Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Several infections, already ran Malwarebytes, SUPERantispyware, and AVG in safemode


  • Please log in to reply
9 replies to this topic

#1 VOLBEAT

VOLBEAT

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 17 November 2012 - 12:05 PM

Hello! I have a Windows 7 laptop that has become heavily infected and I cannot seem to remove all of the threats. I've updated Windows, AVG, Malwarebytes, and SUPERantispyware then ran each in safe mode; however, there were several threats that could not be fixed. Please let me know what I can do to help you help me. Thanks!

Mike

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:48 AM

Posted 17 November 2012 - 12:19 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 VOLBEAT

VOLBEAT
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 17 November 2012 - 05:59 PM

As requested, here are the logs, in order. It seems only ESET found anything, which were 3 things; however, when I ran all of the programs that I did before making a post here, AVG was the last one I ran and there were a whole lot of issues that it said it couldn't fix. I guess what I am concerned is that its more than just these 3 things, and maybe you will get to that, but I just want to make sure. Thank you so much for the quick respond and help. I will be looking forward to hearing from you!

TDSSKILLER:

12:47:22.0068 5336 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:47:22.0395 5336 ============================================================
12:47:22.0395 5336 Current date / time: 2012/11/17 12:47:22.0395
12:47:22.0395 5336 SystemInfo:
12:47:22.0395 5336
12:47:22.0395 5336 OS Version: 6.1.7601 ServicePack: 1.0
12:47:22.0395 5336 Product type: Workstation
12:47:22.0395 5336 ComputerName: HPLAPTOP
12:47:22.0395 5336 UserName: david
12:47:22.0395 5336 Windows directory: C:\Windows
12:47:22.0395 5336 System windows directory: C:\Windows
12:47:22.0395 5336 Running under WOW64
12:47:22.0395 5336 Processor architecture: Intel x64
12:47:22.0395 5336 Number of processors: 8
12:47:22.0395 5336 Page size: 0x1000
12:47:22.0395 5336 Boot type: Normal boot
12:47:22.0395 5336 ============================================================
12:47:32.0535 5336 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:47:32.0551 5336 ============================================================
12:47:32.0551 5336 \Device\Harddisk0\DR0:
12:47:32.0566 5336 MBR partitions:
12:47:32.0566 5336 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
12:47:32.0566 5336 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x384DC000
12:47:32.0566 5336 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38540000, BlocksNum 0x1E12000
12:47:32.0566 5336 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
12:47:32.0566 5336 ============================================================
12:47:32.0660 5336 C: <-> \Device\Harddisk0\DR0\Partition2
12:47:32.0722 5336 D: <-> \Device\Harddisk0\DR0\Partition3
12:47:32.0722 5336 ============================================================
12:47:32.0722 5336 Initialize success
12:47:32.0722 5336 ============================================================
12:47:35.0000 3476 ============================================================
12:47:35.0000 3476 Scan started
12:47:35.0000 3476 Mode: Manual;
12:47:35.0000 3476 ============================================================
12:47:36.0763 3476 ================ Scan system memory ========================
12:47:36.0763 3476 Scan interrupted by user!
12:47:36.0763 3476 ================ Scan services =============================
12:47:36.0825 3476 Scan interrupted by user!
12:47:36.0825 3476 ================ Scan global ===============================
12:47:36.0825 3476 Scan interrupted by user!
12:47:36.0825 3476 ================ Scan MBR ==================================
12:47:36.0825 3476 Scan interrupted by user!
12:47:36.0825 3476 ================ Scan VBR ==================================
12:47:36.0825 3476 Scan interrupted by user!
