 FontCache3.0.0.0 - ok
19:37:26.0668 4660 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:37:26.0670 4660 FsDepends - ok
19:37:26.0711 4660 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:37:26.0712 4660 Fs_Rec - ok
19:37:26.0754 4660 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:37:26.0757 4660 fvevol - ok
19:37:26.0785 4660 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:37:26.0787 4660 gagp30kx - ok
19:37:26.0827 4660 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:37:26.0837 4660 gpsvc - ok
19:37:26.0924 4660 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:37:26.0926 4660 gupdate - ok
19:37:26.0938 4660 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:37:26.0940 4660 gupdatem - ok
19:37:26.0957 4660 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:37:26.0958 4660 hcw85cir - ok
19:37:26.0980 4660 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:37:26.0982 4660 HDAudBus - ok
19:37:26.0990 4660 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:37:26.0992 4660 HidBatt - ok
19:37:27.0003 4660 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:37:27.0005 4660 HidBth - ok
19:37:27.0021 4660 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:37:27.0023 4660 HidIr - ok
19:37:27.0043 4660 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:37:27.0045 4660 hidserv - ok
19:37:27.0060 4660 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:37:27.0062 4660 HidUsb - ok
19:37:27.0094 4660 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:37:27.0096 4660 hkmsvc - ok
19:37:27.0112 4660 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:37:27.0116 4660 HomeGroupListener - ok
19:37:27.0132 4660 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:37:27.0136 4660 HomeGroupProvider - ok
19:37:27.0155 4660 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:37:27.0157 4660 HpSAMD - ok
19:37:27.0198 4660 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:37:27.0206 4660 HTTP - ok
19:37:27.0221 4660 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:37:27.0223 4660 hwpolicy - ok
19:37:27.0258 4660 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:37:27.0260 4660 i8042prt - ok
19:37:27.0295 4660 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:37:27.0299 4660 iaStorV - ok
19:37:27.0358 4660 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:37:27.0360 4660 IDriverT - ok
19:37:27.0405 4660 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:37:27.0415 4660 idsvc - ok
19:37:27.0455 4660 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:37:27.0457 4660 iirsp - ok
19:37:27.0496 4660 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:37:27.0505 4660 IKEEXT - ok
19:37:27.0591 4660 [ 06B774E74F7E2B8AE903A70C45A03D61 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:37:27.0616 4660 IntcAzAudAddService - ok
19:37:27.0636 4660 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:37:27.0638 4660 intelide - ok
19:37:27.0660 4660 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:37:27.0662 4660 intelppm - ok
19:37:27.0698 4660 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:37:27.0700 4660 IPBusEnum - ok
19:37:27.0716 4660 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:37:27.0718 4660 IpFilterDriver - ok
19:37:27.0746 4660 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:37:27.0753 4660 iphlpsvc - ok
19:37:27.0762 4660 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:37:27.0764 4660 IPMIDRV - ok
19:37:27.0775 4660 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:37:27.0777 4660 IPNAT - ok
19:37:27.0795 4660 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:37:27.0797 4660 IRENUM - ok
19:37:27.0814 4660 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:37:27.0816 4660 isapnp - ok
19:37:27.0840 4660 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:37:27.0844 4660 iScsiPrt - ok
19:37:27.0863 4660 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:37:27.0865 4660 kbdclass - ok
19:37:27.0882 4660 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:37:27.0883 4660 kbdhid - ok
19:37:27.0895 4660 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:37:27.0897 4660 KeyIso - ok
19:37:27.0942 4660 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:37:27.0943 4660 KSecDD - ok
19:37:27.0964 4660 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:37:27.0967 4660 KSecPkg - ok
19:37:27.0977 4660 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:37:27.0979 4660 ksthunk - ok
19:37:28.0010 4660 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:37:28.0016 4660 KtmRm - ok
19:37:28.0053 4660 [ 39918DB0EFCF045A1CE6FABBF339F975 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
19:37:28.0055 4660 L1C - ok
19:37:28.0104 4660 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:37:28.0108 4660 LanmanServer - ok
19:37:28.0128 4660 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:37:28.0132 4660 LanmanWorkstation - ok
19:37:28.0158 4660 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:37:28.0160 4660 lltdio - ok
19:37:28.0189 4660 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:37:28.0194 4660 lltdsvc - ok
19:37:28.0209 4660 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:37:28.0211 4660 lmhosts - ok
19:37:28.0242 4660 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:37:28.0244 4660 LSI_FC - ok
19:37:28.0261 4660 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:37:28.0263 4660 LSI_SAS - ok
19:37:28.0280 4660 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:37:28.0282 4660 LSI_SAS2 - ok
19:37:28.0302 4660 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:37:28.0304 4660 LSI_SCSI - ok
19:37:28.0331 4660 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:37:28.0333 4660 luafv - ok
19:37:28.0357 4660 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:37:28.0360 4660 Mcx2Svc - ok
19:37:28.0374 4660 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:37:28.0376 4660 megasas - ok
19:37:28.0395 4660 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:37:28.0399 4660 MegaSR - ok
19:37:28.0426 4660 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:37:28.0429 4660 MMCSS - ok
19:37:28.0443 4660 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:37:28.0444 4660 Modem - ok
19:37:28.0466 4660 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:37:28.0467 4660 monitor - ok
19:37:28.0500 4660 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:37:28.0501 4660 mouclass - ok
19:37:28.0521 4660 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:37:28.0522 4660 mouhid - ok
19:37:28.0539 4660 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:37:28.0541 4660 mountmgr - ok
19:37:28.0559 4660 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:37:28.0562 4660 mpio - ok
19:37:28.0587 4660 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:37:28.0588 4660 mpsdrv - ok
19:37:28.0622 4660 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:37:28.0632 4660 MpsSvc - ok
19:37:28.0657 4660 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:37:28.0660 4660 MRxDAV - ok
19:37:28.0692 4660 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:37:28.0695 4660 mrxsmb - ok
19:37:28.0728 4660 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:37:28.0732 4660 mrxsmb10 - ok
19:37:28.0753 4660 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:37:28.0756 4660 mrxsmb20 - ok
19:37:28.0784 4660 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:37:28.0786 4660 msahci - ok
19:37:28.0803 4660 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:37:28.0806 4660 msdsm - ok
19:37:28.0824 4660 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:37:28.0829 4660 MSDTC - ok
19:37:28.0851 4660 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:37:28.0852 4660 Msfs - ok
19:37:28.0867 4660 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:37:28.0868 4660 mshidkmdf - ok
19:37:28.0885 4660 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:37:28.0886 4660 msisadrv - ok
19:37:28.0928 4660 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:37:28.0931 4660 MSiSCSI - ok
19:37:28.0938 4660 msiserver - ok
19:37:28.0970 4660 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:37:28.0971 4660 MSKSSRV - ok
19:37:28.0993 4660 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:37:28.0994 4660 MSPCLOCK - ok
19:37:29.0008 4660 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:37:29.0010 4660 MSPQM - ok
19:37:29.0036 4660 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:37:29.0041 4660 MsRPC - ok
19:37:29.0062 4660 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:37:29.0064 4660 mssmbios - ok
19:37:29.0080 4660 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:37:29.0085 4660 MSTEE - ok
19:37:29.0102 4660 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:37:29.0104 4660 MTConfig - ok
19:37:29.0120 4660 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:37:29.0122 4660 Mup - ok
19:37:29.0163 4660 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:37:29.0169 4660 napagent - ok
19:37:29.0191 4660 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:37:29.0196 4660 NativeWifiP - ok
19:37:29.0256 4660 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:37:29.0266 4660 NDIS - ok
19:37:29.0288 4660 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:37:29.0289 4660 NdisCap - ok
19:37:29.0307 4660 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:37:29.0309 4660 NdisTapi - ok
19:37:29.0327 4660 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:37:29.0329 4660 Ndisuio - ok
19:37:29.0344 4660 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:37:29.0347 4660 NdisWan - ok
19:37:29.0364 4660 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:37:29.0366 4660 NDProxy - ok
19:37:29.0383 4660 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:37:29.0385 4660 NetBIOS - ok
19:37:29.0409 4660 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:37:29.0414 4660 NetBT - ok
19:37:29.0428 4660 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:37:29.0431 4660 Netlogon - ok
19:37:29.0477 4660 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:37:29.0483 4660 Netman - ok
19:37:29.0501 4660 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:37:29.0507 4660 netprofm - ok
19:37:29.0527 4660 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:37:29.0529 4660 NetTcpPortSharing - ok
19:37:29.0559 4660 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:37:29.0561 4660 nfrd960 - ok
19:37:29.0585 4660 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:37:29.0590 4660 NlaSvc - ok
19:37:29.0605 4660 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:37:29.0606 4660 Npfs - ok
19:37:29.0621 4660 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:37:29.0624 4660 nsi - ok
19:37:29.0639 4660 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:37:29.0640 4660 nsiproxy - ok
