Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

http://search.searchonme.com/ or urlredirect.dll


  • Please log in to reply
36 replies to this topic

#1 IevaZ

IevaZ

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 06 November 2012 - 01:19 PM

Dear All,
I have tried multiple advice which is posted on the Bleeping Computer forums and elsewhere. So far, no antispyware or malware tools have worked. Of course, I used unregistered versions because I do not have a Credit Card, nor PayPal. I have internet in a small local office int he South of Chile. I used Entel Mobile-CHip based connection until now. Today I have asked for a favour and it is the only day that I can use broadband connection (most of advice indicated that I have to run the programs in Safemode with Networking and the Entel thingy does not work in the Safe Mode).
All in all, I am hopeful that somebody can help me here.
The http://search.searchonme.com/ "activity" seemed to have slowed down after I have deleted the cookies and extensions and plug-ins. But the website still appears in GoogleChrome and I have no idea how to get rid of it. The same for Firefox, and I hate IE and no wish to use it as my browser.
The Security Task Manager shows a bunch of stuff I do not understand (below).
General info:
-the computer is slower but I do not know if it is due to the AntiMalware and Anti-Spyware stuff that I have been running or due to other problems.
-the mouse-pointer (arrow) is shaky and imprecise when I use the pad.
- I have recently downloaded AVG trial version instead of my old (2009) paid version. I wanted to try the new one before paying for it, but this thing with Google Chrome has happened before I did.
- I have cleaned the computer of some Tojans couple days before.
- I do use Torrents from a safe website in Lithuania. for 4 years I have been using this website and nothing happened, but, of course, I could have downloaded an infected torrent.
- I have deleted the User from Chrome, as one of the forums recommended, but the searching tab keeps coming back. it just seems to be not so "active" anymore.
- Before 22 of October my computer was running smoothly.
Regards,
Ieva




Security Task Manager: Computer IEVAZ-PC, User Ieva, 06-Nov-12 15:18:56

Name Rating PID CPU Memory Active File Type Start Title, Description Company : product

LaserSMMgr 79% 2368 7.1 MB C:\Windows\Samsung\PanelMgr\SSMMgr.exe Program 14:55:21 when Windows starts, Registry: Machine\Run Samsung PanelMgr -
Caller64.exe 72% 4176 4.6 MB C:\Windows\Samsung\PanelMgr\caller64.exe Program 14:55:30 by LaserSMMgr -
Microsoft SharePoint Workspace Extensions 60% C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL Internet when Internet Explorer starts Groove GFS Browser Helper (Browser Extension) Microsoft Corporation : Microsoft Office 2010
AVG Secure Search 52% C:\Program Files (x86)\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll Internet when Internet Explorer starts AVG Secure Search.PugiObj.1 (Browser Extension) AVG Technologies :
Microsoft SharePoint Workspace Extensions 48% C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL DLL when programs start Groove GFS Stub Execution Hook · Groove GFS Stub Execution Hook (monitors program starts) Microsoft Corporation : Microsoft Office 2010
Java™ Platform SE binary 48% C:\Program Files (x86)\Java\jre7\bin\ssv.dll Internet when Internet Explorer starts Java™ Plug-In SSV Helper (Browser Extension) Oracle America, Inc. : Java™ Platform SE 7 U9
Java™ Platform SE binary 48% C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll Internet when Internet Explorer starts Java™ Plug-In 2 SSV Helper (Browser Extension) Oracle America, Inc. : Java™ Platform SE 7 U9
DCSHOST 47% 2116 C:\ProgramData\DatacardService\HWDeviceService64.exe Program 14:54:26 by < services.exe > : HWDeviceService
SUPERAntiSpyware Application 44% 3524 1.2 MB 0:02 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE Program 14:55:14 when Windows starts, Registry: User\Run SuperAdBlocker.com : SUPERAntiSpyware
PowerISO Virtual Drive Manager 44% 3480 4.5 MB C:\Program Files (x86)\PowerISO\PWRISOVM.EXE Program 14:55:20 when Windows starts, Registry: Machine\Run http://www.poweriso.com Power Software Ltd : PowerISO Virtual Drive Manager
< avgrsa.exe > 42% 460 < avgrsa.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:53:59 -
< avgcsrva.exe > 42% 532 < avgcsrva.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:54:08 by < avgrsa.exe > -
< csrss.exe > 42% 800 < csrss.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:54:11 -
< wininit.exe > 42% 860 < wininit.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:54:12 -
< services.exe > 42% 976 < services.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:54:13 by < wininit.exe > -
< lsm.exe > 42% 992 < lsm.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:54:14 by < wininit.exe > -
< wlanext.exe > 42% 1584 < wlanext.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:54:19 -
< conhost.exe > 42% 1592 < conhost.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:54:19 by < csrss.exe > -
DataCardMonitor MFC Application 42% 2188 C:\ProgramData\DatacardService\DCSHelper.exe Program 14:54:26 by DCSHOST Huawei Technologies Co., Ltd. : Huawei Technologies Co., Ltd. DataCardMonitor
< avgnsa.exe > 42% 1812 < avgnsa.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:54:47 by AVG 2013 -
< unsecapp.exe > 42% 3356 < unsecapp.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:54:56 -
< WUDFHost.exe > 42% 3700 < WUDFHost.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:54:58 -
< WmiPrvSE.exe > 42% 3868 < WmiPrvSE.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:54:59 -
< avgcsrva.exe > 42% 3216 < avgcsrva.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 14:55:23 by < avgnsa.exe > -
< taskeng.exe > 42% 5496 < taskeng.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 15:12:00 -
< taskhost.exe > 42% 428 < taskhost.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 15:12:34 by < services.exe > -
< SearchProtocolHost.exe > 42% 5644 < SearchProtocolHost.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 15:13:17 -
< SearchFilterHost.exe > 42% 6036 < SearchFilterHost.exe - Services - Access is denied - Click on "Show Details for All Processes" in menu "View"! > Program 15:13:17 -
Core Service 37% 2012 C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE Program 14:54:24 by < services.exe > SuperAdBlocker.com : Core Service
Adobe PDF Helper for Internet Explorer 35% C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll Internet when Internet Explorer starts AcroIEHelperStub · AcroIEHelperShim.AcroIEHelperShimObj.1 (Browser Extension) Adobe Systems, Incorporated : AcroIEHelperShim Library
Microsoft Office Professional Plus 2010 33% C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL Internet when Internet Explorer starts Microsoft Office Document Cache Handler - URLRedirectionBHO · URLRedirection.URLRedirectionBHO.1 (Browser Extension) Microsoft Corporation : Microsoft Office 2010
WIDCOMM Bluetooth Software 32% C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll DLL Multimedia Keys Hook DLL Broadcom Corporation : Bluetooth Software  Support.Dell.com
VProtect Application 30% 1504 0:01 C:\Program Files (x86)\AVG Secure Search\vprot.exe Program 14:55:21 when Windows starts, Registry: Machine\Run VProtector AVG Technologies : VProtect Application
Adobe Acrobat Update Service 23% 1084 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe Program 14:54:24 by < services.exe > Adobe Systems, Incorporated : Adobe Acrobat Update Service
ToolbarU Application 23% 2936 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe Program 14:54:41 by < services.exe > AVG Technologies : ToolbarU Application
Google Chrome 23% 4180 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Program 14:55:58 by Google Chrome Google Inc : Google Chrome
Google Chrome 23% 4812 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Program 14:56:01 by Google Chrome Google Inc : Google Chrome
Google Chrome 23% 4224 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Program 14:56:01 by Google Chrome Google Inc : Google Chrome
Google Chrome 23% 3940 0:29 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Program 14:56:06 by Google Chrome Google Inc : Google Chrome
Intel® PROSet/Wireless WiFi Software 22% 2092 C:\Program Files\Intel\WiFi\bin\EvtEng.exe Program 14:54:26 by < services.exe > Intel® PROSet/Wireless Event Log Service Intel Corporation - Mobile Wireless Group : Intel® PROSet/Wireless  www.intel.com
Intel® PROSet/Wireless WiFi Software 22% 2768 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe Program 14:54:40 by < services.exe > Intel® PROSet/Wireless Registry Service - Registry interface for Intel wireless products. Intel Corporation - Mobile Wireless Group : Intel® PROSet/Wireless  www.intel.com
Intel® PROSet/Wireless WiFi Software 22% 3932 0:01 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe Program 14:55:10 by Windows Explorer Intel® PROSet/Wireless Framework - Intel PROSet/Wireless - TF - Intel® PAN Tray Intel Corporation - Mobile Wireless Group : Intel® PROSet/Wireless  www.intel.com
srclient0.dll 21% C:\Users\Ieva\AppData\Roaming\srclient0.dll Program when Windows starts, Registry: User\Run volq (not active) -
AVG 2013 15% 3384 C:\Program Files (x86)\AVG\AVG2013\avgui.exe Program 14:55:21 when Windows starts, Registry: Machine\Run AVG User Interface - AvgTrayMainWnd AVG Technologies CZ, s.r.o. : AVG Internet Security  www.avg.com
ReOfferCampaign.exe 12% C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe Program when Windows starts, Registry: Machine\Run ROC_roc_ssl_v12 (not active) AVG Technologies :
SpyHunter 8% 872 C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe Program 14:54:17 by < services.exe > Service scanner interface Enigma Software Group USA, LLC : SpyHunter4  www.enigmasoftware.com
AVG 2013 8% 1412 C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe Program 14:54:25 by < services.exe > AVG Identity Protection Service AVG Technologies CZ, s.r.o. : AVG Internet Security  www.avg.com
AVG 2013 8% 1688 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe Program 14:54:25 by < services.exe > AVG Watchdog Service AVG Technologies CZ, s.r.o. : AVG Internet Security  www.avg.com
WIDCOMM Bluetooth Software 8% 1888 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe Program 14:54:25 by < services.exe > Bluetooth Support Server Broadcom Corporation : Bluetooth Software  Support.Dell.com
Malwarebytes Anti-Malware version 1.65.1.1000 8% 2168 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe Program 14:54:26 by < services.exe > Malwarebytes Corporation : Malwarebytes Anti-Malware  www.malwarebytes.org
Malwarebytes Anti-Malware version 1.65.1.1000 8% 2276 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe Program 14:54:28 by < services.exe > Malwarebytes Corporation : Malwarebytes Anti-Malware  www.malwarebytes.org
Malwarebytes Anti-Malware version 1.65.1.1000 8% 3056 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe Program 14:54:43 by Malwarebytes Anti-Malware version 1.65.1.1000 Malwarebytes Anti-Malware Malwarebytes Corporation : Malwarebytes Anti-Malware  www.malwarebytes.org
WIDCOMM Bluetooth Software 8% 3644 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe Program 14:55:14 by Windows Explorer Bluetooth Tray Application - BTTrayMainWindow Broadcom Corporation : Bluetooth Software  Support.Dell.com
WIDCOMM Bluetooth Software 6% C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe Program when Windows starts, Registry: Machine\Common Startup Bluetooth (not active) Broadcom Corporation : WIDCOMM Bluetooth Software  Support.Dell.com
Security Task Manager 5% 4552 0:02 C:\Program Files (x86)\Security Task Manager\TaskMan.exe Program 15:13:49 by Windows Explorer Security Task Manager A. & M. Neuber Software : Security Task Manager  www.neuber.com
Update your drivers now! 2% C:\Program Files (x86)\Probit Software\Easy Driver Pro\DPLauncher.exe Program when Windows starts, Registry: User\Run Easy Driver Pro (not active) Probit Software LTD : Easy Driver Pro
Microsoft Office Professional Plus 2010 0% C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe Program when Windows starts, Registry: Machine\Run Microsoft Office 2010 component - BCSSync (not active) Microsoft Corporation : Microsoft Office 2010
igfxTray Module 0% 3304 C:\Windows\System32\igfxtray.exe Program 14:55:10 by Windows Explorer igfxtrayWindow Intel Corporation : Intel® Common User Interface
hkcmd Module 0% 3764 C:\Windows\System32\hkcmd.exe Program 14:55:10 by Windows Explorer HkWndName Intel Corporation : Intel® Common User Interface
persistence Module 0% 3528 C:\Windows\System32\igfxpers.exe Program 14:55:10 by Windows Explorer PersistWndName Intel Corporation : Intel® Common User Interface
Google Chrome 0% 4620 0:24 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Program 14:55:55 by Windows Explorer Posting New Topic - BleepingComputer.com - Google Chrome Google Inc : Google Chrome
Skype™ 5.10 0% 3472 3:55 C:\Program Files (x86)\Skype\Phone\Skype.exe Program 14:55:10 when Windows starts, Registry: User\Run Skype - Skype™ - ievitalt Skype Technologies SA : Skype  ui.skype.com
Windows Explorer 0% 1936 59.3 MB 0:06 C:\Windows\explorer.exe Program 14:54:24 Downloads, Microsoft Corporation : Microsoft® Windows® Operating System

