Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Phishing?? or something has taken control of my searches


  • Please log in to reply
5 replies to this topic

#1 JHarts

JHarts

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:47 PM

Posted 10 November 2012 - 02:27 PM

I have what I believe to be a phishing problem on a Dell Inspiron N5010 running Windows 7. I have Trend Micro Titanium Maximum Security for protection and recently installed WOT.

It started about six months ago and I'm not sure what I may have clicked on to create such havoc.

The original symptom: I would launch my browser (set to default to my iGoogle), enter something in the search box, get a bunch of results and click on a link. The link would take me somewhere else. I never took notice of what the page was exactly...just noticed it wasn't what I had clicked on so I'd close it out. My lame idea of dealing with the problem was to try right-clicking on the search result link. It usually took me to the right place and when it didn't, I found that doing a copy/paste of the link (if I could get the whole thing) worked. I usually ended up getting where I needed to go so I didn't try to get rid of the problem.


What I did to make it worse: Not really sure - I've been watching tv on "Project Free TV" and it launches three or four spammy ads before it lets you watch the show so probably not the smartest choice. I've recently transferred a lot of large files from one laptop to this one using a service at www.largefilesasap.com. Could that be the culprit?

I should also mention that around the same time that these phishing problems emerged, I started getting constant requests to install jucheck.exe (sorry - I'm not positive that is the name of the download and I can't seem to recreate it at the moment). The first time I got the request I googled the name and it said it was part of a valid operation - flash or something? (sorry again for being so clueless).


My initial attempt to fix: I ran CCleaner. Then I revisited an old standby - a "recipe" from Aumha.org that involved downloading Killbox. I tried to find the Killbox app and couldn't. I went to Aumha.org to search for new ideas and saw a post that recommended downloading ATF Cleaner. I tried that and got the same results as with Killbox - dead end. (Instead of taking my laptop's word for it, I did try to find Killbox and ATF Cleaner from my Droid and got the same deadlink results). Aumha's free help seems to have dwindled down so I followed one of their recommendations to go to http://forums.malwarebytes.org/index.php?showforum=7. I did that and ran Malwarebytes' Anti-Malware. It said I had a couple trojans and I followed the instructions to repair. Whatever it did during the fix was kind of a disaster because I ended up having to go back to a 10/31 restore point (sorry I can't remember the exact nature of the disaster - it was late, it was wrong, and I just threw up my hands and went to Restore). I'm tempted to try the Anti-Malware run again to try to be able to tell you what it does but it's probably a better idea if I stop running rogue and get some expert advise here.

This is where I'm at now: whether IE or Firefox, I can't set my homepage by setting it on my iGoogle and clicking "use current" or when I open a window or tab, it takes me to this web address: http://newtab.certified-toolbar.com/nff/?si=41460&tid=2938&new=true.

I will patiently wait for your advice. One additional question while I have your attention --- if I send all my files (pdf, doc, jpeg, mp3, etc.)to a backup/cloud service and reformat the hard drive, is that an option? I've done my own re-installs before so am ok doing it if it is, in the long run, going to give me the best results. I'm just wondering if the files on my laptop would be carrying gremlins with them to the cloud so I'll be re-infected when I bring them back.

Thanks for your help!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:47 PM

Posted 10 November 2012 - 09:39 PM

Welcome JHarts

Lets see what we get and how it is after these.

Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



Please Download

TDSSkiller


Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 JHarts

JHarts
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:47 PM

Posted 11 November 2012 - 12:51 PM

MiniToolBox log:

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Nannie (administrator) on 11-11-2012 at 12:23:19
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 2" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Thomas-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.pa.comcast.net.

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 8C-A9-82-29-FD-7D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 8C-A9-82-29-FD-7D
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.pa.comcast.net.
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 8C-A9-82-29-FD-7C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9ce5:274b:b73d:b2cd%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, November 05, 2012 9:58:39 PM
Lease Expires . . . . . . . . . . : Monday, November 12, 2012 8:23:05 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 378317186
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-22-BE-26-78-2B-CB-DA-50-62
DNS Servers . . . . . . . . . . . : 75.75.76.76
75.75.75.75
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 90-00-4E-E4-AE-27
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 78-2B-CB-DA-50-62
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.pa.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.pa.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:489:3bcf:3f57:fe98(Preferred)
Link-local IPv6 Address . . . . . : fe80::489:3bcf:3f57:fe98%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{28DC7773-1834-4266-954A-F6E830E8F120}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8D0C1C5F-A1FB-491E-9276-52606FD331E4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{456395B8-8D64-49AB-836B-86B5DC50E1D7}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9CC40C57-4AAC-4067-BE24-E34F272A2143}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: google.com
Addresses: 2607:f8b0:4004:802::1007
74.125.228.78
74.125.228.70
74.125.228.72
74.125.228.66
74.125.228.69
74.125.228.67
74.125.228.73
74.125.228.68
74.125.228.71
74.125.228.64
74.125.228.65


Pinging google.com [74.125.228.102] with 32 bytes of data:
Reply from 74.125.228.102: bytes=32 time=18ms TTL=55
Reply from 74.125.228.102: bytes=32 time=17ms TTL=55

Ping statistics for 74.125.228.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 18ms, Average = 17ms
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=60ms TTL=50
Reply from 98.138.253.109: bytes=32 time=65ms TTL=50

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 60ms, Maximum = 65ms, Average = 62ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...8c a9 82 29 fd 7d ......Microsoft Virtual WiFi Miniport Adapter #2
15...8c a9 82 29 fd 7d ......Microsoft Virtual WiFi Miniport Adapter
14...8c a9 82 29 fd 7c ......Intel® WiFi Link 1000 BGN
13...90 00 4e e4 ae 27 ......Bluetooth Device (Personal Area Network)
10...78 2b cb da 50 62 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
43...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.103 281
192.168.1.103 255.255.255.255 On-link 192.168.1.103 281
192.168.1.255 255.255.255.255 On-link 192.168.1.103 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.103 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.103 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 58 ::/0 On-link
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:4137:9e76:489:3bcf:3f57:fe98/128
On-link
14 281 fe80::/64 On-link
19 306 fe80::/64 On-link
19 306 fe80::489:3bcf:3f57:fe98/128
On-link
14 281 fe80::9ce5:274b:b73d:b2cd/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/11/2012 09:15:31 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (11/11/2012 00:33:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/10/2012 08:26:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/10/2012 08:26:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/10/2012 01:22:50 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (11/09/2012 08:19:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 92135

Error: (11/09/2012 08:19:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 92135

Error: (11/09/2012 08:19:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/09/2012 08:19:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 91121

Error: (11/09/2012 08:19:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 91121


System errors:
=============
Error: (11/10/2012 08:23:01 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (11/10/2012 05:25:04 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (11/10/2012 10:19:00 AM) (Source: DCOM) (User: )
Description: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}

Error: (11/10/2012 10:18:30 AM) (Source: Service Control Manager) (User: )
Description: The Google Software Updater service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 900000 milliseconds: Restart the service.