19:37:29.0718 4660 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:37:29.0736 4660 Ntfs - ok
19:37:29.0752 4660 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:37:29.0753 4660 Null - ok
19:37:29.0781 4660 [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
19:37:29.0783 4660 nusb3hub - ok
19:37:29.0803 4660 [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
19:37:29.0806 4660 nusb3xhc - ok
19:37:29.0846 4660 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:37:29.0849 4660 nvraid - ok
19:37:29.0862 4660 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:37:29.0866 4660 nvstor - ok
19:37:29.0900 4660 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:37:29.0903 4660 nv_agp - ok
19:37:29.0925 4660 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:37:29.0926 4660 ohci1394 - ok
19:37:29.0979 4660 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:37:29.0981 4660 ose - ok
19:37:30.0143 4660 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:37:30.0193 4660 osppsvc - ok
19:37:30.0227 4660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:37:30.0233 4660 p2pimsvc - ok
19:37:30.0258 4660 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:37:30.0265 4660 p2psvc - ok
19:37:30.0296 4660 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:37:30.0299 4660 Parport - ok
19:37:30.0345 4660 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:37:30.0346 4660 partmgr - ok
19:37:30.0363 4660 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:37:30.0368 4660 PcaSvc - ok
19:37:30.0377 4660 PCDSRVC{67F2314B-25F2B3C0-06020101}_0 - ok
19:37:30.0402 4660 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:37:30.0405 4660 pci - ok
19:37:30.0423 4660 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:37:30.0425 4660 pciide - ok
19:37:30.0449 4660 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:37:30.0452 4660 pcmcia - ok
19:37:30.0474 4660 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:37:30.0476 4660 pcw - ok
19:37:30.0503 4660 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:37:30.0510 4660 PEAUTH - ok
19:37:30.0598 4660 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:37:30.0600 4660 PerfHost - ok
19:37:30.0662 4660 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:37:30.0679 4660 pla - ok
19:37:30.0714 4660 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:37:30.0721 4660 PlugPlay - ok
19:37:30.0736 4660 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:37:30.0738 4660 PNRPAutoReg - ok
19:37:30.0761 4660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:37:30.0766 4660 PNRPsvc - ok
19:37:30.0797 4660 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:37:30.0804 4660 PolicyAgent - ok
19:37:30.0829 4660 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:37:30.0834 4660 Power - ok
19:37:30.0879 4660 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:37:30.0881 4660 PptpMiniport - ok
19:37:30.0914 4660 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:37:30.0916 4660 Processor - ok
19:37:30.0965 4660 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:37:30.0970 4660 ProfSvc - ok
19:37:30.0987 4660 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:37:30.0989 4660 ProtectedStorage - ok
19:37:31.0005 4660 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:37:31.0008 4660 Psched - ok
19:37:31.0042 4660 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:37:31.0043 4660 PxHlpa64 - ok
19:37:31.0097 4660 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:37:31.0114 4660 ql2300 - ok
19:37:31.0138 4660 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:37:31.0140 4660 ql40xx - ok
19:37:31.0172 4660 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:37:31.0176 4660 QWAVE - ok
19:37:31.0189 4660 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:37:31.0191 4660 QWAVEdrv - ok
19:37:31.0211 4660 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:37:31.0213 4660 RasAcd - ok
19:37:31.0238 4660 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:37:31.0240 4660 RasAgileVpn - ok
19:37:31.0248 4660 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:37:31.0252 4660 RasAuto - ok
19:37:31.0269 4660 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:37:31.0272 4660 Rasl2tp - ok
19:37:31.0291 4660 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:37:31.0296 4660 RasMan - ok
19:37:31.0309 4660 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:37:31.0311 4660 RasPppoe - ok
19:37:31.0329 4660 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:37:31.0330 4660 RasSstp - ok
19:37:31.0357 4660 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:37:31.0361 4660 rdbss - ok
19:37:31.0375 4660 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:37:31.0376 4660 rdpbus - ok
19:37:31.0395 4660 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:37:31.0396 4660 RDPCDD - ok
19:37:31.0424 4660 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:37:31.0426 4660 RDPENCDD - ok
19:37:31.0443 4660 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:37:31.0444 4660 RDPREFMP - ok
19:37:31.0478 4660 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:37:31.0481 4660 RDPWD - ok
19:37:31.0509 4660 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:37:31.0512 4660 rdyboost - ok
19:37:31.0533 4660 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:37:31.0536 4660 RemoteAccess - ok
19:37:31.0565 4660 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:37:31.0569 4660 RemoteRegistry - ok
19:37:31.0683 4660 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
19:37:31.0697 4660 RoxMediaDB12OEM - ok
19:37:31.0724 4660 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
19:37:31.0728 4660 RoxWatch12 - ok
19:37:31.0744 4660 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:37:31.0747 4660 RpcEptMapper - ok
19:37:31.0775 4660 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:37:31.0777 4660 RpcLocator - ok
19:37:31.0796 4660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:37:31.0804 4660 RpcSs - ok
19:37:31.0845 4660 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:37:31.0847 4660 rspndr - ok
19:37:31.0876 4660 [ 22D6B47D004A6568C500680BE2972854 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
19:37:31.0880 4660 RSUSBSTOR - ok
19:37:31.0894 4660 RTL8187 - ok
19:37:31.0911 4660 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:37:31.0914 4660 SamSs - ok
19:37:31.0932 4660 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:37:31.0934 4660 sbp2port - ok
19:37:32.0036 4660 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:37:32.0049 4660 SBSDWSCService - ok
19:37:32.0079 4660 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:37:32.0083 4660 SCardSvr - ok
19:37:32.0091 4660 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:37:32.0092 4660 scfilter - ok
19:37:32.0130 4660 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:37:32.0144 4660 Schedule - ok
19:37:32.0171 4660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:37:32.0173 4660 SCPolicySvc - ok
19:37:32.0184 4660 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:37:32.0187 4660 SDRSVC - ok
19:37:32.0219 4660 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:37:32.0221 4660 secdrv - ok
19:37:32.0237 4660 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:37:32.0241 4660 seclogon - ok
19:37:32.0251 4660 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:37:32.0254 4660 SENS - ok
19:37:32.0287 4660 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:37:32.0290 4660 SensrSvc - ok
19:37:32.0305 4660 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:37:32.0307 4660 Serenum - ok
19:37:32.0326 4660 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:37:32.0329 4660 Serial - ok
19:37:32.0354 4660 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:37:32.0356 4660 sermouse - ok
19:37:32.0391 4660 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:37:32.0395 4660 SessionEnv - ok
19:37:32.0402 4660 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:37:32.0403 4660 sffdisk - ok
19:37:32.0414 4660 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:37:32.0415 4660 sffp_mmc - ok
19:37:32.0424 4660 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:37:32.0426 4660 sffp_sd - ok
19:37:32.0434 4660 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:37:32.0436 4660 sfloppy - ok
19:37:32.0482 4660 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:37:32.0487 4660 SharedAccess - ok
19:37:32.0509 4660 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:37:32.0515 4660 ShellHWDetection - ok
19:37:32.0536 4660 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:37:32.0538 4660 SiSRaid2 - ok
19:37:32.0548 4660 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:37:32.0550 4660 SiSRaid4 - ok
19:37:32.0606 4660 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:37:32.0608 4660 SkypeUpdate - ok
19:37:32.0628 4660 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:37:32.0630 4660 Smb - ok
19:37:32.0683 4660 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:37:32.0686 4660 SNMPTRAP - ok
19:37:32.0698 4660 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:37:32.0699 4660 spldr - ok
19:37:32.0755 4660 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:37:32.0763 4660 Spooler - ok
19:37:32.0844 4660 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:37:32.0881 4660 sppsvc - ok
19:37:32.0898 4660 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:37:32.0901 4660 sppuinotify - ok
19:37:32.0943 4660 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:37:32.0949 4660 srv - ok
19:37:32.0970 4660 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:37:32.0976 4660 srv2 - ok
19:37:32.0994 4660 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:37:32.0997 4660 srvnet - ok
19:37:33.0023 4660 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:37:33.0027 4660 SSDPSRV - ok
19:37:33.0045 4660 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:37:33.0049 4660 SstpSvc - ok
19:37:33.0072 4660 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:37:33.0073 4660 stexstor - ok
19:37:33.0106 4660 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:37:33.0115 4660 stisvc - ok
19:37:33.0162 4660 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
19:37:33.0164 4660 stllssvr - ok
19:37:33.0184 4660 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:37:33.0185 4660 swenum - ok
19:37:33.0252 4660 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:37:33.0258 4660 SwitchBoard - ok
19:37:33.0288 4660 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:37:33.0296 4660 swprv - ok
19:37:33.0339 4660 [ 4998AE89119C7106C92F0A64E4840FF6 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:37:33.0343 4660 SynTP - ok
19:37:33.0386 4660 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:37:33.0405 4660 SysMain - ok
19:37:33.0424 4660 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:37:33.0427 4660 TabletInputService - ok
