Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I believe I have Adobe Flash virus?


  • Please log in to reply
28 replies to this topic

#1 grog5150

grog5150

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 15 November 2012 - 07:16 PM

A few days ago i clicked on a link to update adobe flash player which popped up several times in a row. It felt suspicious at the time, and now looking around on the internet, I believe i may be infected with an adobe flash virus. A Windows host error message will appear randomly, and when I open IE, the border will randomly turn white, and the address bar will "double". Can anyone help with this?

IMG]http://i46.tinypic.com/qyskz9.jpg[/img]

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:48 PM

Posted 15 November 2012 - 07:25 PM

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.


Run a scan with Eset.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.




Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

#3 grog5150

grog5150
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 15 November 2012 - 07:26 PM

Operating system is Microsoft Windows Vista Service Pack 2

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:48 PM

Posted 15 November 2012 - 07:30 PM

Operating system is Microsoft Windows Vista Service Pack 2



:thumbup2: Post the logs when ready.

#5 Sito

Sito

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 16 November 2012 - 07:55 AM

I have the same! hope you can help me please!

All scanners I have tried stop working after a minute or so,

also Kaspersky



13:47:22.0061 9044 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:47:22.0838 9044 ============================================================
13:47:22.0838 9044 Current date / time: 2012/11/16 13:47:22.0838
13:47:22.0838 9044 SystemInfo:
13:47:22.0838 9044
13:47:22.0838 9044 OS Version: 6.1.7601 ServicePack: 1.0
13:47:22.0838 9044 Product type: Workstation
13:47:22.0838 9044 ComputerName: SITO-HP
13:47:22.0839 9044 UserName: Sito
13:47:22.0839 9044 Windows directory: C:\Windows
13:47:22.0839 9044 System windows directory: C:\Windows
13:47:22.0839 9044 Running under WOW64
13:47:22.0839 9044 Processor architecture: Intel x64
13:47:22.0839 9044 Number of processors: 2
13:47:22.0839 9044 Page size: 0x1000
13:47:22.0839 9044 Boot type: Normal boot
13:47:22.0840 9044 ============================================================
13:47:24.0410 9044 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:47:24.0435 9044 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:47:24.0438 9044 ============================================================
13:47:24.0438 9044 \Device\Harddisk0\DR0:
13:47:24.0439 9044 MBR partitions:
13:47:24.0439 9044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
13:47:24.0439 9044 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37C35000
13:47:24.0439 9044 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37C99000, BlocksNum 0x1EFD000
13:47:24.0439 9044 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
13:47:24.0439 9044 \Device\Harddisk1\DR1:
13:47:24.0440 9044 MBR partitions:
13:47:24.0440 9044 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
13:47:24.0440 9044 ============================================================
13:47:24.0520 9044 C: <-> \Device\Harddisk0\DR0\Partition2
13:47:24.0734 9044 D: <-> \Device\Harddisk0\DR0\Partition3
13:47:24.0850 9044 E: <-> \Device\Harddisk0\DR0\Partition4
13:47:24.0899 9044 J: <-> \Device\Harddisk1\DR1\Partition1
13:47:24.0899 9044 ============================================================
13:47:24.0899 9044 Initialize success
13:47:24.0899 9044 ============================================================
13:48:14.0559 7888 ============================================================
13:48:14.0559 7888 Scan started
13:48:14.0559 7888 Mode: Manual; TDLFS;
13:48:14.0559 7888 ============================================================
13:48:17.0820 7888 ================ Scan system memory ========================
13:48:17.0820 7888 System memory - ok
13:48:17.0821 7888 ================ Scan services =============================
13:48:18.0402 7888 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:48:18.0416 7888 1394ohci - ok
13:48:18.0756 7888 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:48:18.0773 7888 ACDaemon - ok
13:48:18.0974 7888 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:48:18.0987 7888 ACPI - ok
13:48:19.0043 7888 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:48:19.0055 7888 AcpiPmi - ok
13:48:19.0179 7888 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:48:19.0194 7888 AdobeARMservice - ok
13:48:19.0568 7888 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:48:19.0583 7888 AdobeFlashPlayerUpdateSvc - ok
13:48:19.0669 7888 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:48:19.0678 7888 adp94xx - ok
13:48:19.0741 7888 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:48:19.0757 7888 adpahci - ok
13:48:19.0778 7888 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:48:19.0790 7888 adpu320 - ok
13:48:19.0812 7888 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:48:19.0814 7888 AeLookupSvc - ok
13:48:19.0909 7888 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys
13:48:19.0928 7888 Afc - ok
13:48:20.0060 7888 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:48:20.0068 7888 AFD - ok
13:48:20.0220 7888 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:48:20.0232 7888 agp440 - ok
13:48:20.0274 7888 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:48:20.0293 7888 ALG - ok
13:48:20.0429 7888 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:48:20.0467 7888 aliide - ok
13:48:20.0545 7888 [ 715B02B892C5BA46471EFC8DCD2AE934 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:48:20.0547 7888 AMD External Events Utility - ok
13:48:20.0717 7888 AMD FUEL Service - ok
13:48:20.0827 7888 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:48:20.0837 7888 amdide - ok
13:48:20.0879 7888 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
13:48:20.0882 7888 amdiox64 - ok
13:48:20.0983 7888 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:48:20.0996 7888 AmdK8 - ok
13:48:21.0464 7888 [ 7054D5D028B6CA727D0575192D633FA9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:48:21.0718 7888 amdkmdag - ok
13:48:21.0756 7888 [ 1CD2BC11467FD5FC7BE9827A9F3D8566 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:48:21.0766 7888 amdkmdap - ok
13:48:21.0816 7888 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:48:21.0830 7888 AmdPPM - ok
13:48:21.0889 7888 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:48:21.0895 7888 amdsata - ok
13:48:21.0949 7888 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:48:21.0962 7888 amdsbs - ok
13:48:21.0974 7888 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:48:21.0985 7888 amdxata - ok
13:48:22.0028 7888 [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
13:48:22.0029 7888 amd_sata - ok
13:48:22.0052 7888 [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
13:48:22.0055 7888 amd_xata - ok
13:48:22.0126 7888 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:48:22.0141 7888 AppID - ok
13:48:22.0213 7888 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:48:22.0231 7888 AppIDSvc - ok
13:48:22.0263 7888 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:48:22.0264 7888 Appinfo - ok
13:48:22.0315 7888 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
13:48:22.0319 7888 arc - ok
13:48:22.0328 7888 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:48:22.0330 7888 arcsas - ok
13:48:22.0764 7888 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:48:22.0773 7888 aspnet_state - ok
13:48:22.0864 7888 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:48:22.0883 7888 AsyncMac - ok
13:48:22.0925 7888 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:48:22.0938 7888 atapi - ok
13:48:23.0049 7888 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:48:23.0069 7888 AtiHDAudioService - ok
13:48:23.0204 7888 atillk64 - ok
13:48:23.0294 7888 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:48:23.0300 7888 AudioEndpointBuilder - ok
13:48:23.0314 7888 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:48:23.0320 7888 AudioSrv - ok
13:48:23.0471 7888 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:48:23.0485 7888 AxInstSV - ok
13:48:23.0578 7888 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:48:23.0592 7888 b06bdrv - ok
13:48:23.0673 7888 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:48:23.0688 7888 b57nd60a - ok
13:48:23.0796 7888 [ 849EA7A204F9F77E7B2ADB8699F7BFC8 ] bbcap C:\Windows\system32\DRIVERS\bbcap.sys
13:48:23.0806 7888 bbcap - ok
13:48:23.0941 7888 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
13:48:23.0994 7888 BCM43XX - ok
13:48:24.0024 7888 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:48:24.0028 7888 BDESVC - ok
13:48:24.0127 7888 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:48:24.0147 7888 Beep - ok
13:48:24.0254 7888 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:48:24.0268 7888 BFE - ok
13:48:24.0315 7888 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:48:24.0323 7888 BITS - ok
13:48:24.0376 7888 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:48:24.0414 7888 blbdrive - ok
13:48:24.0502 7888 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:48:24.0510 7888 Bonjour Service - ok
13:48:24.0536 7888 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:48:24.0541 7888 bowser - ok
13:48:24.0563 7888 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:48:24.0566 7888 BrFiltLo - ok
13:48:24.0593 7888 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:48:24.0595 7888 BrFiltUp - ok
13:48:24.0636 7888 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:48:24.0638 7888 Browser - ok
13:48:24.0694 7888 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:48:24.0709 7888 Brserid - ok
13:48:24.0729 7888 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:48:24.0750 7888 BrSerWdm - ok
13:48:24.0757 7888 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:48:24.0759 7888 BrUsbMdm - ok
13:48:24.0765 7888 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:48:24.0767 7888 BrUsbSer - ok
13:48:24.0775 7888 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:48:24.0778 7888 BTHMODEM - ok
13:48:24.0851 7888 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:48:24.0856 7888 bthserv - ok
13:48:24.0876 7888 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:48:24.0889 7888 cdfs - ok
13:48:25.0013 7888 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:48:25.0039 7888 cdrom - ok
13:48:25.0112 7888 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:48:25.0115 7888 CertPropSvc - ok
13:48:25.0202 7888 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
13:48:25.0206 7888 cfwids - ok
13:48:25.0276 7888 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
13:48:25.0284 7888 circlass - ok
13:48:25.0320 7888 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:48:25.0341 7888 CLFS - ok
13:48:25.0576 7888 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:48:25.0587 7888 clr_optimization_v2.0.50727_32 - ok
13:48:25.0672 7888 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:48:25.0676 7888 clr_optimization_v2.0.50727_64 - ok
13:48:25.0913 7888 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:48:25.0918 7888 clr_optimization_v4.0.30319_32 - ok
13:48:25.0994 7888 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:48:25.0997 7888 clr_optimization_v4.0.30319_64 - ok
13:48:26.0049 7888 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
13:48:26.0068 7888 clwvd - ok
13:48:26.0108 7888 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:48:26.0111 7888 CmBatt - ok
13:48:26.0126 7888 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:48:26.0143 7888 cmdide - ok
13:48:26.0185 7888 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:48:26.0193 7888 CNG - ok