Error: (11/10/2012 10:18:26 AM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (11/09/2012 08:19:48 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (11/09/2012 08:18:09 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (11/09/2012 05:12:00 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (11/07/2012 08:09:07 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (11/07/2012 08:28:17 AM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.


Microsoft Office Sessions:
=========================
Error: (11/11/2012 09:15:31 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (11/11/2012 00:33:18 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (11/10/2012 08:26:56 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (11/10/2012 08:26:55 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (11/10/2012 01:22:50 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (11/09/2012 08:19:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 92135

Error: (11/09/2012 08:19:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 92135

Error: (11/09/2012 08:19:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/09/2012 08:19:48 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 91121

Error: (11/09/2012 08:19:48 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 91121


=========================== Installed Programs ============================

Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader 9.5.2 (Version: 9.5.2)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.1.391.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-7340 (Version: 1.0.1.0)
CCleaner (Version: 3.23)
Cozi (Version: 1.0.4323.24051)
CrashPlan (Version: 3.2.1)
D3DX10 (Version: 15.4.2368.0902)
Defraggler (Version: 2.10)
Dell DataSafe Online (Version: 2.1.20578)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell MusicStage (Version: 1.4.162.0)
Dell Perks Webslice IE8 (Version: 8.0)
Dell PhotoStage (Version: 1.5.0.67)
Dell Stage (Version: 1.7.209.0)
Dell Support Center (Version: 3.2.6032.55)
Dell VideoStage (Version: 1.1.1.1408)
Dragon NaturallySpeaking 11 (Version: 11.50.100)
Dropbox (Version: 1.4.20)
DVDFab 8.1.3.8 (09/12/2011) Qt
eBay (Version: 1.4.0)
Google Drive (Version: 1.5.3654.684)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
GoToAssist 8.0.0.514
Graboid Video 3.53 (Version: 3.53)
Graboid Video 3.53 Setup (Version: 3.5.3)
HandBrake 0.9.5 (Version: 0.9.5)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.021)
HTC Sync (Version: 3.2.20)
iCloud (Version: 2.0.2.187)
IDT Audio (Version: 1.0.6289.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.02.0000)
Intel® Rapid Storage Technology (Version: 9.6.4.1002)
Internet Explorer (Version: 8)
iTunes (Version: 10.7.0.21)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 23 (64-bit) (Version: 6.0.230)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Living Cookbook 2008
Living Cookbook 2008 (Version: 2.0.72)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MWSnap 3 (Version: 3.0.0.74)
Norton PC Checkup (Version: 2.0.11.20)
Norton PC Checkup (Version: 3.0.2.115.0)
Pando (Version: 2.5.2.0)
Quickset64 (Version: 10.5.0)
QuickTime (Version: 7.72.80.56)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30127)
ROBLOX Player for Nannie
Roxio Burn (Version: 1.01)
Safari (Version: 5.34.57.2)
Skype Toolbars (Version: 1.0.4051)
Skype™ 5.10 (Version: 5.10.116)
Spotify (Version: 0.8.3.222.g317ab79d)
Trend Micro Titanium Maximum Security (Version: 3.1.1109)
Trend Micro™ Titanium™ Maximum Security (Version: 3.00)
TrustedID (Version: 5.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (Version: 11.0.200)
WIDCOMM Bluetooth Software (Version: 6.2.1.1100)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501) (Version: 03/24/2010 6.3.0.2501)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinX DVD Ripper Platinum 6.8.1

========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 2934.68 MB
Available physical RAM: 1295.16 MB
Total Pagefile: 5867.56 MB
Available Pagefile: 3401.13 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.07 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:164.91 GB) NTFS

========================= Users: ========================================

User accounts for \\THOMAS-PC

Administrator Guest JBC
Nannie Thomas


**** End of log ****




JRT log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 2.9.8 (11.11.2012)
OS: Windows 7 Home Premium x64
Ran by Nannie on Sun 11/11/2012 at 12:28:11.12
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-289112122-388113397-3869951706-1003\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\abouturls\\Tabs
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Search Bar
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-289112122-388113397-3869951706-1003\software\microsoft\internet explorer\main\\Search Bar
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Search Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-289112122-388113397-3869951706-1003\software\microsoft\internet explorer\main\\Search Page
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\search\\Default_Search_URL
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-289112122-388113397-3869951706-1003\software\microsoft\internet explorer\search\\Default_Search_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\fun web products"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\mywebsearch"
Successfully deleted: [Registry Key] "hkey_current_user\software\datamngr"
Successfully deleted: [Registry Key] "hkey_current_user\software\datamngr_toolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\focusinteractive"
Successfully deleted: [Registry Key] "hkey_local_machine\software\fun web products"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasapi32"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasmancs"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasapi32"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasmancs"
Successfully deleted: [Registry Key] "hkey_local_machine\software\mywebsearch"
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{56256a51-b582-467e-b8d4-7786eda79ae0}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{56256a51-b582-467e-b8d4-7786eda79ae0}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{a4730ebe-43a6-443e-9776-36915d323ad3}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{f34c9277-6577-4dff-b2d7-7d58092f272f}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Nannie\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Nannie\AppData\Roaming\pccustubinstaller"
Successfully deleted: [Folder] "C:\Users\Nannie\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Nannie\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Nannie\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Users\Nannie\appdata\locallow\funwebproducts"
Successfully deleted: [Folder] "C:\Users\Nannie\appdata\locallow\mywebsearch"
Successfully deleted: [Folder] "C:\Users\Nannie\appdata\locallow\playready"
Successfully deleted: [Folder] "C:\Program Files (x86)\adawaretb"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Nannie\AppData\Roaming\Mozilla\Firefox\Profiles\n1r02kqb.default\extensions\jid1-yzwvfzbsyfmrqq@jetpack
Successfully deleted: [Folder] C:\Users\Nannie\AppData\Roaming\Mozilla\Firefox\Profiles\n1r02kqb.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Successfully deleted: [Folder] C:\Users\Nannie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Successfully deleted: [File] C:\Users\Nannie\AppData\Roaming\Mozilla\Firefox\Profiles\n1r02kqb.default\searchplugins\search_results.xml
Successfully deleted: [File] C:\Users\Nannie\AppData\Roaming\Mozilla\Firefox\Profiles\n1r02kqb.default\searchplugins\adawaretb.xml
Successfully deleted: [File] C:\Users\Nannie\AppData\Roaming\Mozilla\Firefox\Profiles\n1r02kqb.default\searchplugins\search_results.xml
Successfully deleted: [TRACUR.AV] C:\Users\Nannie\AppData\Roaming\Mozilla\Firefox\Profiles\n1r02kqb.default\extensions\ravgmrkhrp@ravgmrkhrp.org.xpi



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/11/2012 at 12:35:39.66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


TDSSkiller log:

12:40:47.0010 10568 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:40:47.0385 10568 ============================================================
12:40:47.0385 10568 Current date / time: 2012/11/11 12:40:47.0385
12:40:47.0385 10568 SystemInfo:
12:40:47.0385 10568
12:40:47.0385 10568 OS Version: 6.1.7601 ServicePack: 1.0
12:40:47.0385 10568 Product type: Workstation
12:40:47.0385 10568 ComputerName: THOMAS-PC
12:40:47.0385 10568 UserName: Nannie
12:40:47.0385 10568 Windows directory: C:\Windows
12:40:47.0385 10568 System windows directory: C:\Windows
12:40:47.0385 10568 Running under WOW64
12:40:47.0385 10568 Processor architecture: Intel x64
12:40:47.0385 10568 Number of processors: 4
12:40:47.0385 10568 Page size: 0x1000
12:40:47.0385 10568 Boot type: Normal boot
12:40:47.0385 10568 ============================================================
12:40:47.0977 10568 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:40:47.0977 10568 ============================================================
12:40:47.0977 10568 \Device\Harddisk0\DR0:
12:40:47.0977 10568 MBR partitions:
12:40:47.0977 10568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
12:40:47.0977 10568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x236AFAB0
12:40:47.0977 10568 ============================================================
12:40:48.0009 10568 C: <-> \Device\Harddisk0\DR0\Partition2
12:40:48.0009 10568 ============================================================
12:40:48.0009 10568 Initialize success
12:40:48.0009 10568 ============================================================
12:42:10.0439 4464 ============================================================
12:42:10.0439 4464 Scan started
12:42:10.0439 4464 Mode: Manual; TDLFS;
12:42:10.0439 4464 ============================================================
12:42:10.0751 4464 ================ Scan system memory ========================
12:42:10.0751 4464 System memory - ok
12:42:10.0751 4464 ================ Scan services =============================
12:42:11.0032 4464 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:42:11.0032 4464 1394ohci - ok
12:42:11.0079 4464 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:42:11.0079 4464 ACPI - ok
12:42:11.0125 4464 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:42:11.0125 4464 AcpiPmi - ok
12:42:11.0328 4464 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:42:11.0328 4464 AdobeFlashPlayerUpdateSvc - ok
12:42:11.0375 4464 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:42:11.0391 4464 adp94xx - ok
12:42:11.0422 4464 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:42:11.0422 4464 adpahci - ok
12:42:11.0453 4464 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:42:11.0469 4464 adpu320 - ok
12:42:11.0484 4464 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:42:11.0500 4464 AeLookupSvc - ok
12:42:11.0578 4464 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
12:42:11.0593 4464 AESTFilters - ok
12:42:11.0640 4464 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:42:11.0640 4464 AFD - ok
12:42:11.0687 4464 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:42:11.0687 4464 agp440 - ok
12:42:11.0703 4464 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:42:11.0718 4464 ALG - ok
12:42:11.0749 4464 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:42:11.0749 4464 aliide - ok
12:42:11.0781 4464 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:42:11.0781 4464 amdide - ok
12:42:11.0812 4464 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:42:11.0812 4464 AmdK8 - ok
12:42:11.0827 4464 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:42:11.0827 4464 AmdPPM - ok
12:42:11.0859 4464 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:42:11.0859 4464 amdsata - ok
12:42:11.0874 4464 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:42:11.0874 4464 amdsbs - ok
12:42:11.0890 4464 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:42:11.0890 4464 amdxata - ok
12:42:11.0968 4464 [ 18F64623E76FF58009D6F9CB9DEA5D0A ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
12:42:11.0968 4464 Amsp - ok
12:42:12.0015 4464 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:42:12.0015 4464 AppID - ok
12:42:12.0046 4464 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:42:12.0046 4464 AppIDSvc - ok
12:42:12.0077 4464 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:42:12.0077 4464 Appinfo - ok
12:42:12.0186 4464 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:42:12.0202 4464 Apple Mobile Device - ok
12:42:12.0233 4464 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:42:12.0233 4464 arc - ok
12:42:12.0249 4464 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:42:12.0264 4464 arcsas - ok
12:42:12.0280 4464 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:42:12.0295 4464 AsyncMac - ok
12:42:12.0327 4464 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:42:12.0327 4464 atapi - ok
12:42:12.0373 4464 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:42:12.0389 4464 AudioEndpointBuilder - ok
12:42:12.0389 4464 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:42:12.0405 4464 AudioSrv - ok
12:42:12.0467 4464 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:42:12.0467 4464 AxInstSV - ok
12:42:12.0514 4464 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:42:12.0514 4464 b06bdrv - ok
12:42:12.0545 4464 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:42:12.0561 4464 b57nd60a - ok
12:42:12.0654 4464 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
12:42:12.0654 4464 BBSvc - ok
12:42:12.0685 4464 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
12:42:12.0685 4464 BBUpdate - ok
12:42:12.0717 4464 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:42:12.0732 4464 BDESVC - ok
12:42:12.0763 4464 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:42:12.0763 4464 Beep - ok
12:42:12.0826 4464 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:42:12.0841 4464 BFE - ok
12:42:12.0888 4464 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:42:12.0904 4464 BITS - ok
12:42:12.0951 4464 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:42:12.0951 4464 blbdrive - ok
12:42:12.0997 4464 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:42:12.0997 4464 Bonjour Service - ok
12:42:13.0044 4464 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:42:13.0044 4464 bowser - ok
12:42:13.0044 4464 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:42:13.0060 4464 BrFiltLo - ok
12:42:13.0060 4464 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:42:13.0075 4464 BrFiltUp - ok
12:42:13.0107 4464 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:42:13.0122 4464 Browser - ok
12:42:13.0169 4464 [ E5E9B1625A767CEB6F319C12D33EAB78 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
12:42:13.0169 4464 BrSerIb - ok
12:42:13.0216 4464 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:42:13.0216 4464 Brserid - ok
12:42:13.0247 4464 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:42:13.0263 4464 BrSerWdm - ok
12:42:13.0278 4464 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:42:13.0278 4464 BrUsbMdm - ok
12:42:13.0294 4464 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:42:13.0294 4464 BrUsbSer - ok
12:42:13.0309 4464 [ D9F6B30AD93CBD165EC71FADF51DF25E ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
12:42:13.0309 4464 BrUsbSIb - ok
12:42:13.0356 4464 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:42:13.0356 4464 BthEnum - ok
12:42:13.0372 4464 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:42:13.0419 4464 BTHMODEM - ok
12:42:13.0465 4464 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:42:13.0465 4464 BthPan - ok
12:42:13.0512 4464 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:42:13.0512 4464 BTHPORT - ok
12:42:13.0559 4464 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:42:13.0559 4464 bthserv - ok
12:42:13.0590 4464 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:42:13.0606 4464 BTHUSB - ok
12:42:13.0606 4464 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
12:42:13.0606 4464 btusbflt - ok
12:42:13.0637 4464 [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:42:13.0637 4464 btwaudio - ok
12:42:13.0653 4464 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
12:42:13.0668 4464 btwavdt - ok
12:42:13.0746 4464 [ 10FFB5FA51D5713D872B41A59DFC2213 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:42:13.0762 4464 btwdins - ok
12:42:13.0777 4464 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:42:13.0793 4464 btwl2cap - ok