19:37:33.0446 4660 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:37:33.0452 4660 TapiSrv - ok
19:37:33.0469 4660 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:37:33.0472 4660 TBS - ok
19:37:33.0553 4660 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:37:33.0573 4660 Tcpip - ok
19:37:33.0620 4660 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:37:33.0639 4660 TCPIP6 - ok
19:37:33.0661 4660 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:37:33.0663 4660 tcpipreg - ok
19:37:33.0693 4660 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:37:33.0695 4660 TDPIPE - ok
19:37:33.0731 4660 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:37:33.0733 4660 TDTCP - ok
19:37:33.0749 4660 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:37:33.0751 4660 tdx - ok
19:37:33.0763 4660 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:37:33.0765 4660 TermDD - ok
19:37:33.0803 4660 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:37:33.0812 4660 TermService - ok
19:37:33.0824 4660 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:37:33.0827 4660 Themes - ok
19:37:33.0842 4660 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:37:33.0844 4660 THREADORDER - ok
19:37:33.0864 4660 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:37:33.0867 4660 TrkWks - ok
19:37:33.0922 4660 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:37:33.0925 4660 TrustedInstaller - ok
19:37:33.0941 4660 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:37:33.0943 4660 tssecsrv - ok
19:37:33.0959 4660 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:37:33.0960 4660 TsUsbFlt - ok
19:37:33.0978 4660 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:37:33.0979 4660 TsUsbGD - ok
19:37:34.0000 4660 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:37:34.0002 4660 tunnel - ok
19:37:34.0023 4660 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:37:34.0025 4660 uagp35 - ok
19:37:34.0044 4660 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:37:34.0050 4660 udfs - ok
19:37:34.0087 4660 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:37:34.0090 4660 UI0Detect - ok
19:37:34.0110 4660 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:37:34.0113 4660 uliagpkx - ok
19:37:34.0135 4660 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:37:34.0137 4660 umbus - ok
19:37:34.0144 4660 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:37:34.0145 4660 UmPass - ok
19:37:34.0164 4660 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:37:34.0170 4660 upnphost - ok
19:37:34.0191 4660 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:37:34.0194 4660 usbccgp - ok
19:37:34.0210 4660 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:37:34.0213 4660 usbcir - ok
19:37:34.0230 4660 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:37:34.0232 4660 usbehci - ok
19:37:34.0258 4660 [ D524F3716D85B744762FF5EAAEF8F3A2 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
19:37:34.0260 4660 usbfilter - ok
19:37:34.0294 4660 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:37:34.0298 4660 usbhub - ok
19:37:34.0311 4660 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:37:34.0313 4660 usbohci - ok
19:37:34.0327 4660 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:37:34.0328 4660 usbprint - ok
19:37:34.0368 4660 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:37:34.0369 4660 usbscan - ok
19:37:34.0395 4660 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:37:34.0398 4660 USBSTOR - ok
19:37:34.0418 4660 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:37:34.0420 4660 usbuhci - ok
19:37:34.0470 4660 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:37:34.0473 4660 usbvideo - ok
19:37:34.0489 4660 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:37:34.0492 4660 UxSms - ok
19:37:34.0503 4660 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:37:34.0505 4660 VaultSvc - ok
19:37:34.0541 4660 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:37:34.0542 4660 vdrvroot - ok
19:37:34.0573 4660 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:37:34.0581 4660 vds - ok
19:37:34.0602 4660 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:37:34.0603 4660 vga - ok
19:37:34.0622 4660 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:37:34.0623 4660 VgaSave - ok
19:37:34.0644 4660 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:37:34.0647 4660 vhdmp - ok
19:37:34.0660 4660 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:37:34.0662 4660 viaide - ok
19:37:34.0679 4660 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:37:34.0681 4660 volmgr - ok
19:37:34.0706 4660 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:37:34.0710 4660 volmgrx - ok
19:37:34.0734 4660 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:37:34.0738 4660 volsnap - ok
19:37:34.0755 4660 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:37:34.0757 4660 vsmraid - ok
19:37:34.0808 4660 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:37:34.0826 4660 VSS - ok
19:37:34.0955 4660 [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
19:37:34.0963 4660 vToolbarUpdater13.2.0 - ok
19:37:34.0977 4660 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:37:34.0978 4660 vwifibus - ok
19:37:34.0994 4660 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:37:34.0996 4660 vwififlt - ok
19:37:35.0031 4660 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:37:35.0032 4660 vwifimp - ok
19:37:35.0050 4660 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:37:35.0057 4660 W32Time - ok
19:37:35.0081 4660 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:37:35.0084 4660 WacomPen - ok
19:37:35.0111 4660 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:37:35.0113 4660 WANARP - ok
19:37:35.0121 4660 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:37:35.0123 4660 Wanarpv6 - ok
19:37:35.0207 4660 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:37:35.0220 4660 WatAdminSvc - ok
19:37:35.0277 4660 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:37:35.0295 4660 wbengine - ok
19:37:35.0314 4660 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:37:35.0319 4660 WbioSrvc - ok
19:37:35.0338 4660 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:37:35.0344 4660 wcncsvc - ok
19:37:35.0363 4660 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:37:35.0366 4660 WcsPlugInService - ok
19:37:35.0394 4660 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:37:35.0395 4660 Wd - ok
19:37:35.0426 4660 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:37:35.0434 4660 Wdf01000 - ok
19:37:35.0459 4660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:37:35.0463 4660 WdiServiceHost - ok
19:37:35.0470 4660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:37:35.0474 4660 WdiSystemHost - ok
19:37:35.0487 4660 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:37:35.0493 4660 WebClient - ok
19:37:35.0507 4660 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:37:35.0513 4660 Wecsvc - ok
19:37:35.0526 4660 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:37:35.0529 4660 wercplsupport - ok
19:37:35.0556 4660 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:37:35.0560 4660 WerSvc - ok
19:37:35.0592 4660 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:37:35.0594 4660 WfpLwf - ok
19:37:35.0635 4660 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:37:35.0636 4660 WIMMount - ok
19:37:35.0658 4660 WinDefend - ok
19:37:35.0667 4660 WinHttpAutoProxySvc - ok
19:37:35.0735 4660 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:37:35.0739 4660 Winmgmt - ok
19:37:35.0803 4660 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:37:35.0826 4660 WinRM - ok
19:37:35.0889 4660 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:37:35.0891 4660 WinUsb - ok
19:37:35.0938 4660 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:37:35.0950 4660 Wlansvc - ok
19:37:35.0968 4660 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:37:35.0969 4660 WmiAcpi - ok
19:37:35.0993 4660 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:37:35.0996 4660 wmiApSrv - ok
19:37:36.0019 4660 WMPNetworkSvc - ok
19:37:36.0031 4660 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:37:36.0034 4660 WPCSvc - ok
19:37:36.0051 4660 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:37:36.0056 4660 WPDBusEnum - ok
19:37:36.0095 4660 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:37:36.0097 4660 ws2ifsl - ok
19:37:36.0115 4660 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:37:36.0119 4660 wscsvc - ok
19:37:36.0126 4660 WSearch - ok
19:37:36.0199 4660 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:37:36.0227 4660 wuauserv - ok
19:37:36.0244 4660 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:37:36.0246 4660 WudfPf - ok
19:37:36.0289 4660 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:37:36.0292 4660 WUDFRd - ok
19:37:36.0319 4660 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:37:36.0323 4660 wudfsvc - ok
19:37:36.0343 4660 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:37:36.0348 4660 WwanSvc - ok
19:37:36.0438 4660 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:37:36.0445 4660 YahooAUService - ok
19:37:36.0489 4660 ================ Scan global ===============================
19:37:36.0519 4660 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:37:36.0566 4660 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:37:36.0582 4660 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:37:36.0620 4660 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:37:36.0656 4660 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:37:36.0662 4660 [Global] - ok
19:37:36.0663 4660 ================ Scan MBR ==================================
19:37:36.0675 4660 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:37:37.0149 4660 \Device\Harddisk0\DR0 - ok
19:37:37.0158 4660 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:37:37.0371 4660 \Device\Harddisk1\DR1 - ok
19:37:37.0371 4660 ================ Scan VBR ==================================
19:37:37.0377 4660 [ 221A0F449CA0AC440C4681C6998EC1E2 ] \Device\Harddisk0\DR0\Partition1
19:37:37.0379 4660 \Device\Harddisk0\DR0\Partition1 - ok
19:37:37.0420 4660 [ E8AA86B79B55722D362673378FC6ED82 ] \Device\Harddisk0\DR0\Partition2
19:37:37.0423 4660 \Device\Harddisk0\DR0\Partition2 - ok
19:37:37.0431 4660 [ 75654A6674EFAB69CA56D6DE871D9902 ] \Device\Harddisk1\DR1\Partition1
19:37:37.0435 4660 \Device\Harddisk1\DR1\Partition1 - ok
19:37:37.0435 4660 ============================================================
19:37:37.0436 4660 Scan finished
19:37:37.0436 4660 ============================================================
19:37:37.0458 1372 Detected object count: 0
19:37:37.0459 1372 Actual detected object count: 0
19:37:43.0039 0756 Deinitialize success