12:47:36.0825 3476 ============================================================
12:47:36.0825 3476 Scan finished
12:47:36.0825 3476 ============================================================
12:47:36.0841 5292 Detected object count: 0
12:47:36.0841 5292 Actual detected object count: 0
12:47:42.0176 5100 ============================================================
12:47:42.0176 5100 Scan started
12:47:42.0176 5100 Mode: Manual; TDLFS;
12:47:42.0176 5100 ============================================================
12:47:42.0753 5100 ================ Scan system memory ========================
12:47:42.0753 5100 System memory - ok
12:47:42.0753 5100 ================ Scan services =============================
12:47:42.0831 5100 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:47:42.0831 5100 !SASCORE - ok
12:47:43.0143 5100 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:47:43.0143 5100 1394ohci - ok
12:47:43.0190 5100 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
12:47:43.0190 5100 Accelerometer - ok
12:47:43.0237 5100 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:47:43.0237 5100 ACPI - ok
12:47:43.0252 5100 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:47:43.0252 5100 AcpiPmi - ok
12:47:43.0440 5100 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:47:43.0440 5100 AdobeFlashPlayerUpdateSvc - ok
12:47:43.0533 5100 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:47:43.0533 5100 adp94xx - ok
12:47:43.0611 5100 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:47:43.0611 5100 adpahci - ok
12:47:43.0627 5100 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:47:43.0627 5100 adpu320 - ok
12:47:43.0658 5100 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:47:43.0658 5100 AeLookupSvc - ok
12:47:43.0814 5100 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
12:47:43.0814 5100 AESTFilters - ok
12:47:43.0861 5100 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:47:43.0876 5100 AFD - ok
12:47:43.0923 5100 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
12:47:43.0923 5100 AgereModemAudio - ok
12:47:43.0954 5100 [ C98356D813B581E9C425B42A5D146CE0 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
12:47:43.0986 5100 AgereSoftModem - ok
12:47:44.0032 5100 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:47:44.0032 5100 agp440 - ok
12:47:44.0235 5100 Akamai - ok
12:47:44.0266 5100 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:47:44.0266 5100 ALG - ok
12:47:44.0313 5100 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:47:44.0313 5100 aliide - ok
12:47:44.0313 5100 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:47:44.0329 5100 amdide - ok
12:47:44.0360 5100 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:47:44.0376 5100 AmdK8 - ok
12:47:44.0376 5100 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:47:44.0391 5100 AmdPPM - ok
12:47:44.0422 5100 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:47:44.0422 5100 amdsata - ok
12:47:44.0454 5100 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:47:44.0454 5100 amdsbs - ok
12:47:44.0485 5100 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:47:44.0485 5100 amdxata - ok
12:47:44.0532 5100 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:47:44.0532 5100 AppID - ok
12:47:44.0547 5100 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:47:44.0547 5100 AppIDSvc - ok
12:47:44.0610 5100 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:47:44.0625 5100 Appinfo - ok
12:47:44.0719 5100 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:47:44.0719 5100 Apple Mobile Device - ok
12:47:44.0781 5100 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:47:44.0781 5100 arc - ok
12:47:44.0828 5100 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:47:44.0828 5100 arcsas - ok
12:47:45.0140 5100 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:47:45.0171 5100 aspnet_state - ok
12:47:45.0234 5100 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:47:45.0234 5100 AsyncMac - ok
12:47:45.0296 5100 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:47:45.0296 5100 atapi - ok
12:47:45.0374 5100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:47:45.0374 5100 AudioEndpointBuilder - ok
12:47:45.0405 5100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:47:45.0405 5100 AudioSrv - ok
12:47:45.0702 5100 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
12:47:45.0733 5100 AVGIDSAgent - ok
12:47:45.0858 5100 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
12:47:45.0858 5100 AVGIDSDriver - ok
12:47:45.0889 5100 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
12:47:45.0889 5100 AVGIDSHA - ok
12:47:45.0967 5100 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
12:47:45.0967 5100 Avgldx64 - ok
12:47:46.0029 5100 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
12:47:46.0045 5100 Avgloga - ok
12:47:46.0092 5100 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
12:47:46.0092 5100 Avgmfx64 - ok
12:47:46.0138 5100 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
12:47:46.0138 5100 Avgrkx64 - ok
12:47:46.0185 5100 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
12:47:46.0185 5100 Avgtdia - ok
12:47:46.0263 5100 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
12:47:46.0263 5100 avgwd - ok
12:47:46.0310 5100 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:47:46.0310 5100 AxInstSV - ok
12:47:46.0357 5100 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:47:46.0372 5100 b06bdrv - ok
12:47:46.0419 5100 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:47:46.0419 5100 b57nd60a - ok
12:47:46.0482 5100 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:47:46.0482 5100 BDESVC - ok
12:47:46.0482 5100 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:47:46.0482 5100 Beep - ok
12:47:46.0544 5100 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:47:46.0560 5100 BFE - ok
12:47:46.0591 5100 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:47:46.0622 5100 BITS - ok