12:42:13.0793 4464 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:42:13.0793 4464 btwrchid - ok
12:42:13.0809 4464 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:42:13.0809 4464 cdfs - ok
12:42:13.0855 4464 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:42:13.0855 4464 cdrom - ok
12:42:13.0887 4464 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:42:13.0887 4464 CertPropSvc - ok
12:42:13.0918 4464 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:42:13.0918 4464 circlass - ok
12:42:13.0949 4464 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:42:13.0949 4464 CLFS - ok
12:42:14.0027 4464 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:42:14.0043 4464 clr_optimization_v2.0.50727_32 - ok
12:42:14.0074 4464 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:42:14.0089 4464 clr_optimization_v2.0.50727_64 - ok
12:42:14.0152 4464 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:42:14.0167 4464 clr_optimization_v4.0.30319_32 - ok
12:42:14.0199 4464 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:42:14.0199 4464 clr_optimization_v4.0.30319_64 - ok
12:42:14.0230 4464 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:42:14.0230 4464 CmBatt - ok
12:42:14.0261 4464 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:42:14.0261 4464 cmdide - ok
12:42:14.0292 4464 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:42:14.0292 4464 CNG - ok
12:42:14.0323 4464 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:42:14.0323 4464 Compbatt - ok
12:42:14.0370 4464 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:42:14.0370 4464 CompositeBus - ok
12:42:14.0370 4464 COMSysApp - ok
12:42:14.0448 4464 [ C295EF49BE39C1170D44F90E740C5D61 ] CrashPlanService C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
12:42:14.0448 4464 CrashPlanService - ok
12:42:14.0464 4464 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:42:14.0464 4464 crcdisk - ok
12:42:14.0511 4464 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:42:14.0511 4464 CryptSvc - ok
12:42:14.0542 4464 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
12:42:14.0542 4464 CtClsFlt - ok
12:42:14.0651 4464 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:42:14.0651 4464 cvhsvc - ok
12:42:14.0698 4464 [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
12:42:14.0713 4464 dc3d - ok
12:42:14.0745 4464 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:42:14.0745 4464 DcomLaunch - ok
12:42:14.0776 4464 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:42:14.0776 4464 defragsvc - ok
12:42:14.0823 4464 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:42:14.0823 4464 DfsC - ok
12:42:14.0838 4464 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:42:14.0838 4464 Dhcp - ok
12:42:14.0885 4464 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:42:14.0885 4464 discache - ok
12:42:14.0916 4464 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:42:14.0916 4464 Disk - ok
12:42:14.0947 4464 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:42:14.0947 4464 Dnscache - ok
12:42:14.0979 4464 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:42:14.0994 4464 dot3svc - ok
12:42:15.0010 4464 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:42:15.0010 4464 DPS - ok
12:42:15.0072 4464 [ D5761DD586C54BF710174E992FA83EAA ] DragonSvc C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
12:42:15.0072 4464 DragonSvc - ok
12:42:15.0103 4464 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:42:15.0103 4464 drmkaud - ok
12:42:15.0166 4464 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:42:15.0181 4464 DXGKrnl - ok
12:42:15.0228 4464 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:42:15.0244 4464 EapHost - ok
12:42:15.0322 4464 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:42:15.0384 4464 ebdrv - ok
12:42:15.0462 4464 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:42:15.0462 4464 EFS - ok
12:42:15.0525 4464 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:42:15.0540 4464 ehRecvr - ok
12:42:15.0571 4464 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:42:15.0571 4464 ehSched - ok
12:42:15.0618 4464 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:42:15.0634 4464 elxstor - ok
12:42:15.0665 4464 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:42:15.0665 4464 ErrDev - ok
12:42:15.0696 4464 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:42:15.0712 4464 EventSystem - ok
12:42:15.0805 4464 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:42:15.0837 4464 EvtEng - ok
12:42:15.0868 4464 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:42:15.0868 4464 exfat - ok
12:42:15.0899 4464 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:42:15.0899 4464 fastfat - ok
12:42:15.0946 4464 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:42:15.0946 4464 Fax - ok
12:42:15.0961 4464 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:42:15.0977 4464 fdc - ok
12:42:15.0993 4464 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:42:15.0993 4464 fdPHost - ok
12:42:16.0008 4464 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:42:16.0008 4464 FDResPub - ok
12:42:16.0039 4464 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:42:16.0039 4464 FileInfo - ok
12:42:16.0055 4464 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:42:16.0055 4464 Filetrace - ok
12:42:16.0071 4464 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:42:16.0071 4464 flpydisk - ok
12:42:16.0086 4464 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:42:16.0102 4464 FltMgr - ok
12:42:16.0133 4464 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:42:16.0149 4464 FontCache - ok
12:42:16.0195 4464 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:42:16.0195 4464 FontCache3.0.0.0 - ok
12:42:16.0211 4464 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:42:16.0211 4464 FsDepends - ok
12:42:16.0258 4464 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:42:16.0258 4464 Fs_Rec - ok
12:42:16.0305 4464 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:42:16.0305 4464 fvevol - ok
12:42:16.0320 4464 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:42:16.0336 4464 gagp30kx - ok
12:42:16.0367 4464 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:42:16.0367 4464 GEARAspiWDM - ok
12:42:16.0429 4464 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
12:42:16.0429 4464 GoToAssist - ok
12:42:16.0476 4464 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:42:16.0476 4464 gpsvc - ok
12:42:16.0585 4464 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:42:16.0601 4464 gupdate - ok
12:42:16.0601 4464 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:42:16.0601 4464 gupdatem - ok
12:42:16.0648 4464 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:42:16.0663 4464 gusvc - ok
12:42:16.0663 4464 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:42:16.0679 4464 hcw85cir - ok
12:42:16.0710 4464 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:42:16.0710 4464 HdAudAddService - ok
12:42:16.0741 4464 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:42:16.0741 4464 HDAudBus - ok
12:42:16.0788 4464 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:42:16.0788 4464 HECIx64 - ok
12:42:16.0804 4464 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:42:16.0804 4464 HidBatt - ok
12:42:16.0819 4464 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:42:16.0819 4464 HidBth - ok
12:42:16.0851 4464 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:42:16.0866 4464 HidIr - ok
12:42:16.0897 4464 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:42:16.0897 4464 hidserv - ok
12:42:16.0944 4464 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:42:16.0944 4464 HidUsb - ok
12:42:16.0975 4464 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:42:16.0975 4464 hkmsvc - ok
12:42:17.0007 4464 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:42:17.0007 4464 HomeGroupListener - ok
12:42:17.0053 4464 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:42:17.0053 4464 HomeGroupProvider - ok
12:42:17.0069 4464 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:42:17.0085 4464 HpSAMD - ok
12:42:17.0116 4464 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
12:42:17.0116 4464 htcnprot - ok
12:42:17.0163 4464 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:42:17.0163 4464 HTTP - ok
12:42:17.0209 4464 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:42:17.0209 4464 hwpolicy - ok
12:42:17.0256 4464 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:42:17.0256 4464 i8042prt - ok