Edited by IevaZ, 06 November 2012 - 01:26 PM.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:56 AM

Posted 06 November 2012 - 02:06 PM

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.


Run a scan with Eset.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.




Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Download Norman Malware Cleaner Run it Go to options then put a tick next to Enable rootkit cleaning. Hit the Full Scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.


REBoot after Norman.

#3 IevaZ

IevaZ
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 06 November 2012 - 03:38 PM

1st scan - Malware Bytes:

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.06.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Ieva :: IEVAZ-PC [administrator]

Protection: Enabled

06-Nov-12 17:27:43
mbam-log-2012-11-06 (17-27-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 198907
Time elapsed: 4 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 IevaZ

IevaZ
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 06 November 2012 - 03:45 PM

Second scan:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/06/2012 at 05:44 PM

Application Version : 5.6.1014

Core Rules Database Version : 9539
Trace Rules Database Version: 7351

Scan type : Quick Scan
Total Scan Time : 00:04:15

Operating System Information
Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 557
Memory threats detected : 0
Registry items scanned : 60631
Registry threats detected : 0
File items scanned : 11987
File threats detected : 23

Adware.Tracking Cookie
.doubleclick.net [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.invitemedia.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.invitemedia.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
ad.yieldmanager.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.invitemedia.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.accounts.google.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.accounts.google.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.kontera.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
accounts.google.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
accounts.google.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.doubleclick.net [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
ad.yieldmanager.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
ad.yieldmanager.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.at.atwola.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.tribalfusion.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.adinterax.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
ad.yieldmanager.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
counter.hitslink.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
ad.yieldmanager.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
ad.yieldmanager.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
ad.yieldmanager.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
ad.yieldmanager.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.adinterax.com [ C:\USERS\IEVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]


Going to reboot now.

#5 IevaZ

IevaZ
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 06 November 2012 - 03:54 PM

Running ESET Scanner

Edited by IevaZ, 06 November 2012 - 04:10 PM.


#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:56 AM

Posted 06 November 2012 - 04:14 PM

:thumbup2:
Take your time post when ready.

#7 IevaZ

IevaZ
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 06 November 2012 - 05:25 PM

Thanx! : - ) That virus is driving me nuts. I want it out of my system as soon as possible, and the internet connection around here is a pain in the ... :)
THANK YOU very very very much. It seems it will take another hour, so I will post and shut down (go home, as they close here at 21:00 Chilean local time (same as Lima)) and do the rest tomorrow.

Here they are:

1) ESET ONLINE SCANNER
Scanned files : 202850
Infected files: 0
Cleaned files: 0
Total scan time: 2:05:50
Scan status: Finished


2) MiniToolBox.exe

MiniToolBox by Farbar Version: 07-11-2012
Ran by Ieva (administrator) on 06-11-2012 at 23:01:51
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: windows;7;ultimate:80
========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

HUAWEI Mobile Connect - 3G Network Card = Mobile Broadband Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Intel® Centrino® Wireless-N 1030 = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?63 subinterface=ethernet_6 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : IEVAZ-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : AC-72-89-96-34-4F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : AC-72-89-96-34-4F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1030
Physical Address. . . . . . . . . : AC-72-89-96-34-4E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 18-03-73-7F-16-99
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Mobile Broadband adapter Mobile Broadband Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HUAWEI Mobile Connect - 3G Network Card
Physical Address. . . . . . . . . : 00-1E-10-1F-42-C4
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 186.11.40.152(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.240
Default Gateway . . . . . . . . . : 186.11.40.145
DNS Servers . . . . . . . . . . . : 200.63.56.6
200.63.56.4
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{1E62486E-841A-4B06-A17D-BD1DF3B38C0C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:ba0b:2898::ba0b:2898(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 200.63.56.6
200.63.56.4
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:38b9:3c7e:45f4:d767(Preferred)
Link-local IPv6 Address . . . . . : fe80::38b9:3c7e:45f4:d767%13(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{4756EF67-53C7-4F20-98CC-7B0479984547}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8311991F-F822-4ACF-A7C2-06F52D9BC20B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{AF2538AD-7BB3-4423-A9E6-9DED12796078}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E31CB6E9-B391-4013-A7FD-A2030E7E6BEF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: 200-63-56-6.net.entelpcs.cl
Address: 200.63.56.6

Name: google.com
Addresses: 2800:3f0:4002:801::1005
173.194.42.37
173.194.42.33
173.194.42.36
173.194.42.35
173.194.42.40
173.194.42.46
173.194.42.41
173.194.42.38
173.194.42.39
173.194.42.34
173.194.42.32


Pinging google.com [173.194.42.46] with 32 bytes of data:
Reply from 173.194.42.46: bytes=32 time=1659ms TTL=54
Reply from 173.194.42.46: bytes=32 time=1685ms TTL=51

Ping statistics for 173.194.42.46:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1659ms, Maximum = 1685ms, Average = 1672ms
Server: 200-63-56-6.net.entelpcs.cl
Address: 200.63.56.6

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=237ms TTL=48
Reply from 98.139.183.24: bytes=32 time=307ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 237ms, Maximum = 307ms, Average = 272ms
Server: 200-63-56-6.net.entelpcs.cl
Address: 200.63.56.6

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 4ms, Average = 2ms
===========================================================================
Interface List
19...ac 72 89 96 34 4f ......Microsoft Virtual WiFi Miniport Adapter #2
18...ac 72 89 96 34 4f ......Microsoft Virtual WiFi Miniport Adapter
17...ac 72 89 96 34 4e ......Intel® Centrino® Wireless-N 1030
14...18 03 73 7f 16 99 ......Realtek PCIe GBE Family Controller
12...00 1e 10 1f 42 c4 ......HUAWEI Mobile Connect - 3G Network Card
1...........................Software Loopback Interface 1
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
40...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 186.11.40.145 186.11.40.152 296
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
186.11.40.144 255.255.255.240 On-link 186.11.40.152 296
186.11.40.152 255.255.255.255 On-link 186.11.40.152 296
186.11.40.159 255.255.255.255 On-link 186.11.40.152 296
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 186.11.40.152 296
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 186.11.40.152 296
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
20 1140 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:38b9:3c7e:45f4:d767/128
On-link
20 1040 2002::/16 On-link
20 296 2002:ba0b:2898::ba0b:2898/128
On-link
13 306 fe80::/64 On-link
13 306 fe80::38b9:3c7e:45f4:d767/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/06/2012 08:47:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 08:47:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 08:47:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 08:46:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 08:46:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 08:46:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 08:01:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 06:14:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 05:52:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/06/2012 05:52:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/06/2012 05:47:45 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (11/06/2012 05:47:44 PM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (11/06/2012 05:47:43 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/06/2012 05:47:27 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/06/2012 05:47:27 PM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%20