Ran aswMBR
Posting log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-01 19:43:31
-----------------------------
19:43:31.494 OS Version: Windows x64 6.1.7601 Service Pack 1
19:43:31.494 Number of processors: 2 586 0x603
19:43:31.496 ComputerName: MININT-T98QMLJ UserName: kathy
19:43:34.048 Initialize success
19:45:04.252 AVAST engine defs: 12110101
19:45:29.721 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:45:29.724 Disk 0 Vendor: WDC_WD3200BEKT-75PVMT0 01.01A01 Size: 305245MB BusType: 11
19:45:29.759 Disk 0 MBR read successfully
19:45:29.763 Disk 0 MBR scan
19:45:29.770 Disk 0 Windows 7 default MBR code
19:45:29.775 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 291242 MB offset 2048
19:45:29.812 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 14001 MB offset 596465664
19:45:29.858 Disk 0 scanning C:\Windows\system32\drivers
19:45:41.962 Service scanning
19:46:15.406 Modules scanning
19:46:15.419 Disk 0 trace - called modules:
19:46:15.498 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:46:15.505 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ae8310]
19:46:15.515 3 CLASSPNP.SYS[fffff8800107543f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004aa9060]
19:46:17.992 AVAST engine scan C:\Windows
19:46:21.756 AVAST engine scan C:\Windows\system32
19:51:16.462 AVAST engine scan C:\Windows\system32\drivers
19:51:37.112 AVAST engine scan C:\Users\kathy
20:05:13.940 File: C:\Users\kathy\Downloads\FULL Insanity Workout +Workout sheet & Nutrition diet_secure (1).exe **INFECTED** Win32:Adware-gen [Adw]
20:08:34.454 AVAST engine scan C:\ProgramData
20:11:44.592 Scan finished successfully
20:18:27.036 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
20:18:27.046 The log file has been saved successfully to "C:\aswMBR.txt"