13:48:26.0214 7888 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:48:26.0217 7888 Compbatt - ok
13:48:26.0246 7888 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:48:26.0248 7888 CompositeBus - ok
13:48:26.0260 7888 COMSysApp - ok
13:48:26.0272 7888 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:48:26.0276 7888 crcdisk - ok
13:48:26.0336 7888 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
13:48:26.0340 7888 Creative ALchemy AL6 Licensing Service - ok
13:48:26.0402 7888 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
13:48:26.0422 7888 Creative Audio Engine Licensing Service - ok
13:48:26.0507 7888 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:48:26.0515 7888 CryptSvc - ok
13:48:26.0666 7888 [ 1B8194450EB013CB6E79CE5503D1B0B5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
13:48:26.0669 7888 CTAudSvcService - ok
13:48:26.0745 7888 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:48:26.0751 7888 DcomLaunch - ok
13:48:26.0785 7888 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:48:26.0791 7888 defragsvc - ok
13:48:26.0804 7888 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:48:26.0808 7888 DfsC - ok
13:48:26.0828 7888 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:48:26.0831 7888 Dhcp - ok
13:48:26.0858 7888 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:48:26.0862 7888 discache - ok
13:48:26.0916 7888 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
13:48:26.0919 7888 Disk - ok
13:48:26.0945 7888 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:48:26.0949 7888 Dnscache - ok
13:48:26.0978 7888 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:48:26.0984 7888 dot3svc - ok
13:48:27.0018 7888 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:48:27.0024 7888 DPS - ok
13:48:27.0061 7888 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:48:27.0064 7888 drmkaud - ok
13:48:27.0098 7888 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:48:27.0145 7888 DXGKrnl - ok
13:48:27.0179 7888 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:48:27.0182 7888 EapHost - ok
13:48:27.0268 7888 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:48:27.0340 7888 ebdrv - ok
13:48:27.0380 7888 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:48:27.0383 7888 EFS - ok
13:48:27.0453 7888 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:48:27.0477 7888 ehRecvr - ok
13:48:27.0529 7888 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:48:27.0533 7888 ehSched - ok
13:48:27.0630 7888 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
13:48:27.0633 7888 ElbyCDIO - ok
13:48:27.0714 7888 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:48:27.0737 7888 elxstor - ok
13:48:27.0749 7888 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:48:27.0753 7888 ErrDev - ok
13:48:27.0898 7888 [ DF96C3CD6AE15F6D0A6BCB70F9C1E88D ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
13:48:27.0900 7888 esgiguard - ok
13:48:27.0940 7888 [ 3B32CAA07D672F8A2E0DF5CB3A873F45 ] EsgScanner C:\Windows\system32\DRIVERS\EsgScanner.sys
13:48:27.0941 7888 EsgScanner - ok
13:48:27.0998 7888 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:48:28.0003 7888 EventSystem - ok
13:48:28.0055 7888 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:48:28.0062 7888 exfat - ok
13:48:28.0086 7888 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:48:28.0092 7888 fastfat - ok
13:48:28.0135 7888 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:48:28.0159 7888 Fax - ok
13:48:28.0236 7888 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
13:48:28.0240 7888 fdc - ok
13:48:28.0273 7888 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:48:28.0275 7888 fdPHost - ok
13:48:28.0292 7888 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:48:28.0294 7888 FDResPub - ok
13:48:28.0317 7888 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:48:28.0320 7888 FileInfo - ok
13:48:28.0340 7888 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:48:28.0343 7888 Filetrace - ok
13:48:28.0360 7888 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:48:28.0365 7888 flpydisk - ok
13:48:28.0425 7888 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:48:28.0435 7888 FltMgr - ok
13:48:28.0646 7888 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:48:28.0656 7888 FontCache - ok
13:48:28.0779 7888 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:48:28.0792 7888 FontCache3.0.0.0 - ok
13:48:28.0918 7888 [ 37C2FF67A2565286F1C1C1072BE74678 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
13:48:28.0929 7888 Freemake Improver - ok
13:48:28.0981 7888 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:48:28.0998 7888 FsDepends - ok
13:48:29.0022 7888 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:48:29.0026 7888 Fs_Rec - ok
13:48:29.0055 7888 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:48:29.0061 7888 fvevol - ok
13:48:29.0086 7888 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:48:29.0099 7888 gagp30kx - ok
13:48:29.0169 7888 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:48:29.0176 7888 gpsvc - ok
13:48:29.0331 7888 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:48:29.0333 7888 gupdate - ok
13:48:29.0350 7888 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:48:29.0351 7888 gupdatem - ok
13:48:29.0430 7888 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:48:29.0445 7888 hcw85cir - ok
13:48:29.0477 7888 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:48:29.0483 7888 HdAudAddService - ok
13:48:29.0502 7888 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:48:29.0507 7888 HDAudBus - ok
13:48:29.0514 7888 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:48:29.0516 7888 HidBatt - ok
13:48:29.0524 7888 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:48:29.0528 7888 HidBth - ok
13:48:29.0569 7888 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:48:29.0572 7888 HidIr - ok
13:48:29.0592 7888 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:48:29.0596 7888 hidserv - ok
13:48:29.0642 7888 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:48:29.0645 7888 HidUsb - ok
13:48:29.0748 7888 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
13:48:29.0768 7888 HipShieldK - ok
13:48:29.0801 7888 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:48:29.0831 7888 hkmsvc - ok
13:48:29.0862 7888 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:48:29.0865 7888 HomeGroupListener - ok
13:48:29.0890 7888 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:48:29.0894 7888 HomeGroupProvider - ok
13:48:30.0037 7888 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
13:48:30.0043 7888 HP Support Assistant Service - ok
13:48:30.0145 7888 [ 9BFDA0BC109EB6D16F2CB862BB85E28C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
13:48:30.0168 7888 HPDrvMntSvc.exe - ok
13:48:30.0287 7888 [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
13:48:30.0322 7888 hpqwmiex - ok
13:48:30.0398 7888 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:48:30.0414 7888 HpSAMD - ok
13:48:30.0594 7888 [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
13:48:30.0596 7888 HPWMISVC - ok
13:48:30.0636 7888 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:48:30.0674 7888 HTTP - ok
13:48:30.0697 7888 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:48:30.0700 7888 hwpolicy - ok
13:48:30.0812 7888 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:48:30.0827 7888 i8042prt - ok
13:48:30.0882 7888 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:48:30.0907 7888 iaStorV - ok
13:48:31.0084 7888 [ 2C3CC41FEFCB77E2826886E6B7EF93AE ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
13:48:31.0099 7888 IconMan_R - ok
13:48:31.0197 7888 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:48:31.0209 7888 idsvc - ok
13:48:31.0262 7888 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:48:31.0281 7888 iirsp - ok
13:48:31.0411 7888 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
13:48:31.0428 7888 IJPLMSVC - ok
13:48:31.0472 7888 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:48:31.0481 7888 IKEEXT - ok
13:48:31.0528 7888 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:48:31.0531 7888 intelide - ok
13:48:31.0589 7888 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
13:48:31.0601 7888 intelppm - ok
13:48:31.0632 7888 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:48:31.0649 7888 IPBusEnum - ok
13:48:31.0658 7888 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:48:31.0661 7888 IpFilterDriver - ok
13:48:31.0703 7888 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:48:31.0709 7888 iphlpsvc - ok
13:48:31.0741 7888 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:48:31.0744 7888 IPMIDRV - ok
13:48:31.0758 7888 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:48:31.0762 7888 IPNAT - ok
13:48:31.0804 7888 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:48:31.0808 7888 IRENUM - ok
13:48:31.0821 7888 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:48:31.0844 7888 isapnp - ok
13:48:31.0878 7888 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:48:31.0897 7888 iScsiPrt - ok
13:48:31.0954 7888 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:48:31.0956 7888 kbdclass - ok
13:48:31.0977 7888 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:48:31.0994 7888 kbdhid - ok
13:48:32.0035 7888 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:48:32.0037 7888 KeyIso - ok
13:48:32.0084 7888 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:48:32.0100 7888 KSecDD - ok
13:48:32.0139 7888 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:48:32.0163 7888 KSecPkg - ok
13:48:32.0246 7888 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:48:32.0255 7888 ksthunk - ok
13:48:32.0286 7888 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:48:32.0294 7888 KtmRm - ok
13:48:32.0383 7888 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:48:32.0397 7888 LanmanServer - ok
13:48:32.0421 7888 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:48:32.0426 7888 LanmanWorkstation - ok
13:48:32.0587 7888 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:48:32.0590 7888 lltdio - ok
13:48:32.0629 7888 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:48:32.0643 7888 lltdsvc - ok
13:48:32.0669 7888 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:48:32.0671 7888 lmhosts - ok
13:48:32.0730 7888 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:48:32.0740 7888 LSI_FC - ok
13:48:32.0788 7888 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:48:32.0792 7888 LSI_SAS - ok
13:48:32.0798 7888 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:48:32.0801 7888 LSI_SAS2 - ok
13:48:32.0814 7888 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:48:32.0836 7888 LSI_SCSI - ok
13:48:32.0862 7888 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:48:32.0869 7888 luafv - ok
13:48:32.0929 7888 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:48:32.0932 7888 MBAMProtector - ok
13:48:32.0983 7888 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:48:32.0992 7888 MBAMScheduler - ok
13:48:33.0040 7888 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:48:33.0063 7888 MBAMService - ok
13:48:33.0180 7888 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:48:33.0188 7888 McAfee SiteAdvisor Service - ok
13:48:33.0199 7888 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:48:33.0201 7888 McMPFSvc - ok
13:48:33.0250 7888 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:48:33.0253 7888 mcmscsvc - ok
13:48:33.0289 7888 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:48:33.0292 7888 McNaiAnn - ok
13:48:33.0315 7888 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:48:33.0318 7888 McNASvc - ok
13:48:33.0417 7888 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
13:48:33.0430 7888 McODS - ok
13:48:33.0466 7888 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:48:33.0468 7888 McProxy - ok
13:48:33.0538 7888 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