12:47:46.0653 5100 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:47:46.0653 5100 blbdrive - ok
12:47:46.0825 5100 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
12:47:46.0825 5100 Bonjour Service - ok
12:47:46.0856 5100 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:47:46.0856 5100 bowser - ok
12:47:46.0903 5100 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:47:46.0918 5100 BrFiltLo - ok
12:47:46.0918 5100 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:47:46.0934 5100 BrFiltUp - ok
12:47:46.0996 5100 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:47:46.0996 5100 Browser - ok
12:47:47.0028 5100 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:47:47.0028 5100 Brserid - ok
12:47:47.0043 5100 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:47:47.0043 5100 BrSerWdm - ok
12:47:47.0059 5100 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:47:47.0059 5100 BrUsbMdm - ok
12:47:47.0059 5100 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:47:47.0074 5100 BrUsbSer - ok
12:47:47.0090 5100 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:47:47.0090 5100 BTHMODEM - ok
12:47:47.0137 5100 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:47:47.0152 5100 bthserv - ok
12:47:47.0184 5100 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:47:47.0184 5100 cdfs - ok
12:47:47.0262 5100 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:47:47.0262 5100 cdrom - ok
12:47:47.0324 5100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:47:47.0324 5100 CertPropSvc - ok
12:47:47.0355 5100 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:47:47.0355 5100 circlass - ok
12:47:47.0386 5100 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:47:47.0386 5100 CLFS - ok
12:47:47.0464 5100 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:47:47.0480 5100 clr_optimization_v2.0.50727_32 - ok
12:47:47.0511 5100 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:47:47.0527 5100 clr_optimization_v2.0.50727_64 - ok
12:47:47.0620 5100 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:47:47.0870 5100 clr_optimization_v4.0.30319_32 - ok
12:47:47.0901 5100 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:47:47.0979 5100 clr_optimization_v4.0.30319_64 - ok
12:47:48.0026 5100 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:47:48.0026 5100 CmBatt - ok
12:47:48.0042 5100 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:47:48.0042 5100 cmdide - ok
12:47:48.0120 5100 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
12:47:48.0120 5100 CNG - ok
12:47:48.0182 5100 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:47:48.0182 5100 Compbatt - ok
12:47:48.0276 5100 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:47:48.0276 5100 CompositeBus - ok
12:47:48.0307 5100 COMSysApp - ok
12:47:48.0338 5100 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:47:48.0338 5100 crcdisk - ok
12:47:48.0400 5100 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:47:48.0400 5100 CryptSvc - ok
12:47:48.0556 5100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:47:48.0556 5100 DcomLaunch - ok
12:47:48.0634 5100 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:47:48.0650 5100 defragsvc - ok
12:47:48.0697 5100 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:47:48.0712 5100 DfsC - ok
12:47:48.0822 5100 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:47:48.0822 5100 Dhcp - ok
12:47:48.0868 5100 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:47:48.0884 5100 discache - ok
12:47:48.0946 5100 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:47:48.0946 5100 Disk - ok
12:47:49.0024 5100 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:47:49.0024 5100 Dnscache - ok
12:47:49.0087 5100 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:47:49.0087 5100 dot3svc - ok
12:47:49.0149 5100 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:47:49.0149 5100 DPS - ok
12:47:49.0212 5100 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:47:49.0227 5100 drmkaud - ok
12:47:49.0290 5100 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:47:49.0305 5100 DXGKrnl - ok
12:47:49.0336 5100 EagleX64 - ok
12:47:49.0414 5100 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:47:49.0414 5100 EapHost - ok
12:47:49.0726 5100 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:47:49.0789 5100 ebdrv - ok
12:47:49.0820 5100 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:47:49.0836 5100 EFS - ok
12:47:50.0051 5100 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:47:50.0076 5100 ehRecvr - ok
12:47:50.0103 5100 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:47:50.0106 5100 ehSched - ok
12:47:50.0197 5100 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:47:50.0201 5100 elxstor - ok
12:47:50.0245 5100 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
12:47:50.0248 5100 enecir - ok
12:47:50.0291 5100 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:47:50.0295 5100 ErrDev - ok
12:47:50.0375 5100 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:47:50.0380 5100 EventSystem - ok
12:47:50.0460 5100 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:47:50.0470 5100 exfat - ok
12:47:50.0488 5100 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:47:50.0493 5100 fastfat - ok
12:47:50.0650 5100 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:47:50.0699 5100 Fax - ok
12:47:50.0772 5100 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:47:50.0775 5100 fdc - ok
12:47:50.0820 5100 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:47:50.0823 5100 fdPHost - ok
12:47:50.0856 5100 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:47:50.0858 5100 FDResPub - ok
12:47:50.0909 5100 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:47:50.0911 5100 FileInfo - ok
12:47:50.0935 5100 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:47:50.0942 5100 Filetrace - ok
12:47:51.0012 5100 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:47:51.0012 5100 flpydisk - ok