Ran ESET scan
Cleaned threats - posting log:

C:\$Recycle.Bin\S-1-5-21-889180389-943140785-3407675356-1003\$R753LC4.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\$Recycle.Bin\S-1-5-21-889180389-943140785-3407675356-1003\$REB4UAO.exe Win32/TopMedia.A application cleaned by deleting - quarantined
C:\$Recycle.Bin\S-1-5-21-889180389-943140785-3407675356-1003\$RMEEP66.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\kathy\Downloads\7zip_installer_d161680.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\kathy\Downloads\avant browser setup.exe a variant of Win32/Soft32Downloader.B application cleaned by deleting - quarantined
C:\Users\kathy\Downloads\FULL Insanity Workout +Workout sheet & Nutrition diet_secure (1).exe Win32/TopMedia.A application cleaned by deleting - quarantined
C:\Users\kathy\Downloads\SoftonicDownloader_for_google-chrome (1).exe Win32/SoftonicDownloader.C application cleaned by deleting - quarantined
C:\Users\kathy\Downloads\SoftonicDownloader_for_google-chrome.exe Win32/SoftonicDownloader.C application cleaned by deleting - quarantined

I did not clean threats from the first aswMBR scan as the instructions didn't recommend it, but went back and rescanned wotj aswMBR after running ESET.
Threat was gone