Error: (11/06/2012 05:47:21 PM) (Source: Service Control Manager) (User: )
Description: The sbapifs service failed to start due to the following error:
%%2

Error: (11/06/2012 05:47:16 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (11/06/2012 05:46:28 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/06/2012 05:25:00 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (11/06/2012 05:25:00 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (11/06/2012 08:47:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ieva\Downloads\esetsmartinstaller_enu.exe

Error: (11/06/2012 08:47:06 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ieva\Downloads\esetsmartinstaller_enu.exe

Error: (11/06/2012 08:47:06 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ieva\Downloads\esetsmartinstaller_enu.exe

Error: (11/06/2012 08:46:15 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ieva\Downloads\esetsmartinstaller_enu.exe

Error: (11/06/2012 08:46:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ieva\Downloads\esetsmartinstaller_enu.exe

Error: (11/06/2012 08:46:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ieva\Downloads\esetsmartinstaller_enu.exe

Error: (11/06/2012 08:01:28 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\soft\esetsmartinstaller_enu.exe

Error: (11/06/2012 06:14:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ieva\Downloads\esetsmartinstaller_enu.exe

Error: (11/06/2012 05:52:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ieva\Downloads\esetsmartinstaller_enu.exe

Error: (11/06/2012 05:52:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ieva\Downloads\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

Adobe Reader X (10.1.4) (Version: 10.1.4)
AVG 2013 (Version: 13.0.2617)
AVG 2013 (Version: 13.0.2742)
AVG 2013 (Version: 2013.0.2742)
Banda Ancha Movil (Version: 21.003.28.01.110)
CrossFTP (remove only)
CutePDF Writer 2.9 (Version: 2.9)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DriverIdentifier 4.2
Easy Driver Pro v8.03 (Version: 8.03)
ESET Online Scanner v3
Fishdom Frosty Splash
Google Chrome (Version: 23.0.1271.64)
Google Update Helper (Version: 1.3.21.123)
Intel PROSet Wireless
Intel® PROSet/Wireless WiFi Software (Version: 14.01.1000)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PowerISO (Version: 5.4)
Realtek Ethernet Controller Driver (Version: 7.43.321.2011)
Samsung ML-1640 Series
Security Task Manager 1.8d (Version: 1.8d)
Skype™ 5.10 (Version: 5.10.116)
SProtector 1.66
SUPERAntiSpyware (Version: 5.6.1014)
TI USB 3.0 Host Controller Driver (Version: 1.12.14.0)
TI USB3 Host Driver (Version: 1.12.14.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 8.0.0.35)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
WIDCOMM Bluetooth Software (Version: 6.3.0.8000)
WinRAR 4.20 (32-bit) (Version: 4.20.0)

========================= Devices: ================================

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 61%
Total physical RAM: 4002.11 MB
Available physical RAM: 1528.23 MB
Total Pagefile: 8002.4 MB
Available Pagefile: 5236.76 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.04 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:64.61 GB) (Free:14.52 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:390.62 GB) (Free:42.58 GB) NTFS
4 Drive f: (BandaAncha Movil) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS
6 Drive h: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

========================= Users: ========================================

User accounts for \\IEVAZ-PC

Administrator Guest Ieva


**** End of log ****

Edited by IevaZ, 06 November 2012 - 09:04 PM.


#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:56 AM

Posted 06 November 2012 - 08:18 PM

:thumbup2:

#9 IevaZ

IevaZ
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 06 November 2012 - 09:07 PM

3) Addware cleaner (after I clicked DELETE, the AVG Internet Security informed that "Unknown" in the C?/Users/Ieva/Dowloads/adwcleaner.exe was detected as a threat; I clicked to allow it, and it was added to the exception list.)

# AdwCleaner v2.007 - Logfile created 11/06/2012 at 23:05:30
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Ieva - IEVAZ-PC
# Boot Mode : Normal
# Running from : C:\Users\Ieva\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\Users\Ieva\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Ieva\AppData\LocalLow\AVG Secure Search

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKU\S-1-5-21-3827701645-3532327623-2307014680-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Ieva\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R9].txt - [4652 octets] - [06/11/2012 23:05:30]

########## EOF - C:\AdwCleaner[R9].txt - [4712 octets] ##########

Edited by IevaZ, 06 November 2012 - 09:11 PM.


#10 IevaZ

IevaZ
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 06 November 2012 - 09:19 PM

Just a thought: can my google/gmail profile be infected?
When I uninstall Chrome and them run all cleaning tools, and then install Chrome again and browse without logging onto my gmail.com account, then the searchonme is nowhere in sight. At least its presence is not felt in the browser. But hte minute I enter my profile and bookmarks are nicely synchronized and my e-mail opens, the searchonme.com tab appears with the next launch of Chrome.
Running Norman now.
Ieva
P.S. I do not use Blue Tooth. I could delete the driver for what its worth. I have downloaded bunch of drivers to make WiFi and USB ports work (it did not after installing custom Dell "Windows 7 Ultimate" package for Vostro 131). The only useful one, I think, is "R306112" driver for WiFi and "Texas Instruments Inc" one for USB (I had it in the previous version of Windows on my Dell). The other "R..." drivers seem to just be hanging there. I have installed them in a very disorderly manner (some were saved directly in C, others in dell folder, yet others under dell/drivers). I am happy to get rid of useless ones, especially if they are causing a problem when I use internet. If this information is of no use, just ignore.

Edited by IevaZ, 06 November 2012 - 09:33 PM.


#11 IevaZ

IevaZ
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 07 November 2012 - 06:43 AM

Good morning! Here are the results on Norman MC:

Norman Malware Cleaner v2.06.01
Copyright 1990 - 2012, Norman ASA.

Norman Scanner Engine Version: 7.00.12
nvcbin.def: Version: 7.00.1771, Date: 2012/11/06 13:36:53, Variants: 15266396
nvcmacro.def: Version: 0.00.00, Date: 1969/12/31 21:00:00, Variants: 0

Operating System: Windows 7 Service Pack 1 x64

Switches: /iagree /cleanrootkit /nosb

Scan started: 2012/11/06 23:21:00

Running pre-scan cleanup routine...
Potentially unwanted registry value: 'HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E31CB6E9-B391-4013-A7FD-A2030E7E6BEF} --> NameServer = 200.63.56.6 200.63.56.4'
Modify registry value: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E31CB6E9-B391-4013-A7FD-A2030E7E6BEF} --> NameServer from '200.63.56.6 200.63.56.4' to '8.8.8.8,8.8.4.4'
Cleaning successful

Number of malicious objects found: 1
Number of malicious objects cleaned: 1
Scanning time: 1s

Scanning running processes and process memory...

Number of objects found: 1125
Number of objects scanned: 1125
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 14s

Scanning system for FakeAV...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Running full scan...
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG1: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG2: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Google\Chrome\User Data\lockfile: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\data_0: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\data_1: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\data_2: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\data_3: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\index: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Google\Chrome\User Data\Profile 1\Current Session: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Google\Chrome\User Data\Profile 1\Current Tabs: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Google\Chrome\User Data\Profile 1\Extension State\LOCK: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Google\Chrome\User Data\Profile 1\Session Storage\LOCK: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Temp\etilqs_6cglXggbhXALpbT: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Temp\etilqs_DeFGhZOgD4Eg9Ol: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Temp\etilqs_SUPIdORLv6XpoGs: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Local\Temp\etilqs_yRG35vTLl1DDmjb: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Roaming\Skype\ievitalt\bistats.lock: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Roaming\Skype\ievitalt\keyval.lock: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Roaming\Skype\ievitalt\main.lock: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Roaming\Skype\ievitalt\msn.lock: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Roaming\Skype\shared_dynco\dc.lock: Error opening file for read: 0x00000020
C:\Users\Ieva\AppData\Roaming\Skype\shared_httpfe\queue.lock: Error opening file for read: 0x00000020
C:\Users\Ieva\Downloads\activarofis2010-xp-w7\activarofis2010 xp-w7\activar2010.exe: File infected with winpe/keygen.P
Delete file: C:\Users\Ieva\Downloads\activarofis2010-xp-w7\activarofis2010 xp-w7\activar2010.exe
Cleaning successful
C:\Users\Ieva\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Users\Ieva\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\Ieva\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\edb.log: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMuroc System Trace.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl: Error opening file for read: 0x00000020
D:\soft\activarofis2010-xp-w7\activarofis2010 xp-w7\activar2010.exe: File infected with winpe/keygen.P
Delete file: D:\soft\activarofis2010-xp-w7\activarofis2010 xp-w7\activar2010.exe
Cleaning successful

Number of files found: 206870
Number of archives unpacked: 7945
Number of objects found: 478474
Number of objects scanned: 478405
Number of objects not scanned: 69
Number of malicious objects found: 2
Number of malicious objects cleaned: 2
Number of malicious files found: 2
Number of malicious files cleaned: 2
Scanning time: 9h 15m 2s

Running post-scan cleanup routine...
Potentially unwanted registry value: 'HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E31CB6E9-B391-4013-A7FD-A2030E7E6BEF} --> NameServer = 200.63.56.4 200.63.56.3'
Modify registry value: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E31CB6E9-B391-4013-A7FD-A2030E7E6BEF} --> NameServer from '200.63.56.4 200.63.56.3' to '8.8.8.8,8.8.4.4'
Cleaning successful

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Results:
Total number of files found: 206870
Total number of archives unpacked: 7945
Total number of objects found: 479599
Total number of objects scanned: 479530
Total number of objects not scanned: 69
Total number of malicious objects found: 4
Total number of malicious objects cleaned: 4
Total number of malicious files found: 2
Total number of malicious files cleaned: 2
Total number of objects quarantined: 4
Total scanning time: 9h 15m 18s

#12 IevaZ

IevaZ
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 07 November 2012 - 07:09 AM

After rebooting (after Norman) I have entered my e-mail account through Chrome (the searchonme tab was still there), and then closed Chrome and ran a Quick Scan with Norman. During the second second of the scan, I got this:

Norman Malware Cleaner v2.06.01
Copyright 1990 - 2012, Norman ASA.