12:47:51.0059 5100 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:47:51.0075 5100 FltMgr - ok
12:47:51.0356 5100 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:47:51.0402 5100 FontCache - ok
12:47:51.0574 5100 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:47:51.0574 5100 FontCache3.0.0.0 - ok
12:47:51.0605 5100 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:47:51.0605 5100 FsDepends - ok
12:47:51.0699 5100 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:47:51.0714 5100 fssfltr - ok
12:47:52.0042 5100 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:47:52.0104 5100 fsssvc - ok
12:47:52.0167 5100 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:47:52.0167 5100 Fs_Rec - ok
12:47:52.0292 5100 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:47:52.0292 5100 fvevol - ok
12:47:52.0338 5100 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:47:52.0354 5100 gagp30kx - ok
12:47:52.0401 5100 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:47:52.0401 5100 GEARAspiWDM - ok
12:47:52.0448 5100 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:47:52.0448 5100 gpsvc - ok
12:47:52.0578 5100 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1cad5f965529a7d C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:47:52.0578 5100 gupdate1cad5f965529a7d - ok
12:47:52.0628 5100 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:47:52.0628 5100 gupdatem - ok
12:47:52.0658 5100 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:47:52.0658 5100 hcw85cir - ok
12:47:52.0708 5100 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:47:52.0718 5100 HdAudAddService - ok
12:47:52.0788 5100 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:47:52.0788 5100 HDAudBus - ok
12:47:52.0818 5100 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:47:52.0818 5100 HidBatt - ok
12:47:52.0838 5100 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:47:52.0848 5100 HidBth - ok
12:47:52.0938 5100 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:47:52.0938 5100 HidIr - ok
12:47:52.0998 5100 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:47:52.0998 5100 hidserv - ok
12:47:53.0068 5100 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:47:53.0078 5100 HidUsb - ok
12:47:53.0098 5100 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:47:53.0108 5100 hkmsvc - ok
12:47:53.0188 5100 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:47:53.0208 5100 HomeGroupListener - ok
12:47:53.0258 5100 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:47:53.0268 5100 HomeGroupProvider - ok
12:47:53.0391 5100 HP Support Assistant Service - ok
12:47:53.0500 5100 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
12:47:53.0500 5100 hpdskflt - ok
12:47:53.0578 5100 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
12:47:53.0578 5100 HpqKbFiltr - ok
12:47:53.0781 5100 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
12:47:53.0828 5100 hpqwmiex - ok
12:47:53.0928 5100 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:47:53.0929 5100 HpSAMD - ok
12:47:54.0045 5100 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
12:47:54.0046 5100 hpsrv - ok
12:47:54.0156 5100 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:47:54.0160 5100 HTTP - ok
12:47:54.0227 5100 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:47:54.0228 5100 hwpolicy - ok
12:47:54.0321 5100 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:47:54.0327 5100 i8042prt - ok
12:47:54.0637 5100 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:47:54.0641 5100 iaStor - ok
12:47:54.0673 5100 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:47:54.0675 5100 iaStorV - ok
12:47:54.0783 5100 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT c:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:47:54.0803 5100 IDriverT - ok
12:47:54.0864 5100 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:47:54.0889 5100 idsvc - ok
12:47:55.0032 5100 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:47:55.0182 5100 igfx - ok
12:47:55.0259 5100 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:47:55.0261 5100 iirsp - ok
12:47:55.0318 5100 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:47:55.0352 5100 IKEEXT - ok
12:47:55.0408 5100 [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
12:47:55.0415 5100 Impcd - ok
12:47:55.0450 5100 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:47:55.0451 5100 intelide - ok
12:47:55.0485 5100 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:47:55.0487 5100 intelppm - ok
12:47:55.0509 5100 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:47:55.0515 5100 IPBusEnum - ok
12:47:55.0543 5100 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:47:55.0546 5100 IpFilterDriver - ok
12:47:55.0581 5100 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:47:55.0591 5100 iphlpsvc - ok
12:47:55.0626 5100 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:47:55.0630 5100 IPMIDRV - ok
12:47:55.0659 5100 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:47:55.0663 5100 IPNAT - ok
12:47:55.0752 5100 [ D38469601B72D2DA4F847FC642174E21 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:47:55.0781 5100 iPod Service - ok
12:47:55.0820 5100 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:47:55.0823 5100 IRENUM - ok
12:47:55.0854 5100 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:47:55.0856 5100 isapnp - ok
12:47:55.0883 5100 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:47:55.0939 5100 iScsiPrt - ok
12:47:55.0996 5100 [ F8844B00C10E386C704C610E95A9847D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
12:47:55.0998 5100 JMCR - ok
12:47:56.0029 5100 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:47:56.0029 5100 kbdclass - ok
12:47:56.0102 5100 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:47:56.0105 5100 kbdhid - ok
12:47:56.0146 5100 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:47:56.0149 5100 KeyIso - ok
12:47:56.0191 5100 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:47:56.0193 5100 KSecDD - ok