2nd Scan with aswMBR
Posting log:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-01 21:58:23
-----------------------------
21:58:23.500 OS Version: Windows x64 6.1.7601 Service Pack 1
21:58:23.501 Number of processors: 2 586 0x603
21:58:23.502 ComputerName: MININT-T98QMLJ UserName: kathy
21:58:26.142 Initialize success
21:58:45.275 AVAST engine defs: 12110101
21:58:51.808 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:58:51.811 Disk 0 Vendor: WDC_WD3200BEKT-75PVMT0 01.01A01 Size: 305245MB BusType: 11
21:58:51.856 Disk 0 MBR read successfully
21:58:51.859 Disk 0 MBR scan
21:58:51.866 Disk 0 Windows 7 default MBR code
21:58:51.879 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 291242 MB offset 2048
21:58:51.934 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 14001 MB offset 596465664
21:58:52.009 Disk 0 scanning C:\Windows\system32\drivers
21:59:30.319 Service scanning
21:59:55.403 Modules scanning
21:59:55.414 Disk 0 trace - called modules:
21:59:55.461 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:59:55.467 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ae8310]
21:59:55.811 3 CLASSPNP.SYS[fffff8800107543f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004aa9060]
21:59:58.263 AVAST engine scan C:\Windows
22:00:48.532 AVAST engine scan C:\Windows\system32
22:13:22.405 AVAST engine scan C:\Windows\system32\drivers
22:15:10.815 AVAST engine scan C:\Users\kathy
22:33:11.222 AVAST engine scan C:\ProgramData
22:38:04.891 Scan finished successfully
22:44:17.682 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
22:44:17.694 The log file has been saved successfully to "C:\aswMBR2.txt"


Thanks

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:12 AM

Posted 01 November 2012 - 10:31 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:12 PM

Posted 02 November 2012 - 12:40 AM

@ narenxp - Please read my posts in the link that has been left -

Sorry to add to the help you are getting from narenxp, but I was the one from the link you left -

You are right that Genieo is almost like an infection - Did you choose to install it ??
http://www.genieo.com/faq/#q20 << Visit this page to uninstall Genieo Garbage, then reset your Home page back to your personal option

I do not know if you attempted to use the uninstall instructions at http://www.genieo.com/faq/#uninstall
Disable your anti-virus blocks while running the uninstall program, although it let the installer run.
That is one scenario we didn't foresee or encounter.
Try manually uninstalling:
1. Right-click the Genieo icon (white house on red background, lower right) and select exit to stop Genieo
2. Open folder "%appdata%" and delete subfolder "Genieo"
3. After you've removed Genieo, you may change your browser homepage.

In F/Fox, open tab with "about:config", search for 'keyword.URL', right click and select 'reset'
In Internet Explorer look in Add / Remove ( XP ) or Programs and Features (Vista or Windows7) and look for a program called UNINSTALL
Remove this program also -

Thank You -

Edited by noknojon, 02 November 2012 - 12:42 AM.


#6 kathydeee

kathydeee
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 02 November 2012 - 01:26 AM

Ran Malwarebytes
No threats detected
Posting log:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.02.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
kathy :: MININT-T98QMLJ [administrator]

11/2/2012 12:45:41 AM
mbam-log-2012-11-02 (00-45-41).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 32718
Time elapsed: 1 minute(s), 11 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Ran Mini Toolbox after Malware check but adware shut windows and this response was lost. Didn't see saved Mimi toolbox log so re-ran scan after the adware scan

Posting log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by kathy (administrator) on 02-11-2012 at 01:02:30
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Atheros AR8132 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MININT-T98QMLJ
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : C0-F8-DA-9F-F5-6F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : C0-F8-DA-9F-F5-6F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7c0f:1140:a30:1090%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.64(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, November 01, 2012 10:51:35 PM
Lease Expires . . . . . . . . . . : Friday, November 02, 2012 10:51:35 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 230750426
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-CD-FA-B3-5C-26-0A-03-E4-F0
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8132 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 5C-26-0A-03-E4-F0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1A8599C7-544B-4EDD-9B62-95AE89A6073B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3c89:2a9b:3f57:febf(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c89:2a9b:3f57:febf%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{8864B72B-A73E-4D8B-A405-0B301BD7DC77}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 2001:4860:4002:801::1003
74.125.227.134
74.125.227.135
74.125.227.136
74.125.227.137
74.125.227.142
74.125.227.128
74.125.227.129
74.125.227.130
74.125.227.131
74.125.227.132
74.125.227.133