12:42:17.0287 4464 [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:42:17.0303 4464 iaStor - ok
12:42:17.0350 4464 [ A9BE186ABF28B3D3D698CB855EDF457E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:42:17.0365 4464 IAStorDataMgrSvc - ok
12:42:17.0397 4464 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:42:17.0397 4464 iaStorV - ok
12:42:17.0443 4464 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:42:17.0459 4464 idsvc - ok
12:42:17.0693 4464 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:42:17.0880 4464 igfx - ok
12:42:17.0911 4464 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:42:17.0911 4464 iirsp - ok
12:42:17.0943 4464 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:42:17.0958 4464 IKEEXT - ok
12:42:18.0005 4464 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
12:42:18.0005 4464 Impcd - ok
12:42:18.0036 4464 [ C6C1F19205DA83C801BE7C25F4E2EE07 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:42:18.0052 4464 IntcDAud - ok
12:42:18.0099 4464 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:42:18.0099 4464 intelide - ok
12:42:18.0130 4464 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:42:18.0130 4464 intelppm - ok
12:42:18.0161 4464 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:42:18.0161 4464 IPBusEnum - ok
12:42:18.0192 4464 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:42:18.0192 4464 IpFilterDriver - ok
12:42:18.0239 4464 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:42:18.0255 4464 iphlpsvc - ok
12:42:18.0301 4464 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:42:18.0301 4464 IPMIDRV - ok
12:42:18.0333 4464 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:42:18.0333 4464 IPNAT - ok
12:42:18.0379 4464 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:42:18.0395 4464 iPod Service - ok
12:42:18.0457 4464 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:42:18.0457 4464 IRENUM - ok
12:42:18.0489 4464 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:42:18.0489 4464 isapnp - ok
12:42:18.0504 4464 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:42:18.0504 4464 iScsiPrt - ok
12:42:18.0567 4464 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:42:18.0567 4464 kbdclass - ok
12:42:18.0613 4464 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:42:18.0613 4464 kbdhid - ok
12:42:18.0629 4464 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:42:18.0629 4464 KeyIso - ok
12:42:18.0676 4464 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:42:18.0676 4464 KSecDD - ok
12:42:18.0691 4464 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:42:18.0691 4464 KSecPkg - ok
12:42:18.0707 4464 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:42:18.0707 4464 ksthunk - ok
12:42:18.0738 4464 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:42:18.0754 4464 KtmRm - ok
12:42:18.0816 4464 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:42:18.0832 4464 LanmanServer - ok
12:42:18.0847 4464 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:42:18.0863 4464 LanmanWorkstation - ok
12:42:18.0894 4464 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:42:18.0894 4464 lltdio - ok
12:42:18.0941 4464 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:42:18.0941 4464 lltdsvc - ok
12:42:18.0957 4464 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:42:18.0957 4464 lmhosts - ok
12:42:19.0019 4464 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:42:19.0035 4464 LMS - ok
12:42:19.0050 4464 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:42:19.0066 4464 LSI_FC - ok
12:42:19.0081 4464 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:42:19.0081 4464 LSI_SAS - ok
12:42:19.0097 4464 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:42:19.0097 4464 LSI_SAS2 - ok
12:42:19.0113 4464 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:42:19.0113 4464 LSI_SCSI - ok
12:42:19.0128 4464 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:42:19.0128 4464 luafv - ok
12:42:19.0159 4464 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:42:19.0159 4464 Mcx2Svc - ok
12:42:19.0175 4464 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:42:19.0191 4464 megasas - ok
12:42:19.0206 4464 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:42:19.0206 4464 MegaSR - ok
12:42:19.0222 4464 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:42:19.0222 4464 MMCSS - ok
12:42:19.0222 4464 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:42:19.0222 4464 Modem - ok
12:42:19.0253 4464 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:42:19.0253 4464 monitor - ok
12:42:19.0284 4464 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:42:19.0284 4464 mouclass - ok
12:42:19.0331 4464 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:42:19.0347 4464 mouhid - ok
12:42:19.0378 4464 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:42:19.0393 4464 mountmgr - ok
12:42:19.0440 4464 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:42:19.0456 4464 MozillaMaintenance - ok
12:42:19.0487 4464 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:42:19.0487 4464 mpio - ok
12:42:19.0503 4464 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:42:19.0503 4464 mpsdrv - ok
12:42:19.0549 4464 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:42:19.0565 4464 MpsSvc - ok
12:42:19.0627 4464 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:42:19.0627 4464 MRxDAV - ok
12:42:19.0643 4464 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:42:19.0659 4464 mrxsmb - ok
12:42:19.0674 4464 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:42:19.0674 4464 mrxsmb10 - ok
12:42:19.0690 4464 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:42:19.0690 4464 mrxsmb20 - ok
12:42:19.0721 4464 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:42:19.0721 4464 msahci - ok
12:42:19.0737 4464 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:42:19.0737 4464 msdsm - ok
12:42:19.0752 4464 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:42:19.0768 4464 MSDTC - ok
12:42:19.0799 4464 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:42:19.0799 4464 Msfs - ok
12:42:19.0815 4464 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:42:19.0815 4464 mshidkmdf - ok
12:42:19.0846 4464 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:42:19.0846 4464 msisadrv - ok
12:42:19.0861 4464 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:42:19.0861 4464 MSiSCSI - ok
12:42:19.0877 4464 msiserver - ok
12:42:19.0877 4464 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:42:19.0893 4464 MSKSSRV - ok
12:42:19.0893 4464 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:42:19.0908 4464 MSPCLOCK - ok
12:42:19.0908 4464 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:42:19.0908 4464 MSPQM - ok
12:42:19.0939 4464 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:42:19.0939 4464 MsRPC - ok
12:42:19.0986 4464 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:42:19.0986 4464 mssmbios - ok
12:42:20.0002 4464 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:42:20.0002 4464 MSTEE - ok
12:42:20.0017 4464 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:42:20.0017 4464 MTConfig - ok
12:42:20.0033 4464 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:42:20.0033 4464 Mup - ok
12:42:20.0080 4464 [ A9BC2302FBDF52C8AF4E2FC966288D21 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:42:20.0095 4464 MyWiFiDHCPDNS - ok
12:42:20.0127 4464 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:42:20.0127 4464 napagent - ok
12:42:20.0158 4464 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:42:20.0158 4464 NativeWifiP - ok
12:42:20.0205 4464 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:42:20.0220 4464 NDIS - ok
12:42:20.0236 4464 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:42:20.0236 4464 NdisCap - ok
12:42:20.0283 4464 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:42:20.0283 4464 NdisTapi - ok
12:42:20.0329 4464 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:42:20.0329 4464 Ndisuio - ok
12:42:20.0361 4464 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:42:20.0361 4464 NdisWan - ok
12:42:20.0392 4464 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:42:20.0392 4464 NDProxy - ok
12:42:20.0407 4464 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:42:20.0407 4464 NetBIOS - ok
12:42:20.0501 4464 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:42:20.0517 4464 NetBT - ok
12:42:20.0517 4464 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:42:20.0517 4464 Netlogon - ok