12:47:56.0223 5100 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:47:56.0226 5100 KSecPkg - ok
12:47:56.0242 5100 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:47:56.0245 5100 ksthunk - ok
12:47:56.0275 5100 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:47:56.0291 5100 KtmRm - ok
12:47:56.0322 5100 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:47:56.0327 5100 LanmanServer - ok
12:47:56.0363 5100 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:47:56.0365 5100 LanmanWorkstation - ok
12:47:56.0425 5100 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:47:56.0425 5100 lltdio - ok
12:47:56.0458 5100 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:47:56.0467 5100 lltdsvc - ok
12:47:56.0487 5100 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:47:56.0488 5100 lmhosts - ok
12:47:56.0537 5100 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:47:56.0539 5100 LSI_FC - ok
12:47:56.0548 5100 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:47:56.0550 5100 LSI_SAS - ok
12:47:56.0562 5100 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:47:56.0564 5100 LSI_SAS2 - ok
12:47:56.0591 5100 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:47:56.0593 5100 LSI_SCSI - ok
12:47:56.0639 5100 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:47:56.0641 5100 luafv - ok
12:47:56.0724 5100 [ 859E5A32485178DAECA06B52E2BB44B2 ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
12:47:56.0729 5100 McciCMService64 - ok
12:47:56.0751 5100 MCSTRM - ok
12:47:56.0787 5100 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:47:56.0791 5100 Mcx2Svc - ok
12:47:56.0814 5100 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:47:56.0815 5100 megasas - ok
12:47:56.0862 5100 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:47:56.0863 5100 MegaSR - ok
12:47:56.0886 5100 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:47:56.0888 5100 MMCSS - ok
12:47:56.0908 5100 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:47:56.0911 5100 Modem - ok
12:47:56.0941 5100 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:47:56.0942 5100 monitor - ok
12:47:56.0982 5100 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:47:56.0983 5100 mouclass - ok
12:47:57.0036 5100 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:47:57.0038 5100 mouhid - ok
12:47:57.0069 5100 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:47:57.0085 5100 mountmgr - ok
12:47:57.0125 5100 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:47:57.0128 5100 mpio - ok
12:47:57.0144 5100 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:47:57.0146 5100 mpsdrv - ok
12:47:57.0198 5100 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:47:57.0206 5100 MpsSvc - ok
12:47:57.0247 5100 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:47:57.0252 5100 MRxDAV - ok
12:47:57.0286 5100 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:47:57.0289 5100 mrxsmb - ok
12:47:57.0331 5100 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:47:57.0334 5100 mrxsmb10 - ok
12:47:57.0344 5100 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:47:57.0346 5100 mrxsmb20 - ok
12:47:57.0379 5100 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:47:57.0380 5100 msahci - ok
12:47:57.0443 5100 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:47:57.0445 5100 msdsm - ok
12:47:57.0457 5100 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:47:57.0463 5100 MSDTC - ok
12:47:57.0520 5100 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:47:57.0524 5100 Msfs - ok
12:47:57.0556 5100 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:47:57.0559 5100 mshidkmdf - ok
12:47:57.0577 5100 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:47:57.0578 5100 msisadrv - ok
12:47:57.0613 5100 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:47:57.0620 5100 MSiSCSI - ok
12:47:57.0625 5100 msiserver - ok
12:47:57.0661 5100 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:47:57.0663 5100 MSKSSRV - ok
12:47:57.0677 5100 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:47:57.0679 5100 MSPCLOCK - ok
12:47:57.0693 5100 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:47:57.0696 5100 MSPQM - ok
12:47:57.0731 5100 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:47:57.0734 5100 MsRPC - ok
12:47:57.0750 5100 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:47:57.0751 5100 mssmbios - ok
12:47:57.0762 5100 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:47:57.0764 5100 MSTEE - ok
12:47:57.0786 5100 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:47:57.0788 5100 MTConfig - ok
12:47:57.0803 5100 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:47:57.0804 5100 Mup - ok
12:47:57.0828 5100 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:47:57.0852 5100 napagent - ok
12:47:57.0892 5100 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:47:57.0894 5100 NativeWifiP - ok
12:47:57.0951 5100 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:47:57.0955 5100 NDIS - ok
12:47:57.0990 5100 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:47:57.0992 5100 NdisCap - ok
12:47:58.0028 5100 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:47:58.0031 5100 NdisTapi - ok
12:47:58.0072 5100 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:47:58.0074 5100 Ndisuio - ok
12:47:58.0109 5100 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:47:58.0109 5100 NdisWan - ok
12:47:58.0140 5100 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:47:58.0140 5100 NDProxy - ok
12:47:58.0166 5100 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:47:58.0169 5100 NetBIOS - ok
12:47:58.0231 5100 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:47:58.0238 5100 NetBT - ok
12:47:58.0267 5100 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:47:58.0269 5100 Netlogon - ok
12:47:58.0311 5100 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:47:58.0328 5100 Netman - ok
12:47:58.0399 5100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:47:58.0449 5100 NetMsmqActivator - ok