Norman Scanner Engine Version: 7.00.12
nvcbin.def: Version: 7.00.1771, Date: 2012/11/06 13:36:53, Variants: 15266396
nvcmacro.def: Version: 0.00.00, Date: 1969/12/31 21:00:00, Variants: 0

Operating System: Windows 7 Service Pack 1 x64

Switches: /iagree /cleanrootkit /nosb

Scan started: 2012/11/07 08:47:32

Running pre-scan cleanup routine...
Potentially unwanted registry value: 'HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E31CB6E9-B391-4013-A7FD-A2030E7E6BEF} --> NameServer = 200.63.56.6 200.63.56.4'
Modify registry value: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E31CB6E9-B391-4013-A7FD-A2030E7E6BEF} --> NameServer from '200.63.56.6 200.63.56.4' to '8.8.8.8,8.8.4.4'
Cleaning successful

Number of malicious objects found: 1
Number of malicious objects cleaned: 1
Scanning time: 0s

Scanning running processes and process memory...

Number of objects found: 982
Number of objects scanned: 982
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 12s

Scanning system for FakeAV...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Running quick scan...

Number of files found: 5425
Number of archives unpacked: 0
Number of objects found: 5425
Number of objects scanned: 5425
Number of objects not scanned: 0
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 2m 59s

Running post-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Results:
Total number of files found: 5425
Total number of archives unpacked: 0
Total number of objects found: 6407
Total number of objects scanned: 6407
Total number of objects not scanned: 0
Total number of malicious objects found: 1
Total number of malicious objects cleaned: 1
Total number of malicious files found: 0
Total number of malicious files cleaned: 0
Total number of objects quarantined: 0
Total scanning time: 3m 11s

#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:56 AM

Posted 07 November 2012 - 07:21 PM

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Download Rkill run it post the log.
http://www.bleepingcomputer.com/download/rkill/

Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe


Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

http://download.sysinternals.com/files/Autoruns.zip

#14 IevaZ

IevaZ
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 07 November 2012 - 08:23 PM