12:42:20.0563 4464 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:42:20.0563 4464 Netman - ok
12:42:20.0610 4464 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:42:20.0610 4464 netprofm - ok
12:42:20.0641 4464 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:42:20.0657 4464 NetTcpPortSharing - ok
12:42:20.0813 4464 [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
12:42:20.0985 4464 NETw5s64 - ok
12:42:21.0047 4464 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:42:21.0047 4464 nfrd960 - ok
12:42:21.0078 4464 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:42:21.0094 4464 NlaSvc - ok
12:42:21.0234 4464 [ DEEA1DB5275A9667A909A4F0E8D14FC5 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
12:42:21.0297 4464 NOBU - ok
12:42:21.0343 4464 Norton PC Checkup Application Launcher - ok
12:42:21.0375 4464 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:42:21.0375 4464 Npfs - ok
12:42:21.0390 4464 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:42:21.0390 4464 nsi - ok
12:42:21.0406 4464 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:42:21.0406 4464 nsiproxy - ok
12:42:21.0468 4464 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:42:21.0499 4464 Ntfs - ok
12:42:21.0531 4464 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:42:21.0531 4464 Null - ok
12:42:21.0562 4464 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:42:21.0562 4464 nvraid - ok
12:42:21.0577 4464 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:42:21.0593 4464 nvstor - ok
12:42:21.0624 4464 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:42:21.0640 4464 nv_agp - ok
12:42:21.0655 4464 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:42:21.0671 4464 ohci1394 - ok
12:42:21.0718 4464 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:42:21.0718 4464 ose - ok
12:42:21.0858 4464 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:42:21.0967 4464 osppsvc - ok
12:42:22.0045 4464 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:42:22.0061 4464 p2pimsvc - ok
12:42:22.0077 4464 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:42:22.0077 4464 p2psvc - ok
12:42:22.0092 4464 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:42:22.0108 4464 Parport - ok
12:42:22.0123 4464 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:42:22.0123 4464 partmgr - ok
12:42:22.0170 4464 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
12:42:22.0170 4464 PassThru Service - ok
12:42:22.0201 4464 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:42:22.0201 4464 PcaSvc - ok
12:42:22.0279 4464 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\ccSvcHst.exe
12:42:22.0279 4464 PCCUJobMgr - ok
12:42:22.0295 4464 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:42:22.0311 4464 pci - ok
12:42:22.0342 4464 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:42:22.0342 4464 pciide - ok
12:42:22.0342 4464 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:42:22.0342 4464 pcmcia - ok
12:42:22.0373 4464 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:42:22.0373 4464 pcw - ok
12:42:22.0389 4464 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:42:22.0404 4464 PEAUTH - ok
12:42:22.0529 4464 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:42:22.0529 4464 PerfHost - ok
12:42:22.0607 4464 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:42:22.0638 4464 pla - ok
12:42:22.0685 4464 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:42:22.0701 4464 PlugPlay - ok
12:42:22.0716 4464 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:42:22.0716 4464 PNRPAutoReg - ok
12:42:22.0747 4464 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:42:22.0747 4464 PNRPsvc - ok
12:42:22.0763 4464 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:42:22.0779 4464 PolicyAgent - ok
12:42:22.0810 4464 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:42:22.0825 4464 Power - ok
12:42:22.0841 4464 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:42:22.0841 4464 PptpMiniport - ok
12:42:22.0857 4464 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:42:22.0857 4464 Processor - ok
12:42:22.0888 4464 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:42:22.0888 4464 ProfSvc - ok
12:42:22.0903 4464 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:42:22.0903 4464 ProtectedStorage - ok
12:42:22.0950 4464 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:42:22.0950 4464 Psched - ok
12:42:22.0966 4464 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:42:22.0966 4464 PxHlpa64 - ok
12:42:23.0013 4464 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:42:23.0044 4464 ql2300 - ok
12:42:23.0059 4464 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:42:23.0059 4464 ql40xx - ok
12:42:23.0091 4464 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:42:23.0091 4464 QWAVE - ok
12:42:23.0106 4464 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:42:23.0106 4464 QWAVEdrv - ok
12:42:23.0122 4464 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:42:23.0122 4464 RasAcd - ok
12:42:23.0169 4464 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:42:23.0169 4464 RasAgileVpn - ok
12:42:23.0184 4464 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:42:23.0184 4464 RasAuto - ok
12:42:23.0215 4464 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:42:23.0215 4464 Rasl2tp - ok
12:42:23.0262 4464 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:42:23.0278 4464 RasMan - ok
12:42:23.0293 4464 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:42:23.0293 4464 RasPppoe - ok
12:42:23.0309 4464 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:42:23.0309 4464 RasSstp - ok
12:42:23.0340 4464 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:42:23.0340 4464 rdbss - ok
12:42:23.0356 4464 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:42:23.0356 4464 rdpbus - ok
12:42:23.0387 4464 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:42:23.0387 4464 RDPCDD - ok
12:42:23.0387 4464 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:42:23.0387 4464 RDPENCDD - ok
12:42:23.0418 4464 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:42:23.0418 4464 RDPREFMP - ok
12:42:23.0434 4464 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:42:23.0449 4464 RDPWD - ok
12:42:23.0481 4464 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:42:23.0481 4464 rdyboost - ok
12:42:23.0543 4464 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:42:23.0559 4464 RegSrvc - ok
12:42:23.0590 4464 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:42:23.0605 4464 RemoteAccess - ok
12:42:23.0621 4464 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:42:23.0621 4464 RemoteRegistry - ok
12:42:23.0668 4464 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:42:23.0668 4464 RFCOMM - ok
12:42:23.0683 4464 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:42:23.0699 4464 RpcEptMapper - ok
12:42:23.0715 4464 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:42:23.0730 4464 RpcLocator - ok
12:42:23.0761 4464 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:42:23.0761 4464 RpcSs - ok
12:42:23.0777 4464 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:42:23.0793 4464 rspndr - ok
12:42:23.0824 4464 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:42:23.0839 4464 RSUSBSTOR - ok
12:42:23.0871 4464 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:42:23.0886 4464 RTL8167 - ok
12:42:23.0886 4464 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:42:23.0886 4464 SamSs - ok
12:42:23.0933 4464 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:42:23.0933 4464 sbp2port - ok
12:42:23.0949 4464 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:42:23.0949 4464 SCardSvr - ok
12:42:23.0980 4464 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:42:23.0980 4464 scfilter - ok
12:42:24.0027 4464 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:42:24.0058 4464 Schedule - ok
12:42:24.0073 4464 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:42:24.0089 4464 SCPolicySvc - ok
12:42:24.0120 4464 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:42:24.0120 4464 SDRSVC - ok
12:42:24.0136 4464 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:42:24.0136 4464 secdrv - ok
12:42:24.0167 4464 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:42:24.0183 4464 seclogon - ok
12:42:24.0198 4464 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:42:24.0214 4464 SENS - ok
12:42:24.0229 4464 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:42:24.0229 4464 SensrSvc - ok