Edited by Sito, 16 November 2012 - 07:57 AM.


#6 grog5150

grog5150
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 16 November 2012 - 08:00 AM

1. TDSSKiller LOG

19:27:17.0536 2180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:27:17.0989 2180 ============================================================
19:27:17.0989 2180 Current date / time: 2012/11/15 19:27:17.0989
19:27:17.0989 2180 SystemInfo:
19:27:17.0989 2180
19:27:17.0989 2180 OS Version: 6.0.6002 ServicePack: 2.0
19:27:17.0989 2180 Product type: Workstation
19:27:17.0989 2180 ComputerName: MISSY-PC
19:27:17.0989 2180 UserName: Joe
19:27:17.0989 2180 Windows directory: C:\Windows
19:27:17.0989 2180 System windows directory: C:\Windows
19:27:17.0989 2180 Processor architecture: Intel x86
19:27:17.0989 2180 Number of processors: 2
19:27:17.0989 2180 Page size: 0x1000
19:27:17.0989 2180 Boot type: Normal boot
19:27:17.0989 2180 ============================================================
19:27:18.0925 2180 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:27:18.0925 2180 ============================================================
19:27:18.0925 2180 \Device\Harddisk0\DR0:
19:27:18.0925 2180 MBR partitions:
19:27:18.0925 2180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000
19:27:18.0925 2180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x1BD90800
19:27:18.0925 2180 ============================================================
19:27:18.0971 2180 C: <-> \Device\Harddisk0\DR0\Partition2
19:27:19.0003 2180 D: <-> \Device\Harddisk0\DR0\Partition1
19:27:19.0003 2180 ============================================================
19:27:19.0003 2180 Initialize success
19:27:19.0003 2180 ============================================================
19:27:40.0063 1520 ============================================================
19:27:40.0063 1520 Scan started
19:27:40.0063 1520 Mode: Manual; TDLFS;
19:27:40.0063 1520 ============================================================
19:27:40.0297 1520 ================ Scan system memory ========================
19:27:40.0297 1520 System memory - ok
19:27:40.0297 1520 ================ Scan services =============================
19:27:40.0671 1520 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:27:40.0671 1520 ACPI - ok
19:27:40.0780 1520 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:27:40.0780 1520 AdobeARMservice - ok
19:27:40.0858 1520 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:27:40.0858 1520 AdobeFlashPlayerUpdateSvc - ok
19:27:40.0936 1520 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:27:40.0936 1520 adp94xx - ok
19:27:40.0967 1520 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:27:40.0967 1520 adpahci - ok
19:27:40.0999 1520 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:27:40.0999 1520 adpu160m - ok
19:27:41.0045 1520 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:27:41.0045 1520 adpu320 - ok
19:27:41.0092 1520 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:27:41.0092 1520 AeLookupSvc - ok
19:27:41.0123 1520 [ 330A1E4DF07C2E29949ED8631CD8828E ] AERTFilters C:\Windows\system32\AERTSrv.exe
19:27:41.0123 1520 AERTFilters - ok
19:27:41.0170 1520 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:27:41.0170 1520 AFD - ok
19:27:41.0233 1520 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:27:41.0233 1520 agp440 - ok
19:27:41.0264 1520 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:27:41.0264 1520 aic78xx - ok
19:27:41.0498 1520 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files\common files\akamai/netsession_win_ce5ba24.dll
19:27:41.0498 1520 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
19:27:41.0529 1520 Akamai ( HiddenFile.Multi.Generic ) - warning
19:27:41.0529 1520 Akamai - detected HiddenFile.Multi.Generic (1)
19:27:41.0576 1520 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:27:41.0576 1520 ALG - ok
19:27:41.0638 1520 [ DC67A153FDB8105B25D05334B5E1D8E2 ] aliide C:\Windows\system32\drivers\aliide.sys
19:27:41.0638 1520 aliide - ok
19:27:41.0685 1520 [ C5DBBCDA07D780BDA9B685DF333BB41E ] amacpi C:\Windows\system32\DRIVERS\null.sys
19:27:41.0685 1520 amacpi - ok
19:27:41.0716 1520 [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:27:41.0716 1520 amdagp - ok
19:27:41.0747 1520 [ 835C4C3355088298A5EBD818FA31430F ] amdide C:\Windows\system32\drivers\amdide.sys
19:27:41.0747 1520 amdide - ok
19:27:41.0779 1520 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:27:41.0779 1520 AmdK7 - ok
19:27:41.0825 1520 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:27:41.0825 1520 AmdK8 - ok
19:27:41.0872 1520 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:27:41.0872 1520 Appinfo - ok
19:27:41.0919 1520 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:27:41.0919 1520 Apple Mobile Device - ok
19:27:41.0966 1520 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
19:27:41.0966 1520 arc - ok
19:27:41.0997 1520 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:27:41.0997 1520 arcsas - ok
19:27:42.0044 1520 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:27:42.0044 1520 AsyncMac - ok
19:27:42.0075 1520 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
19:27:42.0091 1520 atapi - ok
19:27:42.0122 1520 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:27:42.0122 1520 AudioEndpointBuilder - ok
19:27:42.0137 1520 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:27:42.0137 1520 Audiosrv - ok
19:27:42.0184 1520 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:27:42.0184 1520 Beep - ok
19:27:42.0215 1520 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:27:42.0215 1520 BFE - ok
19:27:42.0262 1520 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
19:27:42.0278 1520 BITS - ok
19:27:42.0278 1520 blbdrive - ok
19:27:42.0340 1520 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:27:42.0340 1520 Bonjour Service - ok
19:27:42.0371 1520 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:27:42.0371 1520 bowser - ok
19:27:42.0418 1520 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:27:42.0418 1520 BrFiltLo - ok
19:27:42.0434 1520 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:27:42.0434 1520 BrFiltUp - ok
19:27:42.0481 1520 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:27:42.0481 1520 Browser - ok
19:27:42.0496 1520 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:27:42.0496 1520 Brserid - ok
19:27:42.0527 1520 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:27:42.0527 1520 BrSerWdm - ok
19:27:42.0543 1520 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:27:42.0543 1520 BrUsbMdm - ok
19:27:42.0574 1520 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:27:42.0574 1520 BrUsbSer - ok
19:27:42.0621 1520 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:27:42.0621 1520 BTHMODEM - ok
19:27:42.0683 1520 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
19:27:42.0683 1520 BthServ - ok
19:27:42.0730 1520 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:27:42.0730 1520 cdfs - ok
19:27:42.0761 1520 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:27:42.0761 1520 cdrom - ok
19:27:42.0808 1520 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:27:42.0808 1520 CertPropSvc - ok
19:27:42.0902 1520 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
19:27:42.0902 1520 circlass - ok
19:27:42.0949 1520 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:27:42.0949 1520 CLFS - ok
19:27:43.0011 1520 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:27:43.0027 1520 clr_optimization_v2.0.50727_32 - ok
19:27:43.0105 1520 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:27:43.0105 1520 clr_optimization_v4.0.30319_32 - ok
19:27:43.0151 1520 [ E79CBB2195E965F6E3256E2C1B23FD1C ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:27:43.0151 1520 cmdide - ok
19:27:43.0183 1520 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:27:43.0183 1520 Compbatt - ok
19:27:43.0198 1520 COMSysApp - ok
19:27:43.0245 1520 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:27:43.0245 1520 crcdisk - ok
19:27:43.0292 1520 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:27:43.0292 1520 Crusoe - ok
19:27:43.0354 1520 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:27:43.0354 1520 CryptSvc - ok
19:27:43.0417 1520 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:27:43.0417 1520 DcomLaunch - ok
19:27:43.0463 1520 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:27:43.0463 1520 DfsC - ok
19:27:43.0557 1520 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:27:43.0573 1520 DFSR - ok
19:27:43.0635 1520 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:27:43.0635 1520 Dhcp - ok
19:27:43.0666 1520 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:27:43.0666 1520 disk - ok
19:27:43.0697 1520 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:27:43.0697 1520 Dnscache - ok
19:27:43.0744 1520 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:27:43.0744 1520 dot3svc - ok
19:27:43.0775 1520 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:27:43.0791 1520 DPS - ok
19:27:43.0838 1520 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:27:43.0838 1520 drmkaud - ok
19:27:43.0885 1520 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:27:43.0885 1520 DXGKrnl - ok
19:27:43.0963 1520 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
19:27:43.0963 1520 e1express - ok
19:27:44.0009 1520 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:27:44.0009 1520 E1G60 - ok
19:27:44.0056 1520 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:27:44.0056 1520 EapHost - ok
19:27:44.0087 1520 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:27:44.0087 1520 Ecache - ok
19:27:44.0134 1520 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:27:44.0134 1520 ehRecvr - ok
19:27:44.0165 1520 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:27:44.0165 1520 ehSched - ok
19:27:44.0212 1520 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:27:44.0212 1520 ehstart - ok
19:27:44.0259 1520 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:27:44.0259 1520 elxstor - ok
19:27:44.0321 1520 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:27:44.0321 1520 EMDMgmt - ok
19:27:44.0384 1520 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:27:44.0384 1520 EventSystem - ok
19:27:44.0446 1520 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:27:44.0446 1520 exfat - ok
19:27:44.0493 1520 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:27:44.0493 1520 fastfat - ok
19:27:44.0540 1520 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:27:44.0540 1520 fdc - ok
19:27:44.0571 1520 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:27:44.0571 1520 fdPHost - ok
19:27:44.0618 1520 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:27:44.0618 1520 FDResPub - ok
19:27:44.0649 1520 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:27:44.0649 1520 FileInfo - ok
19:27:44.0680 1520 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:27:44.0680 1520 Filetrace - ok
19:27:44.0711 1520 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:27:44.0711 1520 flpydisk - ok
19:27:44.0758 1520 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:27:44.0758 1520 FltMgr - ok
19:27:44.0821 1520 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:27:44.0821 1520 FontCache - ok
19:27:44.0883 1520 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:27:44.0883 1520 FontCache3.0.0.0 - ok
19:27:44.0914 1520 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:27:44.0914 1520 Fs_Rec - ok
19:27:44.0977 1520 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:27:44.0977 1520 gagp30kx - ok
19:27:45.0023 1520 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
19:27:45.0023 1520 GEARAspiWDM - ok
19:27:45.0070 1520 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
19:27:45.0070 1520 GoToAssist - ok
19:27:45.0117 1520 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:27:45.0133 1520 gpsvc - ok
19:27:45.0195 1520 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:27:45.0195 1520 HDAudBus - ok
19:27:45.0242 1520 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:27:45.0242 1520 HidBth - ok
19:27:45.0273 1520 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:27:45.0273 1520 HidIr - ok
19:27:45.0320 1520 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
19:27:45.0320 1520 hidserv - ok
19:27:45.0351 1520 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:27:45.0351 1520 HidUsb - ok
19:27:45.0398 1520 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:27:45.0398 1520 hkmsvc - ok
19:27:45.0429 1520 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:27:45.0429 1520 HpCISSs - ok
19:27:45.0476 1520 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:27:45.0476 1520 HTTP - ok
19:27:45.0491 1520 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:27:45.0507 1520 i2omp - ok
19:27:45.0554 1520 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:27:45.0554 1520 i8042prt - ok
19:27:45.0585 1520 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:27:45.0585 1520 iaStorV - ok
19:27:45.0725 1520 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:27:45.0725 1520 IDriverT - ok
19:27:45.0803 1520 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:27:45.0819 1520 idsvc - ok
19:27:45.0850 1520 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:27:45.0850 1520 iirsp - ok
19:27:45.0897 1520 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:27:45.0913 1520 IKEEXT - ok
19:27:46.0069 1520 [ F8F53C5449F15B23D4C61D51D2701DA8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:27:46.0100 1520 IntcAzAudAddService - ok
19:27:46.0131 1520 [ 0084046C084D68E494F8CF36BCF08186 ] intelide C:\Windows\system32\drivers\intelide.sys
19:27:46.0147 1520 intelide - ok
19:27:46.0178 1520 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:27:46.0193 1520 intelppm - ok
19:27:46.0225 1520 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:27:46.0225 1520 IPBusEnum - ok
19:27:46.0271 1520 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:27:46.0271 1520 IpFilterDriver - ok
19:27:46.0318 1520 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:27:46.0318 1520 iphlpsvc - ok
19:27:46.0334 1520 IpInIp - ok
19:27:46.0381 1520 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:27:46.0381 1520 IPMIDRV - ok