Pinging google.com [74.125.227.7] with 32 bytes of data:
Reply from 74.125.227.7: bytes=32 time=55ms TTL=47
Reply from 74.125.227.7: bytes=32 time=56ms TTL=47

Ping statistics for 74.125.227.7:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 55ms, Maximum = 56ms, Average = 55ms
Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=108ms TTL=43
Reply from 98.139.183.24: bytes=32 time=180ms TTL=41

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 108ms, Maximum = 180ms, Average = 144ms
Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...c0 f8 da 9f f5 6f ......Microsoft Virtual WiFi Miniport Adapter
12...c0 f8 da 9f f5 6f ......DW1501 Wireless-N WLAN Half-Mini Card
11...5c 26 0a 03 e4 f0 ......Atheros AR8132 PCI-E Fast Ethernet Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.64 281
192.168.1.64 255.255.255.255 On-link 192.168.1.64 281
192.168.1.255 255.255.255.255 On-link 192.168.1.64 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.64 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.64 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:3c89:2a9b:3f57:febf/128
On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::3c89:2a9b:3f57:febf/128
On-link
12 281 fe80::7c0f:1140:a30:1090/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/01/2012 10:51:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2012 08:23:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/01/2012 08:22:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/01/2012 08:22:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/01/2012 08:22:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/01/2012 07:30:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/01/2012 07:30:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/01/2012 07:46:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (11/01/2012 07:45:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/01/2012 07:45:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (11/02/2012 00:38:07 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{80B1F6AB-4B29-4AEC-A8F3-6B460A808C3C}.
The master browser is stopping or an election is being forced.

Error: (11/01/2012 10:51:40 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (11/01/2012 10:26:09 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{80B1F6AB-4B29-4AEC-A8F3-6B460A808C3C}.
The master browser is stopping or an election is being forced.

Error: (11/01/2012 09:50:09 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{80B1F6AB-4B29-4AEC-A8F3-6B460A808C3C}.
The master browser is stopping or an election is being forced.

Error: (11/01/2012 09:26:09 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{80B1F6AB-4B29-4AEC-A8F3-6B460A808C3C}.
The master browser is stopping or an election is being forced.

Error: (11/01/2012 08:50:09 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{80B1F6AB-4B29-4AEC-A8F3-6B460A808C3C}.
The master browser is stopping or an election is being forced.

Error: (11/01/2012 08:14:09 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{80B1F6AB-4B29-4AEC-A8F3-6B460A808C3C}.
The master browser is stopping or an election is being forced.

Error: (11/01/2012 07:50:09 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{80B1F6AB-4B29-4AEC-A8F3-6B460A808C3C}.
The master browser is stopping or an election is being forced.

Error: (11/01/2012 07:14:09 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{80B1F6AB-4B29-4AEC-A8F3-6B460A808C3C}.
The master browser is stopping or an election is being forced.

Error: (11/01/2012 06:38:09 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{80B1F6AB-4B29-4AEC-A8F3-6B460A808C3C}.
The master browser is stopping or an election is being forced.


Microsoft Office Sessions:
=========================
Error: (11/01/2012 10:51:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2012 08:23:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kathy\Downloads\esetsmartinstaller_enu.exe

Error: (11/01/2012 08:22:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kathy\Downloads\esetsmartinstaller_enu.exe

Error: (11/01/2012 08:22:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kathy\Downloads\esetsmartinstaller_enu.exe

Error: (11/01/2012 08:22:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kathy\Downloads\esetsmartinstaller_enu.exe

Error: (11/01/2012 07:30:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\kathy\Downloads\SoftonicDownloader_for_google-chrome.exe

Error: (11/01/2012 07:30:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\kathy\Downloads\SoftonicDownloader_for_google-chrome (1).exe

Error: (11/01/2012 07:46:00 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (11/01/2012 07:45:25 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (11/01/2012 07:45:01 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3


=========================== Installed Programs ============================

Adobe AIR (Version: 1.5.3.9120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Creative Suite 5 Design Standard (Version: 5.0)
Adobe Media Player (Version: 1.8)
Advanced Audio FX Engine (Version: 1.12.05)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2441)
AVG 2012 (Version: 2012.0.2221)
CyberLink PowerDVD 9.5 (Version: 9.5.1.3426)
Deco Planner 3.1.03
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Webcam Central (Version: 1.40.05)
Digital Voice Editor 3 (Version: 3.1.01.08060)
DirectX 9 Runtime (Version: 1.00.0000)
Dragon NaturallySpeaking 9 Recorder Edition (Version: 9.51.200)
EndNote X4 (Version: 14.0.0.4845)
ESET Online Scanner v3
Google Chrome (Version: 22.0.1229.96)
Google Update Helper (Version: 1.3.21.123)
Junk Mail filter update (Version: 14.0.8089.726)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Orca (Version: 4.0.6001.0000)
PDF Settings CS5 (Version: 10.0)
PhotoShowExpress (Version: 2.0.063)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6096)
ResearchSoft Direct Export Helper
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 15.0.17.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
Yahoo! BrowserPlus 2.9.8
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 3838.16 MB
Available physical RAM: 2135.72 MB
Total Pagefile: 7674.52 MB
Available Pagefile: 5800.86 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.2 MB