12:42:24.0229 4464 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:42:24.0229 4464 Serenum - ok
12:42:24.0245 4464 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:42:24.0245 4464 Serial - ok
12:42:24.0292 4464 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:42:24.0292 4464 sermouse - ok
12:42:24.0323 4464 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:42:24.0339 4464 SessionEnv - ok
12:42:24.0354 4464 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:42:24.0354 4464 sffdisk - ok
12:42:24.0370 4464 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:42:24.0370 4464 sffp_mmc - ok
12:42:24.0385 4464 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:42:24.0385 4464 sffp_sd - ok
12:42:24.0385 4464 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:42:24.0385 4464 sfloppy - ok
12:42:24.0432 4464 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
12:42:24.0448 4464 Sftfs - ok
12:42:24.0510 4464 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:42:24.0526 4464 sftlist - ok
12:42:24.0541 4464 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:42:24.0541 4464 Sftplay - ok
12:42:24.0557 4464 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:42:24.0557 4464 Sftredir - ok
12:42:24.0635 4464 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:42:24.0666 4464 SftService - ok
12:42:24.0682 4464 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
12:42:24.0697 4464 Sftvol - ok
12:42:24.0713 4464 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:42:24.0713 4464 sftvsa - ok
12:42:24.0744 4464 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:42:24.0744 4464 SharedAccess - ok
12:42:24.0791 4464 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:42:24.0791 4464 ShellHWDetection - ok
12:42:24.0838 4464 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:42:24.0838 4464 SiSRaid2 - ok
12:42:24.0838 4464 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:42:24.0853 4464 SiSRaid4 - ok
12:42:24.0900 4464 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:42:24.0900 4464 SkypeUpdate - ok
12:42:24.0931 4464 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:42:24.0947 4464 Smb - ok
12:42:24.0994 4464 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:42:24.0994 4464 SNMPTRAP - ok
12:42:24.0994 4464 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:42:25.0009 4464 spldr - ok
12:42:25.0041 4464 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:42:25.0056 4464 Spooler - ok
12:42:25.0134 4464 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:42:25.0212 4464 sppsvc - ok
12:42:25.0228 4464 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:42:25.0228 4464 sppuinotify - ok
12:42:25.0259 4464 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:42:25.0259 4464 srv - ok
12:42:25.0306 4464 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:42:25.0306 4464 srv2 - ok
12:42:25.0321 4464 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:42:25.0321 4464 srvnet - ok
12:42:25.0368 4464 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:42:25.0368 4464 SSDPSRV - ok
12:42:25.0384 4464 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:42:25.0399 4464 SstpSvc - ok
12:42:25.0446 4464 [ 463E33B1EA7AF1E6EB87B66B831DB41A ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
12:42:25.0446 4464 STacSV - ok
12:42:25.0462 4464 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:42:25.0477 4464 stexstor - ok
12:42:25.0524 4464 [ 4304B75094E106FB5423A290C95841E5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:42:25.0540 4464 STHDA - ok
12:42:25.0602 4464 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:42:25.0602 4464 stisvc - ok
12:42:25.0649 4464 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:42:25.0649 4464 swenum - ok
12:42:25.0665 4464 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:42:25.0680 4464 swprv - ok
12:42:25.0711 4464 [ 8A3FBCB3D6D4710730D27DA4392A4863 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:42:25.0711 4464 SynTP - ok
12:42:25.0774 4464 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:42:25.0821 4464 SysMain - ok
12:42:25.0852 4464 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:42:25.0852 4464 TabletInputService - ok
12:42:25.0867 4464 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:42:25.0883 4464 TapiSrv - ok
12:42:25.0914 4464 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:42:25.0914 4464 TBS - ok
12:42:25.0992 4464 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:42:26.0023 4464 Tcpip - ok
12:42:26.0086 4464 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:42:26.0101 4464 TCPIP6 - ok
12:42:26.0133 4464 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:42:26.0133 4464 tcpipreg - ok
12:42:26.0148 4464 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:42:26.0148 4464 TDPIPE - ok
12:42:26.0179 4464 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:42:26.0179 4464 TDTCP - ok
12:42:26.0211 4464 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:42:26.0211 4464 tdx - ok
12:42:26.0242 4464 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:42:26.0242 4464 TermDD - ok
12:42:26.0289 4464 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:42:26.0289 4464 TermService - ok
12:42:26.0304 4464 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:42:26.0320 4464 Themes - ok
12:42:26.0351 4464 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:42:26.0351 4464 THREADORDER - ok
12:42:26.0398 4464 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
12:42:26.0398 4464 tmactmon - ok
12:42:26.0445 4464 [ 0BD205E00C93B8CF828301F43164AA51 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
12:42:26.0445 4464 tmcomm - ok
12:42:26.0460 4464 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
12:42:26.0460 4464 tmevtmgr - ok
12:42:26.0538 4464 [ 5922B1F5741BBDBAF7F7B4CBD2B7C4A5 ] tmlwf C:\Windows\system32\DRIVERS\tmlwf.sys
12:42:26.0538 4464 tmlwf - ok
12:42:26.0585 4464 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
12:42:26.0585 4464 tmtdi - ok
12:42:26.0616 4464 [ 0A2E3899CC72AD4CC85EA3D50A5331CC ] tmwfp C:\Windows\system32\DRIVERS\tmwfp.sys
12:42:26.0632 4464 tmwfp - ok
12:42:26.0647 4464 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:42:26.0647 4464 TrkWks - ok
12:42:26.0710 4464 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:42:26.0710 4464 TrustedInstaller - ok
12:42:26.0741 4464 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:42:26.0741 4464 tssecsrv - ok
12:42:26.0788 4464 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:42:26.0788 4464 TsUsbFlt - ok
12:42:26.0850 4464 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:42:26.0850 4464 tunnel - ok
12:42:26.0881 4464 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:42:26.0881 4464 uagp35 - ok
12:42:26.0897 4464 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:42:26.0913 4464 udfs - ok
12:42:26.0944 4464 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:42:26.0944 4464 UI0Detect - ok
12:42:26.0975 4464 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:42:26.0991 4464 uliagpkx - ok
12:42:27.0022 4464 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:42:27.0022 4464 umbus - ok
12:42:27.0037 4464 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:42:27.0037 4464 UmPass - ok
12:42:27.0178 4464 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:42:27.0240 4464 UNS - ok
12:42:27.0287 4464 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:42:27.0287 4464 upnphost - ok
12:42:27.0318 4464 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:42:27.0334 4464 usbaudio - ok
12:42:27.0349 4464 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:42:27.0349 4464 usbccgp - ok
12:42:27.0381 4464 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:42:27.0396 4464 usbcir - ok
12:42:27.0427 4464 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:42:27.0427 4464 usbehci - ok
12:42:27.0443 4464 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:42:27.0459 4464 usbhub - ok
12:42:27.0490 4464 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:42:27.0490 4464 usbohci - ok
12:42:27.0505 4464 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:42:27.0505 4464 usbprint - ok
12:42:27.0537 4464 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:42:27.0537 4464 usbscan - ok
12:42:27.0537 4464 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:42:27.0552 4464 USBSTOR - ok
12:42:27.0552 4464 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:42:27.0568 4464 usbuhci - ok