22:20:57.0074 2376 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:20:59.0086 2376 ============================================================
22:20:59.0086 2376 Current date / time: 2012/11/07 22:20:59.0086
22:20:59.0086 2376 SystemInfo:
22:20:59.0086 2376
22:20:59.0086 2376 OS Version: 6.1.7601 ServicePack: 1.0
22:20:59.0086 2376 Product type: Workstation
22:20:59.0086 2376 ComputerName: IEVAZ-PC
22:20:59.0086 2376 UserName: Ieva
22:20:59.0086 2376 Windows directory: C:\Windows
22:20:59.0086 2376 System windows directory: C:\Windows
22:20:59.0086 2376 Running under WOW64
22:20:59.0086 2376 Processor architecture: Intel x64
22:20:59.0086 2376 Number of processors: 4
22:20:59.0086 2376 Page size: 0x1000
22:20:59.0086 2376 Boot type: Normal boot
22:20:59.0086 2376 ============================================================
22:21:00.0693 2376 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:21:00.0708 2376 ============================================================
22:21:00.0708 2376 \Device\Harddisk0\DR0:
22:21:00.0708 2376 MBR partitions:
22:21:00.0708 2376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x538000, BlocksNum 0x32000
22:21:00.0708 2376 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x56A000, BlocksNum 0x813A800
22:21:00.0708 2376 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x86A4800, BlocksNum 0x30D3F800
22:21:00.0740 2376 ============================================================
22:21:00.0755 2376 C: <-> \Device\Harddisk0\DR0\Partition2
22:21:00.0802 2376 D: <-> \Device\Harddisk0\DR0\Partition3
22:21:00.0833 2376 H: <-> \Device\Harddisk0\DR0\Partition1
22:21:00.0833 2376 ============================================================
22:21:00.0833 2376 Initialize success
22:21:00.0833 2376 ============================================================
22:21:09.0366 2380 ============================================================
22:21:09.0366 2380 Scan started
22:21:09.0366 2380 Mode: Manual; TDLFS;
22:21:09.0366 2380 ============================================================
22:21:09.0663 2380 ================ Scan system memory ========================
22:21:09.0663 2380 System memory - ok
22:21:09.0663 2380 ================ Scan services =============================
22:21:09.0756 2380 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:21:09.0756 2380 !SASCORE - ok
22:21:09.0881 2380 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:21:09.0897 2380 1394ohci - ok
22:21:09.0928 2380 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:21:09.0928 2380 ACPI - ok
22:21:09.0944 2380 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:21:09.0944 2380 AcpiPmi - ok
22:21:10.0053 2380 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:21:10.0053 2380 AdobeARMservice - ok
22:21:10.0115 2380 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:21:10.0115 2380 adp94xx - ok
22:21:10.0131 2380 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:21:10.0131 2380 adpahci - ok
22:21:10.0146 2380 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:21:10.0146 2380 adpu320 - ok
22:21:10.0178 2380 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:21:10.0178 2380 AeLookupSvc - ok
22:21:10.0224 2380 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:21:10.0240 2380 AFD - ok
22:21:10.0256 2380 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:21:10.0256 2380 agp440 - ok
22:21:10.0271 2380 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:21:10.0271 2380 ALG - ok
22:21:10.0287 2380 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:21:10.0287 2380 aliide - ok
22:21:10.0302 2380 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:21:10.0302 2380 amdide - ok
22:21:10.0318 2380 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:21:10.0318 2380 AmdK8 - ok
22:21:10.0334 2380 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:21:10.0334 2380 AmdPPM - ok
22:21:10.0380 2380 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:21:10.0380 2380 amdsata - ok
22:21:10.0396 2380 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:21:10.0396 2380 amdsbs - ok
22:21:10.0396 2380 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:21:10.0396 2380 amdxata - ok
22:21:10.0443 2380 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:21:10.0443 2380 AppID - ok
22:21:10.0474 2380 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:21:10.0474 2380 AppIDSvc - ok
22:21:10.0521 2380 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:21:10.0521 2380 Appinfo - ok
22:21:10.0536 2380 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:21:10.0536 2380 AppMgmt - ok
22:21:10.0536 2380 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:21:10.0552 2380 arc - ok
22:21:10.0552 2380 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:21:10.0552 2380 arcsas - ok
22:21:10.0568 2380 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:21:10.0568 2380 AsyncMac - ok
22:21:10.0583 2380 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:21:10.0583 2380 atapi - ok
22:21:10.0630 2380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:21:10.0630 2380 AudioEndpointBuilder - ok
22:21:10.0646 2380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:21:10.0646 2380 AudioSrv - ok
22:21:10.0973 2380 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
22:21:11.0004 2380 AVGIDSAgent - ok
22:21:11.0051 2380 [ F1A99DA71E6549D7D944596E15142866 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
22:21:11.0051 2380 AVGIDSDriver - ok
22:21:11.0082 2380 [ E6CB84918C1ABE84AAAF749D2EA4E764 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
22:21:11.0082 2380 AVGIDSHA - ok
22:21:11.0114 2380 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
22:21:11.0114 2380 Avgldx64 - ok
22:21:11.0160 2380 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
22:21:11.0160 2380 Avgloga - ok
22:21:11.0176 2380 [ EAFF19168F26FA225EB679547B718051 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
22:21:11.0176 2380 Avgmfx64 - ok
22:21:11.0207 2380 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
22:21:11.0207 2380 Avgrkx64 - ok
22:21:11.0238 2380 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
22:21:11.0238 2380 Avgtdia - ok
22:21:11.0285 2380 [ BFD698CC6E1DE2E0D23155DECC513D2F ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
22:21:11.0285 2380 avgtp - ok
22:21:11.0332 2380 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
22:21:11.0332 2380 avgwd - ok
22:21:11.0363 2380 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:21:11.0363 2380 AxInstSV - ok
22:21:11.0410 2380 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:21:11.0426 2380 b06bdrv - ok
22:21:11.0457 2380 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:21:11.0457 2380 b57nd60a - ok
22:21:11.0504 2380 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:21:11.0504 2380 BDESVC - ok
22:21:11.0519 2380 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:21:11.0519 2380 Beep - ok
22:21:11.0582 2380 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:21:11.0597 2380 BFE - ok
22:21:11.0644 2380 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:21:11.0644 2380 BITS - ok
22:21:11.0660 2380 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:21:11.0660 2380 blbdrive - ok
22:21:11.0706 2380 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:21:11.0706 2380 bowser - ok
22:21:11.0722 2380 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:21:11.0722 2380 BrFiltLo - ok
22:21:11.0753 2380 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:21:11.0753 2380 BrFiltUp - ok
22:21:11.0769 2380 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:21:11.0769 2380 Browser - ok
22:21:11.0800 2380 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:21:11.0816 2380 Brserid - ok
22:21:11.0831 2380 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:21:11.0831 2380 BrSerWdm - ok
22:21:11.0831 2380 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:21:11.0831 2380 BrUsbMdm - ok
22:21:11.0847 2380 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:21:11.0847 2380 BrUsbSer - ok
22:21:11.0894 2380 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:21:11.0894 2380 BthEnum - ok
22:21:11.0925 2380 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:21:11.0925 2380 BTHMODEM - ok
22:21:11.0956 2380 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:21:11.0972 2380 BthPan - ok
22:21:12.0018 2380 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:21:12.0034 2380 BTHPORT - ok
22:21:12.0081 2380 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:21:12.0081 2380 bthserv - ok
22:21:12.0096 2380 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:21:12.0112 2380 BTHUSB - ok
22:21:12.0174 2380 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
22:21:12.0237 2380 btmhsf - ok
22:21:12.0299 2380 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
22:21:12.0299 2380 BTWAMPFL - ok
22:21:12.0330 2380 [ 7CF028CE78696882B327FF13D2DFA534 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:21:12.0346 2380 btwaudio - ok
22:21:12.0362 2380 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
22:21:12.0362 2380 btwavdt - ok
22:21:12.0393 2380 [ 3D5E7FB2CB69A6186C7954C0859173F4 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:21:12.0408 2380 btwdins - ok
22:21:12.0408 2380 [ 346B4051B3D7FF70E8F027869B8ECA6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:21:12.0424 2380 btwl2cap - ok
22:21:12.0440 2380 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:21:12.0440 2380 btwrchid - ok
22:21:12.0455 2380 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:21:12.0455 2380 cdfs - ok
22:21:12.0502 2380 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
22:21:12.0502 2380 cdrom - ok
22:21:12.0549 2380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:21:12.0549 2380 CertPropSvc - ok
22:21:12.0596 2380 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:21:12.0596 2380 circlass - ok
22:21:12.0611 2380 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:21:12.0627 2380 CLFS - ok
22:21:12.0689 2380 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:21:12.0705 2380 clr_optimization_v2.0.50727_32 - ok
22:21:12.0736 2380 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:21:12.0736 2380 clr_optimization_v2.0.50727_64 - ok
22:21:12.0814 2380 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:21:12.0814 2380 clr_optimization_v4.0.30319_32 - ok
22:21:12.0861 2380 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:21:12.0861 2380 clr_optimization_v4.0.30319_64 - ok
22:21:12.0892 2380 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:21:12.0892 2380 CmBatt - ok
22:21:12.0908 2380 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:21:12.0908 2380 cmdide - ok
22:21:12.0939 2380 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
22:21:12.0939 2380 CNG - ok
22:21:12.0954 2380 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:21:12.0954 2380 Compbatt - ok
22:21:12.0986 2380 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:21:12.0986 2380 CompositeBus - ok
22:21:13.0001 2380 COMSysApp - ok
22:21:13.0079 2380 [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:21:13.0095 2380 cphs - ok
22:21:13.0095 2380 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:21:13.0110 2380 crcdisk - ok
22:21:13.0142 2380 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:21:13.0142 2380 CryptSvc - ok
22:21:13.0188 2380 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
22:21:13.0204 2380 CSC - ok
22:21:13.0251 2380 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
22:21:13.0266 2380 CscService - ok
22:21:13.0282 2380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:21:13.0282 2380 DcomLaunch - ok
22:21:13.0329 2380 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:21:13.0329 2380 defragsvc - ok
22:21:13.0376 2380 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:21:13.0376 2380 DfsC - ok
22:21:13.0407 2380 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
22:21:13.0407 2380 DgiVecp - ok
22:21:13.0438 2380 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:21:13.0438 2380 Dhcp - ok
22:21:13.0454 2380 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:21:13.0469 2380 discache - ok
22:21:13.0485 2380 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:21:13.0485 2380 Disk - ok
22:21:13.0516 2380 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:21:13.0516 2380 Dnscache - ok
22:21:13.0547 2380 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:21:13.0563 2380 dot3svc - ok
22:21:13.0594 2380 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:21:13.0594 2380 DPS - ok
22:21:13.0641 2380 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:21:13.0641 2380 drmkaud - ok
22:21:13.0688 2380 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:21:13.0703 2380 DXGKrnl - ok
22:21:13.0734 2380 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:21:13.0734 2380 EapHost - ok
22:21:13.0844 2380 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:21:13.0890 2380 ebdrv - ok
22:21:13.0906 2380 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:21:13.0906 2380 EFS - ok
22:21:13.0968 2380 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:21:13.0968 2380 ehRecvr - ok
22:21:14.0000 2380 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:21:14.0000 2380 ehSched - ok
22:21:14.0031 2380 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:21:14.0031 2380 elxstor - ok
22:21:14.0046 2380 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:21:14.0046 2380 ErrDev - ok
22:21:14.0078 2380 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:21:14.0078 2380 EventSystem - ok
22:21:14.0171 2380 [ 54FC81B0162478A72A93DBBEAFB35671 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:21:14.0171 2380 EvtEng - ok
22:21:14.0218 2380 [ D83EB7ADE99D99A4CD6568AC1261D35E ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
22:21:14.0218 2380 ewusbnet - ok
22:21:14.0249 2380 [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
22:21:14.0249 2380 ew_hwusbdev - ok
22:21:14.0280 2380 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:21:14.0280 2380 exfat - ok
22:21:14.0296 2380 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:21:14.0312 2380 fastfat - ok
22:21:14.0358 2380 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:21:14.0358 2380 Fax - ok
22:21:14.0374 2380 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:21:14.0374 2380 fdc - ok
22:21:14.0421 2380 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:21:14.0421 2380 fdPHost - ok
22:21:14.0436 2380 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:21:14.0436 2380 FDResPub - ok
22:21:14.0452 2380 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:21:14.0452 2380 FileInfo - ok
22:21:14.0468 2380 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:21:14.0468 2380 Filetrace - ok
22:21:14.0483 2380 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:21:14.0483 2380 flpydisk - ok
22:21:14.0499 2380 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:21:14.0499 2380 FltMgr - ok
22:21:14.0530 2380 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:21:14.0546 2380 FontCache - ok
22:21:14.0608 2380 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:21:14.0608 2380 FontCache3.0.0.0 - ok
22:21:14.0624 2380 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:21:14.0624 2380 FsDepends - ok
22:21:14.0655 2380 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:21:14.0655 2380 Fs_Rec - ok
22:21:14.0686 2380 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:21:14.0686 2380 fvevol - ok
22:21:14.0702 2380 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:21:14.0702 2380 gagp30kx - ok
22:21:14.0748 2380 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:21:14.0764 2380 gpsvc - ok
22:21:14.0858 2380 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:21:14.0858 2380 gupdate - ok
22:21:14.0889 2380 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:21:14.0889 2380 gupdatem - ok
22:21:14.0936 2380 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:21:14.0936 2380 hcw85cir - ok
22:21:14.0982 2380 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:21:14.0982 2380 HdAudAddService - ok
22:21:15.0029 2380 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:21:15.0029 2380 HDAudBus - ok
22:21:15.0029 2380 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:21:15.0045 2380 HidBatt - ok
22:21:15.0060 2380 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:21:15.0060 2380 HidBth - ok