12:47:58.0489 5100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:47:58.0492 5100 NetPipeActivator - ok
12:47:58.0519 5100 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:47:58.0539 5100 netprofm - ok
12:47:58.0580 5100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:47:58.0583 5100 NetTcpActivator - ok
12:47:58.0597 5100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:47:58.0599 5100 NetTcpPortSharing - ok
12:47:58.0810 5100 [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
12:47:58.0979 5100 NETw5s64 - ok
12:47:59.0112 5100 [ D68DE412A3243F8D57DDB814AA509813 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
12:47:59.0235 5100 netw5v64 - ok
12:47:59.0427 5100 [ EB43840BABF5589E33186D094DE7381D ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
12:47:59.0598 5100 NETwNs64 - ok
12:47:59.0651 5100 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:47:59.0653 5100 nfrd960 - ok
12:47:59.0701 5100 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:47:59.0707 5100 NlaSvc - ok
12:47:59.0731 5100 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:47:59.0734 5100 Npfs - ok
12:47:59.0758 5100 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:47:59.0761 5100 nsi - ok
12:47:59.0771 5100 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:47:59.0776 5100 nsiproxy - ok
12:47:59.0846 5100 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:47:59.0862 5100 Ntfs - ok
12:47:59.0879 5100 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:47:59.0881 5100 Null - ok
12:47:59.0919 5100 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:47:59.0920 5100 NVHDA - ok
12:48:00.0167 5100 [ 9FC53830053787FAD2078F39D3AB68DC ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:48:00.0216 5100 nvlddmkm - ok
12:48:00.0283 5100 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:48:00.0286 5100 nvraid - ok
12:48:00.0328 5100 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:48:00.0330 5100 nvstor - ok
12:48:00.0392 5100 [ 9943F143D62C6A546C0995FEAE4B4784 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:48:00.0402 5100 nvsvc - ok
12:48:00.0514 5100 [ 6C2D25F82671D8AEF9F717FD17821C3B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
12:48:00.0580 5100 nvUpdatusService - ok
12:48:00.0617 5100 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:48:00.0622 5100 nv_agp - ok
12:48:00.0657 5100 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:48:00.0667 5100 ohci1394 - ok
12:48:00.0715 5100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:48:00.0729 5100 p2pimsvc - ok
12:48:00.0770 5100 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:48:00.0780 5100 p2psvc - ok
12:48:00.0811 5100 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:48:00.0818 5100 Parport - ok
12:48:00.0893 5100 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:48:00.0895 5100 partmgr - ok
12:48:00.0946 5100 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:48:00.0950 5100 PcaSvc - ok
12:48:01.0011 5100 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:48:01.0015 5100 pci - ok
12:48:01.0054 5100 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:48:01.0055 5100 pciide - ok
12:48:01.0116 5100 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:48:01.0141 5100 pcmcia - ok
12:48:01.0174 5100 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:48:01.0176 5100 pcw - ok
12:48:01.0233 5100 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:48:01.0249 5100 PEAUTH - ok
12:48:01.0667 5100 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:48:01.0671 5100 PerfHost - ok
12:48:01.0735 5100 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:48:01.0793 5100 pla - ok
12:48:01.0856 5100 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:48:01.0863 5100 PlugPlay - ok
12:48:01.0884 5100 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:48:01.0888 5100 PNRPAutoReg - ok
12:48:01.0902 5100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:48:01.0906 5100 PNRPsvc - ok
12:48:01.0931 5100 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:48:01.0948 5100 PolicyAgent - ok
12:48:01.0969 5100 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:48:01.0972 5100 Power - ok
12:48:02.0005 5100 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:48:02.0009 5100 PptpMiniport - ok
12:48:02.0032 5100 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:48:02.0036 5100 Processor - ok
12:48:02.0069 5100 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:48:02.0072 5100 ProfSvc - ok
12:48:02.0087 5100 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:48:02.0088 5100 ProtectedStorage - ok
12:48:02.0134 5100 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:48:02.0138 5100 Psched - ok
12:48:02.0279 5100 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:48:02.0286 5100 ql2300 - ok
12:48:02.0314 5100 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:48:02.0315 5100 ql40xx - ok
12:48:02.0340 5100 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:48:02.0346 5100 QWAVE - ok
12:48:02.0369 5100 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:48:02.0372 5100 QWAVEdrv - ok
12:48:02.0424 5100 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
12:48:02.0430 5100 RapiMgr - ok
12:48:02.0448 5100 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:48:02.0450 5100 RasAcd - ok
12:48:02.0463 5100 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:48:02.0466 5100 RasAgileVpn - ok
12:48:02.0482 5100 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:48:02.0486 5100 RasAuto - ok
12:48:02.0514 5100 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:48:02.0518 5100 Rasl2tp - ok
12:48:02.0564 5100 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:48:02.0572 5100 RasMan - ok
12:48:02.0582 5100 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:48:02.0585 5100 RasPppoe - ok
12:48:02.0598 5100 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:48:02.0601 5100 RasSstp - ok
12:48:02.0642 5100 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:48:02.0649 5100 rdbss - ok