12:42:27.0599 4464 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:42:27.0599 4464 usbvideo - ok
12:42:27.0615 4464 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:42:27.0630 4464 UxSms - ok
12:42:27.0630 4464 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:42:27.0630 4464 VaultSvc - ok
12:42:27.0693 4464 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:42:27.0693 4464 vdrvroot - ok
12:42:27.0708 4464 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:42:27.0724 4464 vds - ok
12:42:27.0739 4464 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:42:27.0739 4464 vga - ok
12:42:27.0755 4464 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:42:27.0755 4464 VgaSave - ok
12:42:27.0786 4464 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:42:27.0786 4464 vhdmp - ok
12:42:27.0802 4464 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:42:27.0802 4464 viaide - ok
12:42:27.0833 4464 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:42:27.0833 4464 volmgr - ok
12:42:27.0880 4464 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:42:27.0880 4464 volmgrx - ok
12:42:27.0911 4464 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:42:27.0927 4464 volsnap - ok
12:42:27.0958 4464 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:42:27.0958 4464 vsmraid - ok
12:42:28.0005 4464 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:42:28.0036 4464 VSS - ok
12:42:28.0051 4464 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:42:28.0051 4464 vwifibus - ok
12:42:28.0051 4464 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:42:28.0067 4464 vwififlt - ok
12:42:28.0067 4464 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:42:28.0083 4464 vwifimp - ok
12:42:28.0114 4464 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:42:28.0114 4464 W32Time - ok
12:42:28.0129 4464 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:42:28.0129 4464 WacomPen - ok
12:42:28.0145 4464 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:42:28.0145 4464 WANARP - ok
12:42:28.0145 4464 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:42:28.0161 4464 Wanarpv6 - ok
12:42:28.0223 4464 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:42:28.0254 4464 WatAdminSvc - ok
12:42:28.0285 4464 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:42:28.0317 4464 wbengine - ok
12:42:28.0348 4464 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:42:28.0348 4464 WbioSrvc - ok
12:42:28.0379 4464 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:42:28.0395 4464 wcncsvc - ok
12:42:28.0410 4464 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:42:28.0410 4464 WcsPlugInService - ok
12:42:28.0410 4464 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:42:28.0426 4464 Wd - ok
12:42:28.0473 4464 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:42:28.0473 4464 Wdf01000 - ok
12:42:28.0488 4464 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:42:28.0504 4464 WdiServiceHost - ok
12:42:28.0504 4464 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:42:28.0504 4464 WdiSystemHost - ok
12:42:28.0535 4464 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:42:28.0535 4464 WebClient - ok
12:42:28.0566 4464 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:42:28.0566 4464 Wecsvc - ok
12:42:28.0582 4464 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:42:28.0582 4464 wercplsupport - ok
12:42:28.0597 4464 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:42:28.0597 4464 WerSvc - ok
12:42:28.0613 4464 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:42:28.0613 4464 WfpLwf - ok
12:42:28.0675 4464 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
12:42:28.0675 4464 WimFltr - ok
12:42:28.0691 4464 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:42:28.0691 4464 WIMMount - ok
12:42:28.0707 4464 WinDefend - ok
12:42:28.0722 4464 WinHttpAutoProxySvc - ok
12:42:28.0769 4464 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:42:28.0785 4464 Winmgmt - ok
12:42:28.0832 4464 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:42:28.0878 4464 WinRM - ok
12:42:28.0925 4464 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:42:28.0941 4464 Wlansvc - ok
12:42:29.0019 4464 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:42:29.0019 4464 wlcrasvc - ok
12:42:29.0112 4464 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:42:29.0175 4464 wlidsvc - ok
12:42:29.0206 4464 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:42:29.0222 4464 WmiAcpi - ok
12:42:29.0237 4464 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:42:29.0237 4464 wmiApSrv - ok
12:42:29.0284 4464 WMPNetworkSvc - ok
12:42:29.0284 4464 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:42:29.0300 4464 WPCSvc - ok
12:42:29.0315 4464 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:42:29.0331 4464 WPDBusEnum - ok
12:42:29.0331 4464 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:42:29.0346 4464 ws2ifsl - ok
12:42:29.0362 4464 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:42:29.0362 4464 wscsvc - ok
12:42:29.0362 4464 WSearch - ok
12:42:29.0424 4464 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:42:29.0471 4464 wuauserv - ok
12:42:29.0534 4464 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:42:29.0534 4464 WudfPf - ok
12:42:29.0565 4464 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:42:29.0565 4464 WUDFRd - ok
12:42:29.0596 4464 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:42:29.0612 4464 wudfsvc - ok
12:42:29.0627 4464 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:42:29.0627 4464 WwanSvc - ok
12:42:29.0658 4464 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
12:42:29.0658 4464 yukonw7 - ok
12:42:29.0674 4464 ================ Scan global ===============================
12:42:29.0705 4464 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:42:29.0736 4464 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:42:29.0752 4464 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:42:29.0783 4464 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:42:29.0814 4464 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:42:29.0814 4464 [Global] - ok
12:42:29.0814 4464 ================ Scan MBR ==================================
12:42:29.0846 4464 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:42:30.0360 4464 \Device\Harddisk0\DR0 - ok
12:42:30.0360 4464 ================ Scan VBR ==================================
12:42:30.0360 4464 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
12:42:30.0360 4464 \Device\Harddisk0\DR0\Partition1 - ok
12:42:30.0407 4464 [ D3B9373752F8F827FC3E109C5CD4A449 ] \Device\Harddisk0\DR0\Partition2
12:42:30.0407 4464 \Device\Harddisk0\DR0\Partition2 - ok
12:42:30.0407 4464 ============================================================
12:42:30.0407 4464 Scan finished
12:42:30.0407 4464 ============================================================
12:42:30.0407 9220 Detected object count: 0
12:42:30.0407 9220 Actual detected object count: 0
12:43:19.0235 8612 Deinitialize success

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:47 PM

Posted 11 November 2012 - 05:53 PM

Hello, we killed a few redirectors. So how is it now?
Remove these and update Java. See instructions below. You have a 64 bit system.
Java 7 Update 7 (Version: 7.0.70)
Java™ 6 Update 23 (64-bit) (Version: 6.0.230)




Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u9-windows-i586.exe (or jre-7u9-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

Edited by boopme, 11 November 2012 - 05:53 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 JHarts

JHarts
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:47 PM

Posted 11 November 2012 - 06:57 PM

Seems to have fixed everything!! Thanks so much!!!!!

So was it the Project Free TV that did it, even though I wasn't clicking on anything other that "close ad and watch video"?? Just wondering if I need to refrain from visiting that site.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:47 PM

Posted 11 November 2012 - 07:25 PM

It's quite possible. Cannuot say for sure but it looks likely. Many sites have infected scripts that they are unaware of. Some have ,as you said, adware so thats an issue. Avoid any Toolbars that you do not use as they are prone to ad and spyware also.

To mop up here.....
Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.



Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:

You're most welcome!! Thanks for visiting.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users