22:21:15.0060 2380 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:21:15.0060 2380 HidIr - ok
22:21:15.0107 2380 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:21:15.0107 2380 hidserv - ok
22:21:15.0123 2380 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:21:15.0123 2380 HidUsb - ok
22:21:15.0154 2380 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:21:15.0154 2380 hkmsvc - ok
22:21:15.0201 2380 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:21:15.0201 2380 HomeGroupListener - ok
22:21:15.0232 2380 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:21:15.0232 2380 HomeGroupProvider - ok
22:21:15.0248 2380 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:21:15.0248 2380 HpSAMD - ok
22:21:15.0279 2380 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:21:15.0294 2380 HTTP - ok
22:21:15.0326 2380 [ C2212C930D7A6CC21972B9882683D271 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
22:21:15.0326 2380 huawei_enumerator - ok
22:21:15.0357 2380 [ 6E05228393CD614B983568EC40C262C3 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:21:15.0357 2380 hwdatacard - ok
22:21:15.0435 2380 HWDeviceService64.exe - ok
22:21:15.0466 2380 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:21:15.0466 2380 hwpolicy - ok
22:21:15.0497 2380 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:21:15.0497 2380 i8042prt - ok
22:21:15.0544 2380 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:21:15.0544 2380 iaStorV - ok
22:21:15.0575 2380 [ FC47F5CF561BF0FD897EFD1A9604DCCF ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
22:21:15.0575 2380 iBtFltCoex - ok
22:21:15.0638 2380 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:21:15.0653 2380 idsvc - ok
22:21:15.0887 2380 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:21:16.0121 2380 igfx - ok
22:21:16.0152 2380 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:21:16.0152 2380 iirsp - ok
22:21:16.0199 2380 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:21:16.0215 2380 IKEEXT - ok
22:21:16.0230 2380 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:21:16.0230 2380 intelide - ok
22:21:16.0262 2380 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:21:16.0262 2380 intelppm - ok
22:21:16.0293 2380 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:21:16.0293 2380 IPBusEnum - ok
22:21:16.0340 2380 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:21:16.0340 2380 IpFilterDriver - ok
22:21:16.0386 2380 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:21:16.0386 2380 iphlpsvc - ok
22:21:16.0418 2380 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:21:16.0418 2380 IPMIDRV - ok
22:21:16.0418 2380 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:21:16.0433 2380 IPNAT - ok
22:21:16.0449 2380 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:21:16.0449 2380 IRENUM - ok
22:21:16.0480 2380 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:21:16.0480 2380 isapnp - ok
22:21:16.0496 2380 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:21:16.0511 2380 iScsiPrt - ok
22:21:16.0527 2380 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:21:16.0527 2380 kbdclass - ok
22:21:16.0558 2380 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:21:16.0558 2380 kbdhid - ok
22:21:16.0574 2380 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:21:16.0574 2380 KeyIso - ok
22:21:16.0605 2380 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:21:16.0605 2380 KSecDD - ok
22:21:16.0636 2380 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:21:16.0636 2380 KSecPkg - ok
22:21:16.0652 2380 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:21:16.0652 2380 ksthunk - ok
22:21:16.0698 2380 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:21:16.0698 2380 KtmRm - ok
22:21:16.0745 2380 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:21:16.0745 2380 LanmanServer - ok
22:21:16.0776 2380 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:21:16.0792 2380 LanmanWorkstation - ok
22:21:16.0823 2380 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:21:16.0823 2380 lltdio - ok
22:21:16.0854 2380 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:21:16.0870 2380 lltdsvc - ok
22:21:16.0886 2380 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:21:16.0886 2380 lmhosts - ok
22:21:16.0901 2380 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:21:16.0901 2380 LSI_FC - ok
22:21:16.0917 2380 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:21:16.0917 2380 LSI_SAS - ok
22:21:16.0932 2380 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:21:16.0948 2380 LSI_SAS2 - ok
22:21:16.0948 2380 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:21:16.0948 2380 LSI_SCSI - ok
22:21:16.0964 2380 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:21:16.0964 2380 luafv - ok
22:21:17.0026 2380 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:21:17.0026 2380 MBAMProtector - ok
22:21:17.0088 2380 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:21:17.0088 2380 MBAMScheduler - ok
22:21:17.0135 2380 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:21:17.0151 2380 MBAMService - ok
22:21:17.0198 2380 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:21:17.0198 2380 Mcx2Svc - ok
22:21:17.0213 2380 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:21:17.0213 2380 megasas - ok
22:21:17.0229 2380 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:21:17.0229 2380 MegaSR - ok
22:21:17.0260 2380 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:21:17.0276 2380 MEIx64 - ok
22:21:17.0322 2380 Microsoft SharePoint Workspace Audit Service - ok
22:21:17.0354 2380 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:21:17.0354 2380 MMCSS - ok
22:21:17.0369 2380 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:21:17.0385 2380 Modem - ok
22:21:17.0400 2380 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:21:17.0400 2380 monitor - ok
22:21:17.0432 2380 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:21:17.0432 2380 mouclass - ok
22:21:17.0447 2380 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:21:17.0447 2380 mouhid - ok
22:21:17.0494 2380 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:21:17.0494 2380 mountmgr - ok
22:21:17.0525 2380 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:21:17.0525 2380 mpio - ok
22:21:17.0525 2380 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:21:17.0525 2380 mpsdrv - ok
22:21:17.0572 2380 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:21:17.0572 2380 MpsSvc - ok
22:21:17.0619 2380 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:21:17.0619 2380 MRxDAV - ok
22:21:17.0666 2380 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:21:17.0666 2380 mrxsmb - ok
22:21:17.0697 2380 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:21:17.0697 2380 mrxsmb10 - ok
22:21:17.0712 2380 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:21:17.0712 2380 mrxsmb20 - ok
22:21:17.0728 2380 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:21:17.0728 2380 msahci - ok
22:21:17.0744 2380 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:21:17.0759 2380 msdsm - ok
22:21:17.0775 2380 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:21:17.0775 2380 MSDTC - ok
22:21:17.0806 2380 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:21:17.0806 2380 Msfs - ok
22:21:17.0837 2380 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:21:17.0837 2380 mshidkmdf - ok
22:21:17.0853 2380 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:21:17.0853 2380 msisadrv - ok
22:21:17.0900 2380 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:21:17.0900 2380 MSiSCSI - ok
22:21:17.0900 2380 msiserver - ok
22:21:17.0931 2380 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:21:17.0931 2380 MSKSSRV - ok
22:21:17.0946 2380 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:21:17.0946 2380 MSPCLOCK - ok
22:21:17.0962 2380 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:21:17.0962 2380 MSPQM - ok
22:21:17.0993 2380 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:21:17.0993 2380 MsRPC - ok
22:21:18.0009 2380 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:21:18.0009 2380 mssmbios - ok
22:21:18.0009 2380 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:21:18.0009 2380 MSTEE - ok
22:21:18.0024 2380 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:21:18.0024 2380 MTConfig - ok
22:21:18.0040 2380 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:21:18.0040 2380 Mup - ok
22:21:18.0087 2380 [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
22:21:18.0087 2380 MyWiFiDHCPDNS - ok
22:21:18.0134 2380 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:21:18.0149 2380 napagent - ok
22:21:18.0180 2380 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:21:18.0180 2380 NativeWifiP - ok
22:21:18.0227 2380 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:21:18.0243 2380 NDIS - ok
22:21:18.0258 2380 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:21:18.0258 2380 NdisCap - ok
22:21:18.0290 2380 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:21:18.0290 2380 NdisTapi - ok
22:21:18.0321 2380 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:21:18.0336 2380 Ndisuio - ok
22:21:18.0368 2380 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:21:18.0383 2380 NdisWan - ok
22:21:18.0414 2380 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:21:18.0414 2380 NDProxy - ok
22:21:18.0430 2380 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:21:18.0430 2380 NetBIOS - ok
22:21:18.0461 2380 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:21:18.0461 2380 NetBT - ok
22:21:18.0477 2380 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:21:18.0477 2380 Netlogon - ok
22:21:18.0508 2380 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:21:18.0524 2380 Netman - ok
22:21:18.0524 2380 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:21:18.0539 2380 netprofm - ok
22:21:18.0570 2380 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:21:18.0570 2380 NetTcpPortSharing - ok
22:21:18.0742 2380 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
22:21:18.0804 2380 NETwNs64 - ok
22:21:18.0851 2380 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:21:18.0851 2380 nfrd960 - ok
22:21:18.0898 2380 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:21:18.0898 2380 NlaSvc - ok
22:21:18.0929 2380 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:21:18.0929 2380 Npfs - ok
22:21:18.0960 2380 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:21:18.0960 2380 nsi - ok
22:21:18.0960 2380 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:21:18.0976 2380 nsiproxy - ok
22:21:19.0007 2380 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:21:19.0023 2380 Ntfs - ok
22:21:19.0038 2380 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:21:19.0038 2380 Null - ok
22:21:19.0054 2380 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:21:19.0054 2380 nvraid - ok
22:21:19.0070 2380 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:21:19.0085 2380 nvstor - ok
22:21:19.0101 2380 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:21:19.0101 2380 nv_agp - ok
22:21:19.0132 2380 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:21:19.0132 2380 ohci1394 - ok
22:21:19.0194 2380 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:21:19.0194 2380 ose - ok
22:21:19.0350 2380 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:21:19.0382 2380 osppsvc - ok
22:21:19.0413 2380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:21:19.0428 2380 p2pimsvc - ok
22:21:19.0460 2380 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:21:19.0475 2380 p2psvc - ok
22:21:19.0506 2380 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:21:19.0506 2380 Parport - ok
22:21:19.0522 2380 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:21:19.0522 2380 partmgr - ok
22:21:19.0538 2380 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:21:19.0538 2380 PcaSvc - ok
22:21:19.0569 2380 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:21:19.0569 2380 pci - ok
22:21:19.0584 2380 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:21:19.0584 2380 pciide - ok
22:21:19.0616 2380 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:21:19.0616 2380 pcmcia - ok
22:21:19.0631 2380 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:21:19.0631 2380 pcw - ok
22:21:19.0647 2380 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:21:19.0662 2380 PEAUTH - ok
22:21:19.0694 2380 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:21:19.0709 2380 PeerDistSvc - ok
22:21:19.0772 2380 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:21:19.0772 2380 PerfHost - ok
22:21:19.0850 2380 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:21:19.0865 2380 pla - ok
22:21:19.0912 2380 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:21:19.0912 2380 PlugPlay - ok
22:21:19.0959 2380 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:21:19.0959 2380 PNRPAutoReg - ok
22:21:19.0974 2380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:21:19.0974 2380 PNRPsvc - ok
22:21:20.0021 2380 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:21:20.0037 2380 PolicyAgent - ok
22:21:20.0068 2380 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:21:20.0068 2380 Power - ok
22:21:20.0115 2380 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:21:20.0115 2380 PptpMiniport - ok
22:21:20.0130 2380 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:21:20.0130 2380 Processor - ok
22:21:20.0177 2380 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:21:20.0177 2380 ProfSvc - ok
22:21:20.0193 2380 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:21:20.0193 2380 ProtectedStorage - ok
22:21:20.0224 2380 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:21:20.0240 2380 Psched - ok
22:21:20.0302 2380 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:21:20.0318 2380 ql2300 - ok
22:21:20.0333 2380 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:21:20.0333 2380 ql40xx - ok
22:21:20.0364 2380 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:21:20.0380 2380 QWAVE - ok
22:21:20.0396 2380 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:21:20.0396 2380 QWAVEdrv - ok
22:21:20.0411 2380 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:21:20.0427 2380 RasAcd - ok
22:21:20.0458 2380 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:21:20.0458 2380 RasAgileVpn - ok
22:21:20.0474 2380 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:21:20.0489 2380 RasAuto - ok
22:21:20.0505 2380 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:21:20.0520 2380 Rasl2tp - ok
22:21:20.0552 2380 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:21:20.0567 2380 RasMan - ok
22:21:20.0583 2380 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:21:20.0583 2380 RasPppoe - ok
22:21:20.0598 2380 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:21:20.0598 2380 RasSstp - ok
22:21:20.0630 2380 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:21:20.0645 2380 rdbss - ok
22:21:20.0661 2380 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:21:20.0661 2380 rdpbus - ok
22:21:20.0676 2380 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:21:20.0676 2380 RDPCDD - ok
22:21:20.0708 2380 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:21:20.0708 2380 RDPDR - ok
22:21:20.0723 2380 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:21:20.0723 2380 RDPENCDD - ok
22:21:20.0739 2380 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:21:20.0739 2380 RDPREFMP - ok
22:21:20.0770 2380 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:21:20.0770 2380 RdpVideoMiniport - ok
22:21:20.0801 2380 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:21:20.0801 2380 RDPWD - ok
22:21:20.0832 2380 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:21:20.0832 2380 rdyboost - ok
22:21:20.0910 2380 [ A436F5E7D80BBDBB0826D0F176D5BEA8 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:21:20.0926 2380 RegSrvc - ok
22:21:20.0957 2380 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:21:20.0957 2380 RemoteAccess - ok
22:21:20.0988 2380 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:21:20.0988 2380 RemoteRegistry - ok
22:21:21.0035 2380 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:21:21.0035 2380 RFCOMM - ok
22:21:21.0051 2380 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:21:21.0066 2380 RpcEptMapper - ok