12:48:02.0666 5100 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:48:02.0669 5100 rdpbus - ok
12:48:02.0681 5100 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:48:02.0684 5100 RDPCDD - ok
12:48:02.0696 5100 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:48:02.0698 5100 RDPENCDD - ok
12:48:02.0711 5100 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:48:02.0714 5100 RDPREFMP - ok
12:48:02.0787 5100 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:48:02.0790 5100 RdpVideoMiniport - ok
12:48:02.0820 5100 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:48:02.0825 5100 RDPWD - ok
12:48:02.0861 5100 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:48:02.0865 5100 rdyboost - ok
12:48:02.0879 5100 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:48:02.0883 5100 RemoteAccess - ok
12:48:02.0906 5100 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:48:02.0911 5100 RemoteRegistry - ok
12:48:02.0921 5100 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:48:02.0924 5100 RpcEptMapper - ok
12:48:02.0948 5100 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:48:02.0952 5100 RpcLocator - ok
12:48:02.0988 5100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:48:02.0992 5100 RpcSs - ok
12:48:03.0052 5100 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:48:03.0054 5100 rspndr - ok
12:48:03.0128 5100 [ FE61B0B4AA58C3BD3DFA6279131F7F53 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:48:03.0135 5100 RTL8167 - ok
12:48:03.0143 5100 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:48:03.0144 5100 SamSs - ok
12:48:03.0241 5100 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:48:03.0242 5100 SASDIFSV - ok
12:48:03.0279 5100 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:48:03.0280 5100 SASKUTIL - ok
12:48:03.0312 5100 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:48:03.0315 5100 sbp2port - ok
12:48:03.0412 5100 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
12:48:03.0438 5100 SBSDWSCService - ok
12:48:03.0463 5100 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:48:03.0468 5100 SCardSvr - ok
12:48:03.0500 5100 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:48:03.0503 5100 scfilter - ok
12:48:03.0547 5100 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:48:03.0553 5100 Schedule - ok
12:48:03.0584 5100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:48:03.0584 5100 SCPolicySvc - ok
12:48:03.0637 5100 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:48:03.0644 5100 sdbus - ok
12:48:03.0733 5100 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:48:03.0740 5100 SDRSVC - ok
12:48:03.0780 5100 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:48:03.0780 5100 secdrv - ok
12:48:03.0794 5100 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:48:03.0797 5100 seclogon - ok
12:48:03.0845 5100 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:48:03.0846 5100 SENS - ok
12:48:03.0958 5100 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:48:03.0961 5100 SensrSvc - ok
12:48:04.0088 5100 [ 2CD118925F9CDF665F7C08AECD8177EF ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
12:48:04.0091 5100 Ser2pl - ok
12:48:04.0167 5100 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:48:04.0172 5100 Serenum - ok
12:48:04.0214 5100 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:48:04.0221 5100 Serial - ok
12:48:04.0281 5100 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:48:04.0284 5100 sermouse - ok
12:48:04.0331 5100 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:48:04.0337 5100 SessionEnv - ok
12:48:04.0386 5100 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:48:04.0392 5100 sffdisk - ok
12:48:04.0421 5100 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:48:04.0424 5100 sffp_mmc - ok
12:48:04.0447 5100 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:48:04.0455 5100 sffp_sd - ok
12:48:04.0502 5100 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:48:04.0505 5100 sfloppy - ok
12:48:04.0563 5100 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:48:04.0576 5100 SharedAccess - ok
12:48:04.0648 5100 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:48:04.0652 5100 ShellHWDetection - ok
12:48:04.0768 5100 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:48:04.0769 5100 SiSRaid2 - ok
12:48:04.0830 5100 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:48:04.0831 5100 SiSRaid4 - ok
12:48:05.0032 5100 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:48:05.0036 5100 Smb - ok
12:48:05.0162 5100 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:48:05.0163 5100 SNMPTRAP - ok
12:48:05.0178 5100 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:48:05.0179 5100 spldr - ok
12:48:05.0315 5100 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:48:05.0322 5100 Spooler - ok
12:48:06.0004 5100 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:48:06.0105 5100 sppsvc - ok
12:48:06.0162 5100 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:48:06.0180 5100 sppuinotify - ok
12:48:06.0402 5100 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:48:06.0443 5100 srv - ok
12:48:06.0508 5100 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:48:06.0531 5100 srv2 - ok
12:48:06.0596 5100 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
12:48:06.0600 5100 SrvHsfHDA - ok
12:48:06.0809 5100 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
12:48:06.0869 5100 SrvHsfV92 - ok
12:48:07.0015 5100 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
12:48:07.0071 5100 SrvHsfWinac - ok
12:48:07.0159 5100 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:48:07.0162 5100 srvnet - ok
12:48:07.0255 5100 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:48:07.0262 5100 SSDPSRV - ok
12:48:07.0282 5100 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:48:07.0289 5100 SstpSvc - ok
12:48:07.0962 5100 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
12:48:07.0967 5100 STacSV - ok