19:27:46.0427 1520 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:27:46.0427 1520 IPNAT - ok
19:27:46.0459 1520 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:27:46.0459 1520 IRENUM - ok
19:27:46.0490 1520 [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:27:46.0505 1520 isapnp - ok
19:27:46.0537 1520 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:27:46.0537 1520 iScsiPrt - ok
19:27:46.0583 1520 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:27:46.0583 1520 iteatapi - ok
19:27:46.0615 1520 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:27:46.0615 1520 iteraid - ok
19:27:46.0661 1520 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:27:46.0661 1520 kbdclass - ok
19:27:46.0693 1520 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:27:46.0693 1520 kbdhid - ok
19:27:46.0739 1520 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:27:46.0739 1520 KeyIso - ok
19:27:46.0771 1520 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:27:46.0771 1520 KSecDD - ok
19:27:46.0817 1520 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:27:46.0833 1520 KtmRm - ok
19:27:46.0864 1520 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
19:27:46.0864 1520 LanmanServer - ok
19:27:46.0911 1520 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:27:46.0911 1520 LanmanWorkstation - ok
19:27:46.0942 1520 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:27:46.0942 1520 lltdio - ok
19:27:46.0973 1520 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:27:46.0973 1520 lltdsvc - ok
19:27:47.0005 1520 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:27:47.0005 1520 lmhosts - ok
19:27:47.0051 1520 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:27:47.0051 1520 LSI_FC - ok
19:27:47.0067 1520 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:27:47.0067 1520 LSI_SAS - ok
19:27:47.0067 1520 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:27:47.0083 1520 LSI_SCSI - ok
19:27:47.0114 1520 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:27:47.0114 1520 luafv - ok
19:27:47.0145 1520 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:27:47.0145 1520 MBAMProtector - ok
19:27:47.0176 1520 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:27:47.0192 1520 MBAMScheduler - ok
19:27:47.0223 1520 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:27:47.0223 1520 MBAMService - ok
19:27:47.0270 1520 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
19:27:47.0270 1520 MBAMSwissArmy - ok
19:27:47.0301 1520 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:27:47.0301 1520 Mcx2Svc - ok
19:27:47.0332 1520 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
19:27:47.0332 1520 megasas - ok
19:27:47.0363 1520 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:27:47.0363 1520 MMCSS - ok
19:27:47.0395 1520 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:27:47.0395 1520 Modem - ok
19:27:47.0441 1520 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:27:47.0441 1520 monitor - ok
19:27:47.0473 1520 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:27:47.0473 1520 mouclass - ok
19:27:47.0519 1520 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:27:47.0519 1520 mouhid - ok
19:27:47.0535 1520 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:27:47.0535 1520 MountMgr - ok
19:27:47.0566 1520 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:27:47.0582 1520 MpFilter - ok
19:27:47.0597 1520 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
19:27:47.0613 1520 mpio - ok
19:27:47.0722 1520 [ A69630D039C38018689190234F866D77 ] MpKsl19471e9c c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B9B77D94-17D0-4075-83E2-3861A639D9BA}\MpKsl19471e9c.sys
19:27:47.0722 1520 MpKsl19471e9c - ok
19:27:47.0753 1520 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:27:47.0753 1520 mpsdrv - ok
19:27:47.0785 1520 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:27:47.0800 1520 MpsSvc - ok
19:27:47.0847 1520 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:27:47.0847 1520 Mraid35x - ok
19:27:47.0894 1520 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:27:47.0894 1520 MRxDAV - ok
19:27:47.0909 1520 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:27:47.0909 1520 mrxsmb - ok
19:27:47.0956 1520 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:27:47.0956 1520 mrxsmb10 - ok
19:27:47.0972 1520 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:27:47.0972 1520 mrxsmb20 - ok
19:27:48.0003 1520 [ D420BC42A637AC3CC4F411220549C0DC ] msahci C:\Windows\system32\drivers\msahci.sys
19:27:48.0003 1520 msahci - ok
19:27:48.0034 1520 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:27:48.0034 1520 msdsm - ok
19:27:48.0081 1520 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:27:48.0081 1520 MSDTC - ok
19:27:48.0112 1520 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:27:48.0112 1520 Msfs - ok
19:27:48.0143 1520 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:27:48.0143 1520 msisadrv - ok
19:27:48.0190 1520 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:27:48.0190 1520 MSiSCSI - ok
19:27:48.0206 1520 msiserver - ok
19:27:48.0253 1520 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:27:48.0253 1520 MSKSSRV - ok
19:27:48.0299 1520 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:27:48.0299 1520 MsMpSvc - ok
19:27:48.0331 1520 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:27:48.0331 1520 MSPCLOCK - ok
19:27:48.0362 1520 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:27:48.0362 1520 MSPQM - ok
19:27:48.0409 1520 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:27:48.0409 1520 MsRPC - ok
19:27:48.0455 1520 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:27:48.0455 1520 mssmbios - ok
19:27:48.0502 1520 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:27:48.0502 1520 MSTEE - ok
19:27:48.0533 1520 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:27:48.0533 1520 Mup - ok
19:27:48.0580 1520 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:27:48.0596 1520 napagent - ok
19:27:48.0643 1520 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:27:48.0643 1520 NativeWifiP - ok
19:27:48.0752 1520 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:27:48.0752 1520 NDIS - ok
19:27:48.0814 1520 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:27:48.0814 1520 NdisTapi - ok
19:27:48.0877 1520 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:27:48.0877 1520 Ndisuio - ok
19:27:48.0908 1520 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:27:48.0908 1520 NdisWan - ok
19:27:48.0939 1520 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:27:48.0939 1520 NDProxy - ok
19:27:48.0955 1520 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:27:48.0955 1520 NetBIOS - ok
19:27:48.0986 1520 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:27:48.0986 1520 netbt - ok
19:27:49.0001 1520 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:27:49.0001 1520 Netlogon - ok
19:27:49.0033 1520 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:27:49.0033 1520 Netman - ok
19:27:49.0079 1520 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:27:49.0079 1520 netprofm - ok
19:27:49.0111 1520 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:27:49.0111 1520 NetTcpPortSharing - ok
19:27:49.0142 1520 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:27:49.0142 1520 nfrd960 - ok
19:27:49.0173 1520 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:27:49.0173 1520 NisDrv - ok
19:27:49.0204 1520 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:27:49.0204 1520 NisSrv - ok
19:27:49.0235 1520 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:27:49.0251 1520 NlaSvc - ok
19:27:49.0282 1520 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:27:49.0282 1520 Npfs - ok
19:27:49.0298 1520 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:27:49.0298 1520 nsi - ok
19:27:49.0329 1520 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:27:49.0345 1520 nsiproxy - ok
19:27:49.0391 1520 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:27:49.0391 1520 Ntfs - ok
19:27:49.0423 1520 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:27:49.0423 1520 ntrigdigi - ok
19:27:49.0438 1520 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:27:49.0438 1520 Null - ok
19:27:49.0501 1520 [ 19055A1C1076EF48E738D26EA7FB8017 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
19:27:49.0516 1520 NVENETFD - ok
19:27:49.0891 1520 [ AFB33A823AABC112FC7BD62AFBCDB0CD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:27:49.0969 1520 nvlddmkm - ok
19:27:50.0015 1520 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:27:50.0015 1520 nvraid - ok
19:27:50.0047 1520 [ 4A5FCAB82D9BF6AF8A023A66802FE9E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:27:50.0047 1520 nvstor - ok
19:27:50.0078 1520 [ DC5F166422BEEBF195E3E4BB8AB4EE22 ] nvstor32 C:\Windows\system32\DRIVERS\nvstor32.sys
19:27:50.0078 1520 nvstor32 - ok
19:27:50.0125 1520 [ 782945716AD010AC3D41758E8E52C735 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:27:50.0140 1520 nvsvc - ok
19:27:50.0249 1520 [ A974E5C310B9B00894070CEB055D467F ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:27:50.0265 1520 nvUpdatusService - ok
19:27:50.0296 1520 [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:27:50.0296 1520 nv_agp - ok
19:27:50.0312 1520 NwlnkFlt - ok
19:27:50.0327 1520 NwlnkFwd - ok
19:27:50.0359 1520 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:27:50.0359 1520 ohci1394 - ok
19:27:50.0421 1520 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:27:50.0421 1520 ose - ok
19:27:50.0499 1520 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:27:50.0515 1520 p2pimsvc - ok
19:27:50.0577 1520 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:27:50.0577 1520 p2psvc - ok
19:27:50.0624 1520 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:27:50.0624 1520 Parport - ok
19:27:50.0655 1520 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:27:50.0671 1520 partmgr - ok
19:27:50.0702 1520 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:27:50.0717 1520 Parvdm - ok
19:27:50.0749 1520 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:27:50.0764 1520 PcaSvc - ok
19:27:50.0795 1520 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:27:50.0795 1520 pci - ok
19:27:50.0811 1520 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
19:27:50.0811 1520 pciide - ok
19:27:50.0858 1520 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:27:50.0858 1520 pcmcia - ok
19:27:50.0905 1520 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:27:50.0920 1520 PEAUTH - ok
19:27:51.0014 1520 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:27:51.0029 1520 pla - ok
19:27:51.0092 1520 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:27:51.0092 1520 PlugPlay - ok
19:27:51.0107 1520 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:27:51.0123 1520 PNRPAutoReg - ok
19:27:51.0154 1520 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:27:51.0154 1520 PNRPsvc - ok
19:27:51.0170 1520 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:27:51.0185 1520 PolicyAgent - ok
19:27:51.0217 1520 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:27:51.0217 1520 PptpMiniport - ok
19:27:51.0248 1520 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
19:27:51.0248 1520 Processor - ok
19:27:51.0295 1520 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:27:51.0295 1520 ProfSvc - ok
19:27:51.0295 1520 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:27:51.0295 1520 ProtectedStorage - ok
19:27:51.0326 1520 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:27:51.0326 1520 PSched - ok
19:27:51.0357 1520 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
19:27:51.0357 1520 PxHelp20 - ok
19:27:51.0404 1520 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:27:51.0419 1520 ql2300 - ok
19:27:51.0451 1520 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:27:51.0466 1520 ql40xx - ok
19:27:51.0513 1520 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:27:51.0513 1520 QWAVE - ok
19:27:51.0560 1520 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:27:51.0560 1520 QWAVEdrv - ok
19:27:51.0653 1520 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
19:27:51.0669 1520 R300 - ok
19:27:51.0731 1520 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
19:27:51.0731 1520 RapiMgr - ok
19:27:51.0763 1520 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:27:51.0763 1520 RasAcd - ok
19:27:51.0794 1520 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:27:51.0809 1520 RasAuto - ok
19:27:51.0825 1520 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:27:51.0825 1520 Rasl2tp - ok
19:27:51.0872 1520 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:27:51.0872 1520 RasMan - ok
19:27:51.0903 1520 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:27:51.0903 1520 RasPppoe - ok
19:27:51.0934 1520 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:27:51.0934 1520 RasSstp - ok
19:27:51.0965 1520 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:27:51.0965 1520 rdbss - ok
19:27:51.0997 1520 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:27:51.0997 1520 RDPCDD - ok
19:27:52.0043 1520 [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:27:52.0043 1520 rdpdr - ok
19:27:52.0043 1520 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:27:52.0043 1520 RDPENCDD - ok
19:27:52.0106 1520 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:27:52.0106 1520 RDPWD - ok
19:27:52.0153 1520 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:27:52.0153 1520 RemoteAccess - ok
19:27:52.0184 1520 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:27:52.0184 1520 RemoteRegistry - ok
19:27:52.0309 1520 [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
19:27:52.0324 1520 RoxMediaDB9 - ok
19:27:52.0402 1520 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
19:27:52.0402 1520 RoxWatch9 - ok
19:27:52.0465 1520 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:27:52.0465 1520 RpcLocator - ok
19:27:52.0496 1520 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
19:27:52.0496 1520 RpcSs - ok
19:27:52.0558 1520 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:27:52.0574 1520 rspndr - ok
19:27:52.0589 1520 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:27:52.0589 1520 SamSs - ok
19:27:52.0621 1520 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:27:52.0636 1520 sbp2port - ok