22:21:21.0082 2380 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:21:21.0082 2380 RpcLocator - ok
22:21:21.0113 2380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:21:21.0129 2380 RpcSs - ok
22:21:21.0144 2380 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:21:21.0144 2380 rspndr - ok
22:21:21.0207 2380 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:21:21.0222 2380 RTL8167 - ok
22:21:21.0238 2380 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:21:21.0238 2380 s3cap - ok
22:21:21.0254 2380 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:21:21.0254 2380 SamSs - ok
22:21:21.0300 2380 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:21:21.0300 2380 SASDIFSV - ok
22:21:21.0316 2380 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:21:21.0316 2380 SASKUTIL - ok
22:21:21.0332 2380 sbapifs - ok
22:21:21.0347 2380 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:21:21.0347 2380 sbp2port - ok
22:21:21.0394 2380 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:21:21.0394 2380 SCardSvr - ok
22:21:21.0456 2380 [ 3A09F31454DFEFBB124BAF378F90B636 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
22:21:21.0456 2380 SCDEmu - ok
22:21:21.0503 2380 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:21:21.0503 2380 scfilter - ok
22:21:21.0566 2380 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:21:21.0581 2380 Schedule - ok
22:21:21.0628 2380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:21:21.0628 2380 SCPolicySvc - ok
22:21:21.0675 2380 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:21:21.0675 2380 SDRSVC - ok
22:21:21.0706 2380 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:21:21.0706 2380 secdrv - ok
22:21:21.0737 2380 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:21:21.0753 2380 seclogon - ok
22:21:21.0753 2380 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:21:21.0768 2380 SENS - ok
22:21:21.0784 2380 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:21:21.0784 2380 SensrSvc - ok
22:21:21.0784 2380 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:21:21.0784 2380 Serenum - ok
22:21:21.0815 2380 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:21:21.0815 2380 Serial - ok
22:21:21.0831 2380 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:21:21.0831 2380 sermouse - ok
22:21:21.0878 2380 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:21:21.0878 2380 SessionEnv - ok
22:21:21.0893 2380 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:21:21.0893 2380 sffdisk - ok
22:21:21.0909 2380 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:21:21.0909 2380 sffp_mmc - ok
22:21:21.0924 2380 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:21:21.0924 2380 sffp_sd - ok
22:21:21.0940 2380 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:21:21.0940 2380 sfloppy - ok
22:21:21.0971 2380 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:21:21.0971 2380 SharedAccess - ok
22:21:22.0002 2380 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:21:22.0018 2380 ShellHWDetection - ok
22:21:22.0018 2380 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:21:22.0034 2380 SiSRaid2 - ok
22:21:22.0034 2380 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:21:22.0034 2380 SiSRaid4 - ok
22:21:22.0080 2380 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:21:22.0080 2380 SkypeUpdate - ok
22:21:22.0112 2380 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:21:22.0112 2380 Smb - ok
22:21:22.0143 2380 [ CA62AE004E98374BF7F082CD765EEA02 ] SNMP C:\Windows\System32\snmp.exe
22:21:22.0143 2380 SNMP - ok
22:21:22.0174 2380 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:21:22.0174 2380 SNMPTRAP - ok
22:21:22.0190 2380 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:21:22.0190 2380 spldr - ok
22:21:22.0205 2380 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:21:22.0221 2380 Spooler - ok
22:21:22.0314 2380 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:21:22.0346 2380 sppsvc - ok
22:21:22.0346 2380 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:21:22.0361 2380 sppuinotify - ok
22:21:22.0377 2380 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:21:22.0392 2380 srv - ok
22:21:22.0408 2380 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:21:22.0408 2380 srv2 - ok
22:21:22.0455 2380 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:21:22.0455 2380 srvnet - ok
22:21:22.0502 2380 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:21:22.0517 2380 SSDPSRV - ok
22:21:22.0548 2380 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
22:21:22.0548 2380 SSPORT - ok
22:21:22.0564 2380 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:21:22.0564 2380 SstpSvc - ok
22:21:22.0595 2380 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:21:22.0595 2380 stexstor - ok
22:21:22.0642 2380 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:21:22.0642 2380 stisvc - ok
22:21:22.0673 2380 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:21:22.0673 2380 storflt - ok
22:21:22.0689 2380 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:21:22.0704 2380 storvsc - ok
22:21:22.0720 2380 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:21:22.0720 2380 swenum - ok
22:21:22.0736 2380 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:21:22.0736 2380 swprv - ok
22:21:22.0751 2380 Synth3dVsc - ok
22:21:22.0814 2380 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:21:22.0845 2380 SysMain - ok
22:21:22.0876 2380 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:21:22.0876 2380 TabletInputService - ok
22:21:22.0923 2380 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:21:22.0923 2380 TapiSrv - ok
22:21:22.0954 2380 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:21:22.0970 2380 TBS - ok
22:21:23.0016 2380 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:21:23.0032 2380 Tcpip - ok
22:21:23.0063 2380 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:21:23.0079 2380 TCPIP6 - ok
22:21:23.0110 2380 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:21:23.0110 2380 tcpipreg - ok
22:21:23.0141 2380 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:21:23.0141 2380 TDPIPE - ok
22:21:23.0188 2380 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:21:23.0188 2380 TDTCP - ok
22:21:23.0235 2380 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:21:23.0235 2380 tdx - ok
22:21:23.0250 2380 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:21:23.0250 2380 TermDD - ok
22:21:23.0297 2380 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:21:23.0297 2380 TermService - ok
22:21:23.0313 2380 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:21:23.0313 2380 Themes - ok
22:21:23.0328 2380 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:21:23.0328 2380 THREADORDER - ok
22:21:23.0360 2380 [ 68FE3D89829E27D4FD5EEA7BD2C41985 ] tihub3 C:\Windows\system32\DRIVERS\tihub3.sys
22:21:23.0360 2380 tihub3 - ok
22:21:23.0406 2380 [ 0102C9633CE1F18A6AC021F28B734DB5 ] tixhci C:\Windows\system32\DRIVERS\tixhci.sys
22:21:23.0406 2380 tixhci - ok
22:21:23.0438 2380 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:21:23.0438 2380 TrkWks - ok
22:21:23.0500 2380 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:21:23.0500 2380 TrustedInstaller - ok
22:21:23.0531 2380 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:21:23.0531 2380 tssecsrv - ok
22:21:23.0562 2380 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:21:23.0562 2380 TsUsbFlt - ok
22:21:23.0578 2380 tsusbhub - ok
22:21:23.0625 2380 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:21:23.0625 2380 tunnel - ok
22:21:23.0656 2380 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:21:23.0656 2380 uagp35 - ok
22:21:23.0687 2380 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:21:23.0687 2380 udfs - ok
22:21:23.0703 2380 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:21:23.0703 2380 UI0Detect - ok
22:21:23.0718 2380 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:21:23.0718 2380 uliagpkx - ok
22:21:23.0750 2380 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:21:23.0750 2380 umbus - ok
22:21:23.0765 2380 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:21:23.0765 2380 UmPass - ok
22:21:23.0812 2380 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
22:21:23.0812 2380 UmRdpService - ok
22:21:23.0843 2380 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:21:23.0843 2380 upnphost - ok
22:21:23.0874 2380 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:21:23.0874 2380 usbccgp - ok
22:21:23.0890 2380 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:21:23.0890 2380 usbcir - ok
22:21:23.0906 2380 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:21:23.0906 2380 usbehci - ok
22:21:23.0921 2380 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:21:23.0921 2380 usbhub - ok
22:21:23.0937 2380 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:21:23.0937 2380 usbohci - ok
22:21:23.0984 2380 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:21:23.0984 2380 usbprint - ok
22:21:23.0984 2380 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:21:23.0999 2380 USBSTOR - ok
22:21:23.0999 2380 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:21:23.0999 2380 usbuhci - ok
22:21:24.0046 2380 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:21:24.0046 2380 usbvideo - ok
22:21:24.0046 2380 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:21:24.0046 2380 UxSms - ok
22:21:24.0062 2380 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:21:24.0062 2380 VaultSvc - ok
22:21:24.0077 2380 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:21:24.0077 2380 vdrvroot - ok
22:21:24.0108 2380 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:21:24.0124 2380 vds - ok
22:21:24.0140 2380 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:21:24.0140 2380 vga - ok
22:21:24.0155 2380 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:21:24.0155 2380 VgaSave - ok
22:21:24.0155 2380 VGPU - ok
22:21:24.0186 2380 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:21:24.0186 2380 vhdmp - ok
22:21:24.0202 2380 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:21:24.0202 2380 viaide - ok
22:21:24.0233 2380 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:21:24.0233 2380 vmbus - ok
22:21:24.0233 2380 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:21:24.0233 2380 VMBusHID - ok
22:21:24.0249 2380 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:21:24.0249 2380 volmgr - ok
22:21:24.0296 2380 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:21:24.0296 2380 volmgrx - ok
22:21:24.0311 2380 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:21:24.0311 2380 volsnap - ok
22:21:24.0327 2380 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:21:24.0327 2380 vsmraid - ok
22:21:24.0374 2380 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:21:24.0374 2380 VSS - ok
22:21:24.0420 2380 [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
22:21:24.0436 2380 vToolbarUpdater13.2.0 - ok
22:21:24.0452 2380 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:21:24.0452 2380 vwifibus - ok
22:21:24.0483 2380 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:21:24.0483 2380 vwififlt - ok
22:21:24.0498 2380 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:21:24.0498 2380 vwifimp - ok
22:21:24.0545 2380 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:21:24.0561 2380 W32Time - ok
22:21:24.0576 2380 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:21:24.0576 2380 WacomPen - ok
22:21:24.0623 2380 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:21:24.0623 2380 WANARP - ok
22:21:24.0623 2380 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:21:24.0623 2380 Wanarpv6 - ok
22:21:24.0686 2380 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:21:24.0701 2380 wbengine - ok
22:21:24.0717 2380 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:21:24.0717 2380 WbioSrvc - ok
22:21:24.0748 2380 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:21:24.0748 2380 wcncsvc - ok
22:21:24.0764 2380 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:21:24.0764 2380 WcsPlugInService - ok
22:21:24.0795 2380 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:21:24.0795 2380 Wd - ok
22:21:24.0826 2380 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
22:21:24.0826 2380 WDC_SAM - ok
22:21:24.0857 2380 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:21:24.0857 2380 Wdf01000 - ok
22:21:24.0857 2380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:21:24.0873 2380 WdiServiceHost - ok
22:21:24.0873 2380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:21:24.0873 2380 WdiSystemHost - ok
22:21:24.0904 2380 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:21:24.0920 2380 WebClient - ok
22:21:24.0920 2380 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:21:24.0935 2380 Wecsvc - ok
22:21:24.0935 2380 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:21:24.0951 2380 wercplsupport - ok
22:21:24.0951 2380 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:21:24.0951 2380 WerSvc - ok
22:21:24.0966 2380 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:21:24.0966 2380 WfpLwf - ok
22:21:24.0982 2380 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:21:24.0982 2380 WIMMount - ok
22:21:25.0013 2380 WinDefend - ok
22:21:25.0013 2380 WinHttpAutoProxySvc - ok
22:21:25.0091 2380 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:21:25.0091 2380 Winmgmt - ok
22:21:25.0169 2380 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:21:25.0185 2380 WinRM - ok
22:21:25.0247 2380 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:21:25.0247 2380 WinUsb - ok
22:21:25.0310 2380 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:21:25.0310 2380 Wlansvc - ok
22:21:25.0341 2380 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:21:25.0341 2380 WmiAcpi - ok
22:21:25.0356 2380 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:21:25.0356 2380 wmiApSrv - ok
22:21:25.0356 2380 WMPNetworkSvc - ok
22:21:25.0372 2380 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:21:25.0372 2380 WPCSvc - ok
22:21:25.0403 2380 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:21:25.0403 2380 WPDBusEnum - ok
22:21:25.0434 2380 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:21:25.0450 2380 ws2ifsl - ok
22:21:25.0450 2380 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:21:25.0450 2380 wscsvc - ok
22:21:25.0466 2380 WSearch - ok
22:21:25.0544 2380 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:21:25.0559 2380 wuauserv - ok
22:21:25.0575 2380 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:21:25.0575 2380 WudfPf - ok
22:21:25.0622 2380 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:21:25.0622 2380 WUDFRd - ok
22:21:25.0668 2380 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:21:25.0668 2380 wudfsvc - ok
22:21:25.0715 2380 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:21:25.0715 2380 WwanSvc - ok
22:21:25.0762 2380 ================ Scan global ===============================
22:21:25.0793 2380 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:21:25.0824 2380 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
22:21:25.0824 2380 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
22:21:25.0871 2380 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:21:25.0902 2380 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:21:25.0902 2380 [Global] - ok
22:21:25.0902 2380 ================ Scan MBR ==================================
22:21:25.0902 2380 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:21:26.0090 2380 \Device\Harddisk0\DR0 - ok
22:21:26.0090 2380 ================ Scan VBR ==================================
22:21:26.0090 2380 [ 2128A24E1F430B79A44315D7BEDA9CF4 ] \Device\Harddisk0\DR0\Partition1
22:21:26.0090 2380 \Device\Harddisk0\DR0\Partition1 - ok
22:21:26.0121 2380 [ 4A14C20EDDC66384873FE8A4B2C41252 ] \Device\Harddisk0\DR0\Partition2
22:21:26.0136 2380 \Device\Harddisk0\DR0\Partition2 - ok
22:21:26.0152 2380 [ 059D1DAF4D5D53B6B747E14B93737469 ] \Device\Harddisk0\DR0\Partition3
22:21:26.0152 2380 \Device\Harddisk0\DR0\Partition3 - ok
22:21:26.0152 2380 ============================================================
22:21:26.0152 2380 Scan finished
22:21:26.0152 2380 ============================================================
22:21:26.0168 5116 Detected object count: 0
22:21:26.0168 5116 Actual detected object count: 0