========================= Partitions: =====================================

1 Drive c: (OSDisk) (Fixed) (Total:284.42 GB) (Free:164.89 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:13.67 GB) (Free:6.59 GB) NTFS
3 Drive e: () (Removable) (Total:29.71 GB) (Free:29.52 GB) FAT32

========================= Users: ========================================

User accounts for \\MININT-T98QMLJ

Administrator Guest kathy

========================= Restore Points ==================================

17-10-2012 19:30:56 Scheduled Checkpoint
23-10-2012 14:53:05 Installed Java 7 Update 9
24-10-2012 15:26:48 Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
29-10-2012 05:51:30 Removed Adobe Acrobat 9 Pro - English, Français, Deutsch.
29-10-2012 06:01:45 Removed Adobe Reader X (10.1.4).
01-11-2012 07:10:44 Removed Java 7 Update 9
01-11-2012 07:17:29 Removed Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
01-11-2012 07:21:19 Removed HP Deskjet 3050 J610 series Help
01-11-2012 07:22:04 Removed HP Deskjet 3050 J610 series Basic Device Software

**** End of log ****






Ran Farbar Service Scanner

posting original log

Farbar Service Scanner Version: 27-10-2012
Ran by kathy (administrator) on 02-11-2012 at 00:51:45
Running from "C:\Users\kathy\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****







Ran Adware Cleaner

Posting Log:

DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Ran Junkware Removal

posting log:


)Junkware Removal Tool (JRT) by Thisisu
Version: 2.4.3 (11.01.2012)
OS: Windows 7 Home Premium x64
Ran by kathy on Fri 11/02/2012 at 1:58:11.03
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Fri 11/02/2012 at 2:37:15.15
End of Report


Thanks for the help.

Edited by kathydeee, 02 November 2012 - 01:38 AM.


#7 kathydeee

kathydeee
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 02 November 2012 - 01:55 AM

@ narenxp - Please read my posts in the link that has been left -

Sorry to add to the help you are getting from narenxp, but I was the one from the link you left -

You are right that Genieo is almost like an infection - Did you choose to install it ??
http://www.genieo.com/faq/#q20 << Visit this page to uninstall Genieo Garbage, then reset your Home page back to your personal option

I do not know if you attempted to use the uninstall instructions at http://www.genieo.com/faq/#uninstall
Disable your anti-virus blocks while running the uninstall program, although it let the installer run.
That is one scenario we didn't foresee or encounter.
Try manually uninstalling:
1. Right-click the Genieo icon (white house on red background, lower right) and select exit to stop Genieo
2. Open folder "%appdata%" and delete subfolder "Genieo"
3. After you've removed Genieo, you may change your browser homepage.

In F/Fox, open tab with "about:config", search for 'keyword.URL', right click and select 'reset'
In Internet Explorer look in Add / Remove ( XP ) or Programs and Features (Vista or Windows7) and look for a program called UNINSTALL
Remove this program also -

Thank You -


Hi Noknojon,

Thanks so much. Really appreciate all the help.

I did not knowingly install Genieo. One of the first actions I took was to uninstall Genieo through my control panel. Still symptoms lingered. I reset my home page quite awhile back. Was able to redirect my home page away from genieo yahoo but still blinking and talking ads showed up and interfered with the computer.

I tried the Genieo uninstall but it did little. I did not try to disable my virus protection before using the genieo uninstall. I am not so sure I want to visit the genieo page without active virus protection, if it can be avoided.

I haven't seen the symptoms today after doing all of these scans with narenxp. Right now the computer appears clean, but Genieo has proven tricky.

Edited by kathydeee, 02 November 2012 - 01:56 AM.


#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:12 PM

Posted 02 November 2012 - 02:09 AM

Hi kathydeee -
I did spend quite a while on their forum (and did a bit of yelling) -
But if you go towarrds the end of the topic you linked to, that was almost the only way to finally remove it (disable A/virus) -

There are dozens of people on that forum with a similar problem -

I will go back to my emails and see if there was any more directions -

Regards -



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:12 PM

Posted 02 November 2012 - 02:38 AM

http://genieo.com/uninstall/updater_uninstall.exe << They still say that this uninstaller is able to remove the program.
You must Disable your Antivirus to run this uninstaller, and yours is one of the programs that will block the uninstaller -

General information on A/V control (temp disable) HERE if needed -

If you are still having problems, please stay with narenxp to find the source of the program -

Thank You -

Edited by noknojon, 02 November 2012 - 04:00 AM.


#10 kathydeee

kathydeee
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 02 November 2012 - 09:03 AM

Thanks for the help - Disabled AVG and ran the Genieo uninstaller again - which appeared to do the same as before - not much.

But the computer still appears clean. No sign of Genieo since the scans.

Edited by kathydeee, 02 November 2012 - 12:33 PM.


#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:12 PM

Posted 02 November 2012 - 03:39 PM

But the computer still appears clean. No sign of Genieo since the scans.

This is good for now - :) - It seems like you may have removed that garbage program at last -

Although it is not an "actual infection", it will alter your home page without asking you, and to me this makes it a Hijacker ! ! !

I did post again on their forum a few hours ago, but they usually delete my comments, and dozens of others just to make them look more legal

Post back if it shows up again, but you look OK for the moment, unless narrenxp wants to run any other quick scans -


Safe Surfing and watch for Add-Ons everywhere - :)

#12 kathydeee

kathydeee
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 02 November 2012 - 11:32 PM

Thanks noknojon. Really appreciate your time.


narenxp - how did the last scans look? Symptoms seemed to disappear after the scans. Should I run anything else. You've been very helpful. Thanks.

#13 kathydeee

kathydeee
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 06 November 2012 - 08:30 PM

Looked good for a moment, but unfortunately the voices and blinking ads have come back.

#14 kathydeee

kathydeee
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 07 November 2012 - 09:58 PM

Perhaps I should post another thread?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users