19:27:52.0636 1520 SBRE - ok
19:27:52.0683 1520 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:27:52.0683 1520 SCardSvr - ok
19:27:52.0792 1520 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:27:52.0808 1520 Schedule - ok
19:27:52.0823 1520 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:27:52.0823 1520 SCPolicySvc - ok
19:27:52.0855 1520 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:27:52.0855 1520 SDRSVC - ok
19:27:52.0917 1520 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:27:52.0917 1520 secdrv - ok
19:27:52.0979 1520 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:27:52.0995 1520 seclogon - ok
19:27:53.0057 1520 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
19:27:53.0057 1520 SENS - ok
19:27:53.0104 1520 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:27:53.0104 1520 Serenum - ok
19:27:53.0135 1520 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:27:53.0151 1520 Serial - ok
19:27:53.0213 1520 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:27:53.0213 1520 sermouse - ok
19:27:53.0307 1520 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:27:53.0307 1520 SessionEnv - ok
19:27:53.0354 1520 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:27:53.0354 1520 sffdisk - ok
19:27:53.0385 1520 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:27:53.0385 1520 sffp_mmc - ok
19:27:53.0401 1520 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:27:53.0401 1520 sffp_sd - ok
19:27:53.0416 1520 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:27:53.0416 1520 sfloppy - ok
19:27:53.0510 1520 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:27:53.0510 1520 SharedAccess - ok
19:27:53.0557 1520 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:27:53.0572 1520 ShellHWDetection - ok
19:27:53.0603 1520 [ 08072B2FB92477FC813271A84B3A8698 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:27:53.0603 1520 sisagp - ok
19:27:53.0619 1520 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:27:53.0619 1520 SiSRaid2 - ok
19:27:53.0650 1520 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:27:53.0650 1520 SiSRaid4 - ok
19:27:53.0853 1520 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:27:53.0900 1520 slsvc - ok
19:27:53.0978 1520 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:27:53.0978 1520 SLUINotify - ok
19:27:54.0009 1520 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:27:54.0025 1520 Smb - ok
19:27:54.0071 1520 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:27:54.0071 1520 SNMPTRAP - ok
19:27:54.0118 1520 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:27:54.0118 1520 spldr - ok
19:27:54.0165 1520 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:27:54.0165 1520 Spooler - ok
19:27:54.0243 1520 [ 54902536AAD0E9B99BC65F89C0CAF93F ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:27:54.0243 1520 SQLWriter - ok
19:27:54.0290 1520 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:27:54.0305 1520 srv - ok
19:27:54.0352 1520 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:27:54.0352 1520 srv2 - ok
19:27:54.0430 1520 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:27:54.0430 1520 srvnet - ok
19:27:54.0493 1520 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:27:54.0493 1520 SSDPSRV - ok
19:27:54.0539 1520 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:27:54.0555 1520 SstpSvc - ok
19:27:54.0617 1520 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:27:54.0617 1520 stisvc - ok
19:27:54.0695 1520 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
19:27:54.0695 1520 stllssvr - ok
19:27:54.0742 1520 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:27:54.0742 1520 swenum - ok
19:27:54.0805 1520 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:27:54.0820 1520 swprv - ok
19:27:54.0867 1520 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:27:54.0867 1520 Symc8xx - ok
19:27:54.0898 1520 SymIMMP - ok
19:27:54.0929 1520 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:27:54.0929 1520 Sym_hi - ok
19:27:54.0961 1520 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:27:54.0961 1520 Sym_u3 - ok
19:27:55.0023 1520 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:27:55.0039 1520 SysMain - ok
19:27:55.0070 1520 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:27:55.0070 1520 TabletInputService - ok
19:27:55.0117 1520 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:27:55.0117 1520 TapiSrv - ok
19:27:55.0148 1520 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:27:55.0163 1520 TBS - ok
19:27:55.0226 1520 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:27:55.0241 1520 Tcpip - ok
19:27:55.0319 1520 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:27:55.0335 1520 Tcpip6 - ok
19:27:55.0382 1520 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:27:55.0382 1520 tcpipreg - ok
19:27:55.0413 1520 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:27:55.0413 1520 TDPIPE - ok
19:27:55.0444 1520 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:27:55.0460 1520 TDTCP - ok
19:27:55.0491 1520 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:27:55.0491 1520 tdx - ok
19:27:55.0538 1520 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:27:55.0538 1520 TermDD - ok
19:27:55.0585 1520 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:27:55.0600 1520 TermService - ok
19:27:55.0631 1520 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:27:55.0647 1520 Themes - ok
19:27:55.0678 1520 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:27:55.0678 1520 THREADORDER - ok
19:27:55.0709 1520 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:27:55.0725 1520 TrkWks - ok
19:27:55.0772 1520 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:27:55.0772 1520 TrustedInstaller - ok
19:27:55.0819 1520 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:27:55.0834 1520 tssecsrv - ok
19:27:55.0865 1520 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:27:55.0865 1520 tunmp - ok
19:27:55.0897 1520 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:27:55.0897 1520 tunnel - ok
19:27:55.0943 1520 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:27:55.0943 1520 uagp35 - ok
19:27:55.0990 1520 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:27:55.0990 1520 udfs - ok
19:27:56.0037 1520 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:27:56.0037 1520 UI0Detect - ok
19:27:56.0068 1520 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:27:56.0084 1520 uliagpkx - ok
19:27:56.0099 1520 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:27:56.0115 1520 uliahci - ok
19:27:56.0131 1520 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:27:56.0131 1520 UlSata - ok
19:27:56.0162 1520 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:27:56.0162 1520 ulsata2 - ok
19:27:56.0209 1520 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:27:56.0209 1520 umbus - ok
19:27:56.0240 1520 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:27:56.0255 1520 upnphost - ok
19:27:56.0302 1520 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:27:56.0302 1520 usbccgp - ok
19:27:56.0349 1520 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:27:56.0349 1520 usbcir - ok
19:27:56.0396 1520 [ D21CDE1C635BCC5053463579EEE453CF ] USBCM C:\Windows\system32\DRIVERS\Sacm2A.sys
19:27:56.0411 1520 USBCM - ok
19:27:56.0458 1520 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:27:56.0458 1520 usbehci - ok
19:27:56.0489 1520 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:27:56.0489 1520 usbhub - ok
19:27:56.0536 1520 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:27:56.0536 1520 usbohci - ok
19:27:56.0583 1520 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:27:56.0583 1520 usbprint - ok
19:27:56.0661 1520 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:27:56.0661 1520 usbscan - ok
19:27:56.0692 1520 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:27:56.0692 1520 USBSTOR - ok
19:27:56.0739 1520 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:27:56.0755 1520 usbuhci - ok
19:27:56.0801 1520 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:27:56.0801 1520 UxSms - ok
19:27:56.0848 1520 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:27:56.0864 1520 vds - ok
19:27:56.0895 1520 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:27:56.0895 1520 vga - ok
19:27:56.0942 1520 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:27:56.0942 1520 VgaSave - ok
19:27:56.0973 1520 [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:27:56.0989 1520 viaagp - ok
19:27:57.0020 1520 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:27:57.0020 1520 ViaC7 - ok
19:27:57.0051 1520 [ F3B4762EB85A2AFF4999401F14C3262B ] viaide C:\Windows\system32\drivers\viaide.sys
19:27:57.0051 1520 viaide - ok
19:27:57.0082 1520 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:27:57.0082 1520 volmgr - ok
19:27:57.0129 1520 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:27:57.0129 1520 volmgrx - ok
19:27:57.0160 1520 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:27:57.0176 1520 volsnap - ok
19:27:57.0223 1520 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:27:57.0223 1520 vsmraid - ok
19:27:57.0301 1520 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:27:57.0316 1520 VSS - ok
19:27:57.0347 1520 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:27:57.0363 1520 W32Time - ok
19:27:57.0394 1520 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:27:57.0394 1520 WacomPen - ok
19:27:57.0425 1520 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:27:57.0425 1520 Wanarp - ok
19:27:57.0441 1520 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:27:57.0441 1520 Wanarpv6 - ok
19:27:57.0488 1520 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\Windows\system32\DRIVERS\wanatw4.sys
19:27:57.0488 1520 wanatw - ok
19:27:57.0519 1520 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
19:27:57.0535 1520 WcesComm - ok
19:27:57.0566 1520 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:27:57.0566 1520 wcncsvc - ok
19:27:57.0613 1520 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:27:57.0613 1520 WcsPlugInService - ok
19:27:57.0659 1520 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
19:27:57.0659 1520 Wd - ok
19:27:57.0706 1520 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:27:57.0706 1520 Wdf01000 - ok
19:27:57.0753 1520 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:27:57.0753 1520 WdiServiceHost - ok
19:27:57.0769 1520 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:27:57.0769 1520 WdiSystemHost - ok
19:27:57.0815 1520 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:27:57.0815 1520 WebClient - ok
19:27:57.0862 1520 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:27:57.0862 1520 Wecsvc - ok
19:27:57.0862 1520 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:27:57.0878 1520 wercplsupport - ok
19:27:57.0893 1520 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:27:57.0893 1520 WerSvc - ok
19:27:57.0940 1520 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:27:57.0940 1520 WinDefend - ok
19:27:57.0956 1520 WinHttpAutoProxySvc - ok
19:27:58.0003 1520 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:27:58.0003 1520 Winmgmt - ok
19:27:58.0049 1520 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:27:58.0065 1520 WinRM - ok
19:27:58.0127 1520 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:27:58.0127 1520 Wlansvc - ok
19:27:58.0205 1520 [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc C:\Program Files\Windows Live\installer\WLSetupSvc.exe
19:27:58.0205 1520 WLSetupSvc - ok
19:27:58.0252 1520 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:27:58.0252 1520 WmiAcpi - ok
19:27:58.0283 1520 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:27:58.0283 1520 wmiApSrv - ok
19:27:58.0346 1520 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:27:58.0346 1520 WMPNetworkSvc - ok
19:27:58.0361 1520 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:27:58.0377 1520 WPCSvc - ok
19:27:58.0393 1520 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:27:58.0393 1520 WPDBusEnum - ok
19:27:58.0439 1520 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:27:58.0439 1520 WpdUsb - ok
19:27:58.0533 1520 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:27:58.0533 1520 WPFFontCache_v0400 - ok
19:27:58.0580 1520 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:27:58.0580 1520 ws2ifsl - ok
19:27:58.0611 1520 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
19:27:58.0611 1520 wscsvc - ok
19:27:58.0611 1520 WSearch - ok
19:27:58.0705 1520 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:27:58.0720 1520 wuauserv - ok
19:27:58.0767 1520 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:27:58.0767 1520 WUDFRd - ok
19:27:58.0798 1520 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:27:58.0798 1520 wudfsvc - ok
19:27:58.0829 1520 ================ Scan global ===============================
19:27:58.0845 1520 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:27:58.0907 1520 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:27:58.0970 1520 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:27:59.0017 1520 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:27:59.0017 1520 [Global] - ok
19:27:59.0017 1520 ================ Scan MBR ==================================
19:27:59.0032 1520 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:27:59.0547 1520 \Device\Harddisk0\DR0 - ok
19:27:59.0547 1520 ================ Scan VBR ==================================
19:27:59.0578 1520 [ 902C3ADB341966B5F2A7BA893A45E4F8 ] \Device\Harddisk0\DR0\Partition1
19:27:59.0578 1520 \Device\Harddisk0\DR0\Partition1 - ok
19:27:59.0594 1520 [ 590F81639EAE5536A5CBBB6933E62885 ] \Device\Harddisk0\DR0\Partition2
19:27:59.0594 1520 \Device\Harddisk0\DR0\Partition2 - ok
19:27:59.0594 1520 ============================================================
19:27:59.0594 1520 Scan finished
19:27:59.0594 1520 ============================================================
19:27:59.0609 0224 Detected object count: 1
19:27:59.0609 0224 Actual detected object count: 1
19:28:04.0305 0224 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
19:28:04.0305 0224 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip


2. MBAM LOG

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.15.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Joe :: MISSY-PC [administrator]

11/15/2012 7:32:36 PM
mbam-log-2012-11-15 (19-32-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 399683
Time elapsed: 14 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



3. SUPERANTISPYWARE LOG (THREATS REMOVED, REQUIRED A REBOOT)

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/15/2012 at 08:13 PM

Application Version : 5.6.1014

Core Rules Database Version : 9595
Trace Rules Database Version: 7407

Scan type : Quick Scan
Total Scan Time : 00:23:53

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 619
Memory threats detected : 0
Registry items scanned : 32276
Registry threats detected : 0
File items scanned : 11190
File threats detected : 138

Rogue.PersonalAntiVirus
C:\Windows\Tasks\PersonalAV.job

Adware.Tracking Cookie
C:\Users\Joe.Missy-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\P0U6R4V6.txt [ /account.login.aol.com ]
C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@mm.chitika[2].txt [ Cookie:guest@mm.chitika.net/ ]
C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@www.googleadservices[1].txt [ Cookie:guest@www.googleadservices.com/pagead/conversion/1059490385/ ]
C:\USERS\JOE\AppData\Roaming\Microsoft\Windows\Cookies\Low\joe@www.baldwincountynow[1].txt [ Cookie:joe@www.baldwincountynow.com/articles/2008/01/03/local_news/ ]
C:\USERS\JOE\AppData\Roaming\Microsoft\Windows\Cookies\Low\joe@baldwincountynow[1].txt [ Cookie:joe@baldwincountynow.com/ ]
C:\USERS\JOE\AppData\Roaming\Microsoft\Windows\Cookies\Low\joe@discount-pet-superstore[1].txt [ Cookie:joe@discount-pet-superstore.com/ ]
C:\USERS\JOE\AppData\Roaming\Microsoft\Windows\Cookies\Low\joe@www.googleadservices[1].txt [ Cookie:joe@www.googleadservices.com/pagead/conversion/1071058544/ ]
C:\USERS\JOE\AppData\Roaming\Microsoft\Windows\Cookies\Low\joe@ad.us-ec.adtechus[1].txt [ Cookie:joe@ad.us-ec.adtechus.com/ ]
C:\USERS\JOE\AppData\Roaming\Microsoft\Windows\Cookies\Low\joe@www.accountonline[3].txt [ Cookie:joe@www.accountonline.com/ ]
C:\USERS\JOE\AppData\Roaming\Microsoft\Windows\Cookies\Low\joe@petfinder[1].txt [ Cookie:joe@petfinder.com/ ]
C:\USERS\JOE\AppData\Roaming\Microsoft\Windows\Cookies\Low\joe@www.hrsaccount[1].txt [ Cookie:joe@www.hrsaccount.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\HHG3TX36.txt [ Cookie:joe@advertising.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\QHNRLZLR.txt [ Cookie:joe@ad.yieldmanager.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\OV8B4J2G.txt [ Cookie:joe@tacoda.at.atwola.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\RL1FBWXC.txt [ Cookie:joe@collective-media.net/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\BBYPKFD5.txt [ Cookie:joe@at.atwola.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\PWCCF63U.txt [ Cookie:joe@2o7.net/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\LLC0EZ8H.txt [ Cookie:joe@apmebf.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\BXB7GJLR.txt [ Cookie:joe@pro-market.net/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\89OXWH6P.txt [ Cookie:joe@imrworldwide.com/cgi-bin ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\BHFHGGS2.txt [ Cookie:joe@interclick.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\K5WEVPAC.txt [ Cookie:joe@scdn.uc.atwola.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\0E3NF550.txt [ Cookie:joe@doubleclick.net/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\ABQKB2VX.txt [ Cookie:joe@mediaplex.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\F1NPP3XO.txt [ Cookie:joe@media6degrees.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\8FU77SDC.txt [ Cookie:joe@adbrite.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\RWZW02F9.txt [ Cookie:joe@a1.interclick.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\01S3OS4W.txt [ Cookie:joe@revsci.net/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\YVYET7FK.txt [ Cookie:joe@atwola.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\X3JRENKJ.txt [ Cookie:joe@atdmt.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\TJH9KLQ1.txt [ Cookie:joe@pointroll.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\V4UGNWO5.txt [ Cookie:joe@accounts.google.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\DOKY4YQM.txt [ Cookie:joe@invitemedia.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\DQ72A6UR.txt [ Cookie:joe@tribalfusion.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\9DTSS71W.txt [ Cookie:joe@ru4.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\2MK6EH8C.txt [ Cookie:joe@dmtracker.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\0PJFFJSL.txt [ Cookie:joe@adtechus.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\B6FZ5ISH.txt [ Cookie:joe@casalemedia.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\U6S2A5VD.txt [ Cookie:joe@questionmarket.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\J1J2QQOM.txt [ Cookie:joe@ar.atwola.com/ ]
C:\USERS\JOE.MISSY-PC.003\AppData\Roaming\Microsoft\Windows\Cookies\Low\NQW7JPNX.txt [ Cookie:joe@burstnet.com/ ]
C:\USERS\MISSY\AppData\Roaming\Microsoft\Windows\Cookies\Low\WMM11QUS.txt [ Cookie:missy@media6degrees.com/ ]
C:\USERS\MISSY\AppData\Roaming\Microsoft\Windows\Cookies\Low\missy@www.google[2].txt [ Cookie:missy@www.google.com/accounts ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\CRCZC20Q.txt [ Cookie:work@jeetyetmedia.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\O5N3BRK0.txt [ Cookie:work@accounts.google.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\5CC5RX1U.txt [ Cookie:work@ad.yieldmanager.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\SLRGBOB6.txt [ Cookie:work@server.cpmstar.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\B153T4FT.txt [ Cookie:work@advertising.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\O1VPIB22.txt [ Cookie:work@openx.jeetyetmedia.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\C8BM989B.txt [ Cookie:work@microsoftsto.112.2o7.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\6IX2HBWV.txt [ Cookie:work@serving-sys.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\8EXLZU32.txt [ Cookie:work@zedo.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\G1IYO840.txt [ Cookie:work@revsci.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\IP8ZR570.txt [ Cookie:work@ru4.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\RL0ZL7W3.txt [ Cookie:work@adserver.adtechus.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\WFMRZ9F5.txt [ Cookie:work@microsoftwlsearchcrm.112.2o7.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\DW82WCP7.txt [ Cookie:work@tacoda.at.atwola.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\4IY21LPX.txt [ Cookie:work@tribalfusion.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\16FXQ2CI.txt [ Cookie:work@specificclick.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\3VLOY289.txt [ Cookie:work@kontera.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\DPWGSBJK.txt [ Cookie:work@doubleclick.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\F0HT235M.txt [ Cookie:work@lucidmedia.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\DZUHXRGM.txt [ Cookie:work@legolas-media.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\E4FKJMHZ.txt [ Cookie:work@imrworldwide.com/cgi-bin ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\BNF7NA35.txt [ Cookie:work@edge.jeetyetmedia.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\19LI8U1U.txt [ Cookie:work@fastclick.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\4F5074CN.txt [ Cookie:work@atwola.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\V3U1EOJM.txt [ Cookie:work@adsonar.com/adserving ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\0J29MSOC.txt [ Cookie:work@jeetyetmedia.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\HYJP90TW.txt [ Cookie:work@accounts.google.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q7RU3O4X.txt [ Cookie:work@www.3dstats.com/cgi-bin ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\GG6Z4PPE.txt [ Cookie:work@ad.yieldmanager.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\07B3HJ53.txt [ Cookie:work@bs.serving-sys.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\LIPGGF84.txt [ Cookie:work@traveladvertising.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\D3HSHCNE.txt [ Cookie:work@clickfuse.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\JMQAIAPF.txt [ Cookie:work@realmedia.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\NFOVYRHN.txt [ Cookie:work@edge.jeetyetmedia.com/ads/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\DT0DHOVH.txt [ Cookie:work@advertising.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\NHXIKP9C.txt [ Cookie:work@openx.jeetyetmedia.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ZURV2EB.txt [ Cookie:work@apmebf.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\FR8P5UD3.txt [ Cookie:work@serving-sys.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\EOB3UM7L.txt [ Cookie:work@zedo.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\80LDU11C.txt [ Cookie:work@revsci.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\6XIQXZQB.txt [ Cookie:work@ox-d.mediadakine.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\TJKAP4BL.txt [ Cookie:work@liveperson.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\XKJHIYLC.txt [ Cookie:work@ru4.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\AT1M1XAT.txt [ Cookie:work@adnet.affinity.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\8B7Z2M8U.txt [ Cookie:work@adserver.adtechus.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\QT0Y9NKU.txt [ Cookie:work@tacoda.at.atwola.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\BZUBSY08.txt [ Cookie:work@tribalfusion.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q9G5VN0T.txt [ Cookie:work@statcounter.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZZ2XTI4I.txt [ Cookie:work@server.iad.liveperson.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\4AQL1G12.txt [ Cookie:work@specificclick.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\LYBONVK3.txt [ Cookie:work@dmtracker.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\UBGO5WWR.txt [ Cookie:work@doubleclick.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\2YUC34G9.txt [ Cookie:work@mediaplex.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\7JRUZVS5.txt [ Cookie:work@adxpose.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\VKHFRSY9.txt [ Cookie:work@media.adfrontiers.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z0H03MT1.txt [ Cookie:work@lucidmedia.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\QLN3Z28A.txt [ Cookie:work@imrworldwide.com/cgi-bin ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\7EGQIDEJ.txt [ Cookie:work@pointroll.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\8UVY10H8.txt [ Cookie:work@yieldmanager.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\SVW73GK2.txt [ Cookie:work@intermundomedia.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\6K0JG6ZJ.txt [ Cookie:work@edge.jeetyetmedia.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\OEB5ERVD.txt [ Cookie:work@fastclick.net/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\YC9QTRFG.txt [ Cookie:work@ads.pointroll.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\S42WIROP.txt [ Cookie:work@atwola.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\52UAQO4C.txt [ Cookie:work@amazon-adsystem.com/ ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\YVJGEAF5.txt [ Cookie:work@adsonar.com/adserving ]
C:\USERS\WORK\AppData\Roaming\Microsoft\Windows\Cookies\Low\SJGO5107.txt [ Cookie:work@lfstmedia.com/ ]
C:\USERS\WORK\Cookies\CRCZC20Q.txt [ Cookie:work@jeetyetmedia.com/ ]
C:\USERS\WORK\Cookies\O5N3BRK0.txt [ Cookie:work@accounts.google.com/ ]
C:\USERS\WORK\Cookies\5CC5RX1U.txt [ Cookie:work@ad.yieldmanager.com/ ]
C:\USERS\WORK\Cookies\SLRGBOB6.txt [ Cookie:work@server.cpmstar.com/ ]
C:\USERS\WORK\Cookies\B153T4FT.txt [ Cookie:work@advertising.com/ ]
C:\USERS\WORK\Cookies\O1VPIB22.txt [ Cookie:work@openx.jeetyetmedia.com/ ]
C:\USERS\WORK\Cookies\C8BM989B.txt [ Cookie:work@microsoftsto.112.2o7.net/ ]
C:\USERS\WORK\Cookies\6IX2HBWV.txt [ Cookie:work@serving-sys.com/ ]
C:\USERS\WORK\Cookies\8EXLZU32.txt [ Cookie:work@zedo.com/ ]
C:\USERS\WORK\Cookies\G1IYO840.txt [ Cookie:work@revsci.net/ ]
C:\USERS\WORK\Cookies\IP8ZR570.txt [ Cookie:work@ru4.com/ ]
C:\USERS\WORK\Cookies\RL0ZL7W3.txt [ Cookie:work@adserver.adtechus.com/ ]
C:\USERS\WORK\Cookies\WFMRZ9F5.txt [ Cookie:work@microsoftwlsearchcrm.112.2o7.net/ ]
C:\USERS\WORK\Cookies\DW82WCP7.txt [ Cookie:work@tacoda.at.atwola.com/ ]
C:\USERS\WORK\Cookies\4IY21LPX.txt [ Cookie:work@tribalfusion.com/ ]
C:\USERS\WORK\Cookies\16FXQ2CI.txt [ Cookie:work@specificclick.net/ ]
C:\USERS\WORK\Cookies\3VLOY289.txt [ Cookie:work@kontera.com/ ]
C:\USERS\WORK\Cookies\DPWGSBJK.txt [ Cookie:work@doubleclick.net/ ]
C:\USERS\WORK\Cookies\F0HT235M.txt [ Cookie:work@lucidmedia.com/ ]
C:\USERS\WORK\Cookies\DZUHXRGM.txt [ Cookie:work@legolas-media.com/ ]
C:\USERS\WORK\Cookies\E4FKJMHZ.txt [ Cookie:work@imrworldwide.com/cgi-bin ]
C:\USERS\WORK\Cookies\BNF7NA35.txt [ Cookie:work@edge.jeetyetmedia.com/ ]
C:\USERS\WORK\Cookies\19LI8U1U.txt [ Cookie:work@fastclick.net/ ]
C:\USERS\WORK\Cookies\4F5074CN.txt [ Cookie:work@atwola.com/ ]
C:\USERS\WORK\Cookies\V3U1EOJM.txt [ Cookie:work@adsonar.com/adserving ]
.doubleclick.net [ C:\USERS\JOE.MISSY-PC.003\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\JOE.MISSY-PC.003\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

4. ESET SCAN (NO THREATS FOUND)



5. MINITOOLBOX RESULTS

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Joe (administrator) on 16-11-2012 at 07:52:30
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

::1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Missy-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-1A-A0-71-F5-89
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e139:fc79:9a86:4fbc%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, November 15, 2012 8:17:23 PM
Lease Expires . . . . . . . . . . : Monday, December 23, 2148 2:20:57 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 201333408
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-0D-9D-12-00-1A-A0-71-F5-89
DNS Servers . . . . . . . . . . . : 192.168.2.1
68.105.28.12
68.105.29.12
68.105.28.11
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.Belkin
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : isatap.Belkin
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 74.125.224.228
74.125.224.228