#15 IevaZ

IevaZ
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 07 November 2012 - 08:33 PM

RogueKiller V8.2.3 [11/07/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Ieva [Admin rights]
Mode : Remove -- Date : 11/07/2012 22:32:31

Bad processes : 3
[SUSP PATH] HWDeviceService64.exe -- C:\ProgramData\DatacardService\HWDeviceService64.exe -> KILLED [TermProc]
[SUSP PATH] DCSHelper.exe -- C:\ProgramData\DatacardService\DCSHelper.exe -> KILLED [TermProc]
[SUSP PATH] DCSHelper.exe -- C:\ProgramData\DatacardService\DCSHelper.exe -> KILLED [TermProc]

Registry Entries : 9
[RUN][SUSP PATH] HKCU\[...]\Run : volq (rundll32 "C:\Users\Ieva\AppData\Roaming\srclient0.dll",KGUGBEVDXP) -> DELETED
[TASK][SUSP PATH] {5A0847F6-A804-4577-A824-CE08F74B2944} : "c:\users\ieva\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?source=lightinstaller&page=tsInstall -> DELETED
[TASK][SUSP PATH] {F9D0FAAD-F69C-4EE2-A1B0-E096480DC485} : "c:\users\ieva\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116&LastError=12007 -> DELETED
[TASK][SUSP PATH] {FB03932A-47B2-4278-BC8A-522DA8130238} : "c:\users\ieva\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?source=lightinstaller&page=tsInstall -> DELETED
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (windows;7;ultimate:80) -> NOT REMOVED, USE PROXYFIX
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{E31CB6E9-B391-4013-A7FD-A2030E7E6BEF} : NameServer (200.63.56.4 200.63.56.3) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{E31CB6E9-B391-4013-A7FD-A2030E7E6BEF} : NameServer (200.63.56.5 200.63.56.3) -> NOT REMOVED, USE DNSFIX
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost


MBR Check:

+++++ PhysicalDrive0: SAMSUNG HM500JJ ATA Device +++++
--- User ---
[MBR] b334b3dbad7af65936a5fefb8c5464fe
[BSP] 4648af08771f020bd99f8ad0f5c8ab02 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 5472256 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 5677056 | Size: 66165 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 141182976 | Size: 399999 Mo
3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 960385022 | Size: 8001 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3]_D_11072012_02d2232.txt >>
RKreport[1]_S_11072012_02d2230.txt ; RKreport[2]_S_11072012_02d2231.txt ; RKreport[3]_D_11072012_02d2232.txt




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users