Pinging google.com [74.125.224.228] with 32 bytes of data:

Reply from 74.125.224.228: bytes=32 time=88ms TTL=51

Reply from 74.125.224.228: bytes=32 time=89ms TTL=51



Ping statistics for 74.125.224.228:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 88ms, Maximum = 89ms, Average = 88ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.139.183.24
98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=664ms TTL=53

Reply from 98.139.183.24: bytes=32 time=774ms TTL=53



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 664ms, Maximum = 774ms, Average = 719ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
9 ...00 1a a0 71 f5 89 ...... NVIDIA nForce Networking Controller
1 ........................... Software Loopback Interface 1
8 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 isatap.Belkin
16 ...00 00 00 00 00 00 00 e0 isatap.Belkin
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.4 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.4 276
192.168.2.4 255.255.255.255 On-link 192.168.2.4 276
192.168.2.255 255.255.255.255 On-link 192.168.2.4 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.4 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.4 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
9 276 fe80::/64 On-link
9 276 fe80::e139:fc79:9a86:4fbc/128
On-link
1 306 ff00::/8 On-link
9 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/15/2012 10:06:41 PM) (Source: LoadPerf) (User: )
Description: <rog??m??>le??M?16

Error: (11/15/2012 09:58:53 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_wuauserv, version 6.0.6001.18000, time stamp 0x47918b89, faulting module wuaueng.dll, version 7.6.7600.256, time stamp 0x4fca8fc5, exception code 0xc0000005, fault offset 0x000ddecc,
process id 0x17b8, application start time 0xsvchost.exe_wuauserv0.

Error: (11/15/2012 08:36:23 PM) (Source: LoadPerf) (User: )
Description: D.?.?????.?.??u?16

Error: (11/15/2012 08:28:38 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_wuauserv, version 6.0.6001.18000, time stamp 0x47918b89, faulting module wuaueng.dll, version 7.6.7600.256, time stamp 0x4fca8fc5, exception code 0xc0000005, fault offset 0x000ddecc,
process id 0x1550, application start time 0xsvchost.exe_wuauserv0.

Error: (11/15/2012 08:25:23 PM) (Source: LoadPerf) (User: )
Description: HkTi??\??ys??m?16

Error: (11/15/2012 08:23:56 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_wuauserv, version 6.0.6001.18000, time stamp 0x47918b89, faulting module wuaueng.dll, version 7.6.7600.256, time stamp 0x4fca8fc5, exception code 0xc0000005, fault offset 0x000ddecc,
process id 0x1108, application start time 0xsvchost.exe_wuauserv0.

Error: (11/15/2012 08:21:35 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_wuauserv, version 6.0.6001.18000, time stamp 0x47918b89, faulting module wuaueng.dll, version 7.6.7600.256, time stamp 0x4fca8fc5, exception code 0xc0000005, fault offset 0x000ddecc,
process id 0x4e4, application start time 0xsvchost.exe_wuauserv0.

Error: (11/15/2012 06:59:57 PM) (Source: LoadPerf) (User: )
Description: D?????????u?16

Error: (11/15/2012 06:54:59 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_wuauserv, version 6.0.6001.18000, time stamp 0x47918b89, faulting module wuaueng.dll, version 7.6.7600.256, time stamp 0x4fca8fc5, exception code 0xc0000005, fault offset 0x000ddecc,
process id 0x408, application start time 0xsvchost.exe_wuauserv0.

Error: (11/15/2012 06:50:15 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_wuauserv, version 6.0.6001.18000, time stamp 0x47918b89, faulting module wuaueng.dll, version 7.6.7600.256, time stamp 0x4fca8fc5, exception code 0xc0000005, fault offset 0x000ddecc,
process id 0x4cc, application start time 0xsvchost.exe_wuauserv0.


System errors:
=============
Error: (11/15/2012 08:23:40 PM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceWindows Management Instrumentation%%1056

Error: (11/15/2012 08:22:10 PM) (Source: DCOM) (User: )
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (11/15/2012 08:19:01 PM) (Source: Service Control Manager) (User: )
Description: Null
SBRE

Error: (11/15/2012 08:19:01 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (11/15/2012 06:50:01 PM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceWindows Management Instrumentation%%1056

Error: (11/15/2012 06:45:40 PM) (Source: Service Control Manager) (User: )
Description: Null
SBRE

Error: (11/15/2012 06:45:40 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (11/15/2012 06:40:38 PM) (Source: Service Control Manager) (User: )
Description: Certificate Propagation23000001Restart the service

Error: (11/15/2012 06:40:38 PM) (Source: Service Control Manager) (User: )
Description: Background Intelligent Transfer Service21200001Restart the service

Error: (11/15/2012 06:40:38 PM) (Source: Service Control Manager) (User: )
Description: Application Information2


Microsoft Office Sessions:
=========================
Error: (11/15/2012 10:06:41 PM) (Source: LoadPerf)(User: )
Description: <rog??m??>le??M?16

Error: (11/15/2012 09:58:53 PM) (Source: Application Error)(User: )
Description: svchost.exe_wuauserv6.0.6001.1800047918b89wuaueng.dll7.6.7600.2564fca8fc5c0000005000ddecc17b801cdc399c4952c66

Error: (11/15/2012 08:36:23 PM) (Source: LoadPerf)(User: )
Description: D.?.?????.?.??u?16

Error: (11/15/2012 08:28:38 PM) (Source: Application Error)(User: )
Description: svchost.exe_wuauserv6.0.6001.1800047918b89wuaueng.dll7.6.7600.2564fca8fc5c0000005000ddecc155001cdc3993589c9e6

Error: (11/15/2012 08:25:23 PM) (Source: LoadPerf)(User: )
Description: HkTi??\??ys??m?16

Error: (11/15/2012 08:23:56 PM) (Source: Application Error)(User: )
Description: svchost.exe_wuauserv6.0.6001.1800047918b89wuaueng.dll7.6.7600.2564fca8fc5c0000005000ddecc110801cdc398cce98c46

Error: (11/15/2012 08:21:35 PM) (Source: Application Error)(User: )
Description: svchost.exe_wuauserv6.0.6001.1800047918b89wuaueng.dll7.6.7600.2564fca8fc5c0000005000ddecc4e401cdc398209369d3

Error: (11/15/2012 06:59:57 PM) (Source: LoadPerf)(User: )
Description: D?????????u?16

Error: (11/15/2012 06:54:59 PM) (Source: Application Error)(User: )
Description: svchost.exe_wuauserv6.0.6001.1800047918b89wuaueng.dll7.6.7600.2564fca8fc5c0000005000ddecc40801cdc38c1cfc2753

Error: (11/15/2012 06:50:15 PM) (Source: Application Error)(User: )
Description: svchost.exe_wuauserv6.0.6001.1800047918b89wuaueng.dll7.6.7600.2564fca8fc5c0000005000ddecc4cc01cdc38bc9811723


CodeIntegrity Errors:
===================================
Date: 2012-11-16 02:03:43.357
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 02:03:42.279
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 02:03:41.373
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 02:03:40.344
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-15 19:51:14.041
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-15 19:51:13.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-15 19:51:11.790
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-15 19:51:10.402
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-15 19:37:08.306
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-15 19:37:07.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe AIR (Version: 3.2.0.2070)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Akamai NetSession Interface Service
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
AWC 2006 (Version: 2006)
Belarc Advisor 8.2 (Version: 8.2.7.18)
Bonjour (Version: 3.0.0.10)
Browser Address Error Redirector (Version: 1.00.0000)
CCleaner (Version: 3.24)
CCS64 V3.9 (Version: 1.0.0)
Citrix Access Gateway Endpoint Analysis (Version: 10.0.54.7)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Dell DataSafe Online (Version: 1.0.21)
Dell Driver Download Manager (Version: 3.0.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
EarthLink Setup Files (Version: 2005.2.178.0.2.2)
ESET Online Scanner v3
GoToAssist 8.0.0.514
IGT Slots Cleopatra II (Version: 1.00.0000)
Internet Service Offers Launcher (Version: 1.00.0000)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 11 (Version: 6.0.110)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Masque IGT Slots Lucky Larry's Lobstermania (Version: 1.0.0)
Masque Slots featuring WMS Gaming (Version: 1.0.3.1)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.3042.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Web Publishing Wizard 1.52
Microsoft Works (Version: 08.05.0818)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music, Photos & Videos Launcher (Version: 1.00.0000)
Netflix Movie Viewer (Version: 1.2.211)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Drivers (Version: 1.4)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
NVIDIANetworkDiagnostic (Version: 1.00.0000)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Plan3D (Version: 1.0.43)
Product Documentation Launcher (Version: 1.00.0000)
QuickTime (Version: 7.69.80.9)
R16 Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver
Rhapsody Player Engine (Version: 1.0.604)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio MyDVD DE (Version: 9.0.116)
Roxio Update Manager (Version: 3.0.0)
RSA SecurID Software Token (Version: 4.1.1)
RTC Client API v1.2 (Version: 1.2.0000)
Safari (Version: 5.33.21.1)
Scientific-Atlanta WebSTAR 2000 series Cable Modem
Sonic Activation Module (Version: 1.0)
SUPERAntiSpyware (Version: 5.6.1014)
swMSM (Version: 12.0.0.1)
System Requirements Lab (Version: 5.0.5.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
User's Guides
Windows Live installer (Version: 12.0.1471.1025)
Windows Live Mail (Version: 12.0.1606.1023)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)

========================= Devices: ================================

Name: Microsoft Tun Miniport Adapter #2
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 3005.76 MB
Available physical RAM: 1405.59 MB
Total Pagefile: 6245.96 MB
Available Pagefile: 4589.27 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.89 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:222.78 GB) (Free:138.64 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.38 GB) NTFS
3 Drive e: (PROM_NIGHT) (CDROM) (Total:3.6 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\MISSY-PC

Administrator Guest Joe
Missy UpdatusUser Work


**** End of log ****


6. ADWCLEANER LOG

# AdwCleaner v2.007 - Logfile created 11/16/2012 at 07:55:53
# Updated 06/11/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Joe - MISSY-PC
# Boot Mode : Normal
# Running from : C:\Users\Joe.Missy-PC.003\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

*************************

AdwCleaner[R1].txt - [580 octets] - [16/11/2012 07:55:53]

########## EOF - C:\AdwCleaner[R1].txt - [639 octets] ##########

#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:48 PM

Posted 16 November 2012 - 07:57 PM

Download Norman Malware Cleaner Run it Go to options then put a tick next to Enable rootkit cleaning. Hit the Full Scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.


REBoot after Norman.

Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe


Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe



Download Hitman Pro .

http://dl.surfright.nl/HitmanPro36.exe 32 bit

http://dl.surfright.nl/HitmanPro36_x64.exe 64 bit

Start the scan Go to setings.
Un-tick Scan for tracking Cookies.
Go back to scan Tab
Select ok
Then Next
No I only want to perform a one time scan to check this computer.
Enter your email to register.
Next.
After the scan make sure to select quarantine found threats.
Then select activate free license then follow the prompts.
Reboot your machine.

#8 grog5150

grog5150
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 16 November 2012 - 08:35 PM

Tried to download Norman malware, and received error message saying "The program file appears to be corrupted! Please try to download this program again. Contact Norman Support if problem persists" Tried several times with no luck. Unable to perform scan...

#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:48 PM

Posted 16 November 2012 - 08:40 PM

Skip it now.

#10 grog5150

grog5150
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 16 November 2012 - 09:37 PM

JRT LOG

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.1.4 (11.16.2012)
OS: Windows Vista ™ Home Premium x86
Ran by Joe on Fri 11/16/2012 at 21:08:31.40
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Joe.Missy-PC.003\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Joe.Missy-PC.003\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Joe.Missy-PC.003\appdata\locallow\playready"
Successfully deleted: [Folder] "C:\Users\Joe.Missy-PC.003\appdata\locallow\searchqutoolbar"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 11/16/2012 at 21:10:17.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


ALSO POSTING HITMAN LOG

HitmanPro 3.6.2.174
www.hitmanpro.com

   Computer name . . . . : MISSY-PC
   Windows . . . . . . . : 6.0.2.6002.X86/2
   User name . . . . . . : Missy-PC\Joe
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (31 days left)

   Scan date . . . . . . : 2012-11-16 21:19:27
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 6m 55s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 5

   Objects scanned . . . : 1,789,220
   Files scanned . . . . : 72,335
   Remnants scanned  . . : 471,722 files / 1,245,163 keys

Malware _____________________________________________________________________

   C:\Users\Joe.Missy-PC.003\AppData\Local\Temp\Incredibar_install.exe -> Quarantined
      Size . . . . . . . : 474,992 bytes
      Age  . . . . . . . : 91.3 days (2012-08-17 13:38:24)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 4C551B045C292A27F4E1C8A0619DB1507FCC31916A44AA04E3987119FCF9CD55
      Product  . . . . . : IncrediMail Installer
      Description  . . . : IncrediMail Installer
      Version  . . . . . : 8.0.0.1020
      Copyright  . . . . : Copyright (C) 2010
      RSA Key Size . . . : 1024
      Authenticode . . . : Valid
    > DrWeb  . . . . . . : Infected
      Fuzzy  . . . . . . : 102.0

   C:\Users\Joe.Missy-PC.003\Desktop\JRT.exe -> Quarantined
      Size . . . . . . . : 894,416 bytes
      Age  . . . . . . . : 0.0 days (2012-11-16 21:04:09)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : 974ABE3216D76462A531EB56E7A3ACA707201A8CBA085429450E57C75ACA495F
    > G Data . . . . . . : Gen:Trojan.Heur.GM.05C0040802 (Engine A)
    > Ikarus . . . . . . : Trojan.Win32.Spy!IK
      Fuzzy  . . . . . . : 112.0


Suspicious files ____________________________________________________________

   C:\Windows\Temp\Rog8585.tmp -> Quarantined
      Size . . . . . . . : 673,280 bytes
      Age  . . . . . . . : 0.0 days (2012-11-16 21:01:49)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : C2F53A32C1D16193DFAD62C55954708E82B1C10B55912DFA8145AB2B7441C54B
      Source URL . . . . : hxxp://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
      Fuzzy  . . . . . . : 26.0
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         The file is downloaded from the Internet to this computer.
         The file name extension of this program is not common.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.


Potential Unwanted Programs _________________________________________________

   C:\Users\Missy\AppData\LocalLow\DataMngr\ (SearchQU)
   C:\Users\Missy\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED} (SearchQU)




#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:48 PM

Posted 16 November 2012 - 09:42 PM

Anymore issues?



Download Rkill run it post the log.
http://www.bleepingcomputer.com/download/rkill/



Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

http://download.sysinternals.com/files/Autoruns.zip

#12 grog5150

grog5150
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 16 November 2012 - 09:55 PM

rkill & autoruns logs...

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/16/2012 09:49:15 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 11/16/2012 09:49:26 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)


AUTORUN TXT

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "ISUSScheduler" "Macrovision FLEXnet Connect Scheduler" "Macrovision Corporation" "c:\program files\common files\installshield\updateservice\issch.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\windows\rthdvcpl.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Akamai NetSession Interface" "Akamai NetSession Client" "Akamai Technologies, Inc." "c:\users\joe.missy-pc.003\appdata\local\akamai\netsession_win.exe"
+ "Sidebar" "Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office11\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "belarc" "Belarc VoilaX Control" "Belarc, Inc." "c:\program files\belarc\advisor\system\bavoilax.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "mso-offdap" "Microsoft Office XP Web Components" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\10\owc10.dll"
+ "mso-offdap11" "Microsoft Office Web Components 2003" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
+ "wlmailhtml" "Microsoft Internet Messaging API Resources" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "CBrowserHelperObject Object" "BAE.dll" "Dell Inc." "c:\program files\dell\bae\bae.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters" "Andrea filters APO access service (32-bit)" "Andrea Electronics Corporation" "c:\windows\system32\aertsrv.exe"
+ "Akamai" "Provides networking protocol and file transfer technologies. If the service is stopped, those applications that depend on the service may fail to transfer files or otherwise function properly." "Akamai Technologies, Inc." "c:\program files\common files\akamai/netsession_win_ce5ba24.dll"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotoassist\514\g2aservice.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files\nvidia corporation\nvidia update core\daemonu.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "RoxMediaDB9" "Roxio RoxMediaDB9 Service" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe"
+ "RoxWatch9" "RoxSniffer9 Module" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WLSetupSvc" "Windows Live Setup Service" "Microsoft Corporation" "c:\program files\windows live\installer\wlsetupsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvmfdx32.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 301.42 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "nvstor32" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor32.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "R300" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "SBRE" "" "" "File not found: C:\Windows\system32\drivers\SBREDrv.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SymIMMP" "" "" "File not found: system32\DRIVERS\SymIM.sys"
+ "USBCM" "NDIS 5.0 Driver" " " "c:\windows\system32\drivers\sacm2a.sys"
+ "wanatw" "Wan Miniport (ATW)" "America Online, Inc." "c:\windows\system32\drivers\wanatw4.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmwriter.ax"
+ "MainConcept (Sonic) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "MainConcept (Sonic) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mediaanalyser.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "PSI Parser" "" "" "c:\program files\roxio\videocore 9\psiparser.ax"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Roxio Audio Decoder (DVD)" "ROXIO Audio Decoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiodvdaudio.dll"
+ "ROXIO Audio Source 3.0" "VW Audio Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\audiosrc.ax"
+ "ROXIO Audio VCFChunker 3.0" "Chunker Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\chunker.ax"
+ "ROXIO Audio VCFLooper 3.0" "Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\looper.ax"
+ "ROXIO AudioConvert 3.0" "AudioConvert Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audconv.ax"
+ "ROXIO AudioGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO ColorSpace Converter 3.0" "ROXIO Color Space Converter" "Sonic Solutions" "c:\program files\roxio\videocore 9\colorspconv.dll"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "roxio DCFilters Audio Sync Filter 2" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Dragons Lair" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVD Muxer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Reader" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Splitter" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Mpeg I/II Decoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Smart Resizer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Subpicture Mixer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "ROXIO Deinterlace 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\deinter.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO Image/Colour Source 3.0" "Colour Frame Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\imagesource.ax"
+ "ROXIO ListImage Source 3.0" "ListFrameSource" "Sonic Solutions" "c:\program files\roxio\videocore 9\listimagesource.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\panzoom.ax"
+ "ROXIO Pin Tee" "" "" "c:\program files\roxio\videocore 9\roxioinftee.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "ROXIO QT Source" "QuickTime Loader" "Sonic Solutions" "c:\program files\roxio\videocore 9\qtsource.ax"
+ "ROXIO QuickGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenedetector.ax"
+ "ROXIO SceneRecorder 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenerecorderfilt.ax"
+ "ROXIO Simple Dump 3.0" "Simple Dump Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\rxsimpledump.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAudioMixer 3.0" "AudioFlt Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audmf.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvscenedetectfilt.ax"
+ "ROXIO VCFLatency 3.0" "Latency Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\latency.ax"
+ "ROXIO VCFpeakmeter 3.0" "Peakmeter Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\peakmeter.ax"
+ "ROXIO VCFVideoCutList 3.0" "Video CutList Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vcutlist.ax"
+ "ROXIO VCFWaveform 1.0" "Waveform Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\waveform.ax"
+ "ROXIO Video Resampler 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vresamfilt.ax"
+ "ROXIO Video VCFLooper 3.0" "Video Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\vlooper.ax"
+ "ROXIO VideoCombine 3.0" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\videocombine.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "MGI Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\wavhead.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio\videocore 9\mvwcdsutil.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MPEG Audio Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG Video Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc" "c:\program files\common files\sonic shared\sonicmc01\sonicm2vd.ax"
+ "Sonic MPEG-4 Video Decoder" "Sonic Mpeg-4 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicm4vd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCG Video Mixer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCGImageSource" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VW Input Selector" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "VW Input Selector 2" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "{1AD512C6-24AF-4395-82B4-2D3CF21F44A2}" "Roxio MP3 Encoder Dynamic Link Library" "Roxio" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "{472C92F0-5438-423D-9B30-FD2932EA44EE}" "Roxio Audio Source Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiosource.ax"
+ "{58FF69ED-8388-483B-B9AC-3EB04BBEB913}" "Roxio Audio Stream Reader Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamreader.ax"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "lsdelete" "" "" "File not found: lsdelete"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ ".dll꼵س�ࠀ犾(" "" "" "File not found: .dll꼵س�ࠀ犾("
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders" "" "" ""
+ "digest.dll" "" "" "File not found: digest.dll"
+ "msapsspc.dll" "" "" "File not found: msapsspc.dll"
+ "msnsspc.dll" "" "" "File not found: msnsspc.dll"

#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:48 PM

Posted 16 November 2012 - 09:58 PM

Any issues?
Open autoruns and un-tick the item below and reboot.
+ ".dll꼵س�ࠀ犾(" "" "" "File not found: .dll꼵س�ࠀ犾("

#14 grog5150

grog5150
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 16 November 2012 - 10:12 PM

Unticked, and rebooted. Unfortunately, I am still getting "host process for Windows services has stopped working and was closed" message, with same "double" border in IE

#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:48 PM

Posted 16 November 2012 - 10:21 PM

Open an elevated command prompt then copy and paste the following one at a time hitting enter after each.
Click on All Programs and Accessories, then right click on Command Prompt and click on Run as administrator.

cd C:\windows\system32\drivers\etc

takeown /a /f hosts

cacls hosts /p everyone:f

Reply Y Then copy and paste the text below hitting enter after.

attrib -s -h -r hosts

Close the command prompt window.

Go here and run the fix it for the hosts file,as admin.
http://support.microsoft.com/kb/972034

Open your device manager then left click your network adapters then right click and select uninstall for your LAn driver.
Reboot your machine.

Hit start
Control Panel
NetWork & Sharing Center
Manage Network Connections
Right Click Your Connection
Select Properties
Un-Check Ipv6
Select ok





Run the Fix it below this remove the Tunnel Adapters from your machine.
http://go.microsoft.com/?linkid=9728872

Set your Dns To open dns or google dns.
http://theos.in/windows-xp/free-fast-public-dns-server-list/



Open Elevated Command Prompt Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.Now type or copy and paste the commands below one at a time hitting enter after each.

ipconfig /flushdns

ipconfig /registerdns

net stop "dns client"

net start "dns client"
netsh int ipv4 reset reset.log

nbtstat -R

nbtstat -RR

netsh winsock reset catalog

Exit

Restart computer.



Download the Emsisoft Emergency Kit
http://www.emsisoft.com/en/software/eek/download/
http://www.emsisoft.com/en/software/eek/

Right click it and extract to your desktop.Double click the New Folder that is created on your desktop
Then right click and run as admin xp users double click on the Start.exe button to launch the program Click on the Emergency Scanner Option
if you see a Windows message asking if you would like EmergencyScanner.bat to run, please allow it to do so by clicking on the Run or Yes buttons.
proceed with the updates,
When it is done, click on the Back to Security Status link.
Then Select the Deep Scan button. Then hit the Scan Button.
After the scan is finished quarantine any found threats and then reboot your machine.
Post the log.

Edited by InadequateInfirmity, 16 November 2012 - 10:25 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users