12:48:08.0074 5100 Steam Client Service - ok
12:48:08.0100 5100 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:48:08.0101 5100 stexstor - ok
12:48:08.0204 5100 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:48:08.0226 5100 STHDA - ok
12:48:08.0436 5100 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:48:08.0461 5100 stisvc - ok
12:48:08.0500 5100 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:48:08.0500 5100 swenum - ok
12:48:08.0560 5100 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:48:08.0590 5100 swprv - ok
12:48:08.0703 5100 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:48:08.0709 5100 SynTP - ok
12:48:08.0774 5100 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:48:08.0787 5100 SysMain - ok
12:48:08.0934 5100 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:48:08.0943 5100 TabletInputService - ok
12:48:09.0005 5100 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:48:09.0011 5100 TapiSrv - ok
12:48:09.0060 5100 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:48:09.0062 5100 TBS - ok
12:48:09.0215 5100 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:48:09.0227 5100 Tcpip - ok
12:48:09.0379 5100 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:48:09.0390 5100 TCPIP6 - ok
12:48:09.0449 5100 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:48:09.0451 5100 tcpipreg - ok
12:48:09.0483 5100 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:48:09.0486 5100 TDPIPE - ok
12:48:09.0540 5100 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:48:09.0544 5100 TDTCP - ok
12:48:09.0609 5100 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:48:09.0616 5100 tdx - ok
12:48:09.0681 5100 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:48:09.0683 5100 TermDD - ok
12:48:09.0823 5100 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:48:09.0839 5100 TermService - ok
12:48:09.0913 5100 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:48:09.0915 5100 Themes - ok
12:48:09.0964 5100 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:48:09.0965 5100 THREADORDER - ok
12:48:09.0989 5100 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:48:09.0994 5100 TrkWks - ok
12:48:10.0060 5100 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:48:10.0064 5100 TrustedInstaller - ok
12:48:10.0123 5100 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:48:10.0130 5100 tssecsrv - ok
12:48:10.0192 5100 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:48:10.0195 5100 TsUsbFlt - ok
12:48:10.0256 5100 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:48:10.0259 5100 tunnel - ok
12:48:10.0307 5100 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:48:10.0312 5100 uagp35 - ok
12:48:10.0340 5100 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:48:10.0349 5100 udfs - ok
12:48:10.0392 5100 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:48:10.0398 5100 UI0Detect - ok
12:48:10.0433 5100 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:48:10.0438 5100 uliagpkx - ok
12:48:10.0477 5100 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:48:10.0481 5100 umbus - ok
12:48:10.0501 5100 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:48:10.0504 5100 UmPass - ok
12:48:10.0531 5100 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:48:10.0547 5100 upnphost - ok
12:48:10.0592 5100 [ CD03479F2DA26500B203ED075C146A7A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:48:10.0596 5100 USBAAPL64 - ok
12:48:10.0616 5100 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:48:10.0621 5100 usbccgp - ok
12:48:10.0646 5100 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:48:10.0651 5100 usbcir - ok
12:48:10.0682 5100 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:48:10.0685 5100 usbehci - ok
12:48:10.0723 5100 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:48:10.0740 5100 usbhub - ok
12:48:10.0759 5100 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:48:10.0763 5100 usbohci - ok
12:48:10.0783 5100 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:48:10.0786 5100 usbprint - ok
12:48:10.0829 5100 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:48:10.0833 5100 usbscan - ok
12:48:10.0858 5100 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:48:10.0862 5100 USBSTOR - ok
12:48:10.0909 5100 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:48:10.0913 5100 usbuhci - ok
12:48:10.0957 5100 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:48:10.0963 5100 usbvideo - ok
12:48:10.0999 5100 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
12:48:11.0004 5100 usb_rndisx - ok
12:48:11.0034 5100 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:48:11.0038 5100 UxSms - ok
12:48:11.0047 5100 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:48:11.0049 5100 VaultSvc - ok
12:48:11.0057 5100 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:48:11.0059 5100 vdrvroot - ok
12:48:11.0101 5100 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:48:11.0142 5100 vds - ok
12:48:11.0185 5100 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:48:11.0187 5100 vga - ok
12:48:11.0213 5100 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:48:11.0218 5100 VgaSave - ok
12:48:11.0308 5100 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:48:11.0314 5100 vhdmp - ok
12:48:11.0336 5100 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:48:11.0337 5100 viaide - ok
12:48:11.0378 5100 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:48:11.0380 5100 volmgr - ok
12:48:11.0434 5100 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:48:11.0438 5100 volmgrx - ok
12:48:11.0474 5100 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:48:11.0488 5100 volsnap - ok
12:48:11.0582 5100 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:48:11.0584 5100 vsmraid - ok
12:48:11.0861 5100 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:48:11.0909 5100 VSS - ok
12:48:11.0937 5100 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:48:11.0940 5100 vwifibus - ok
12:48:11.0978 5100 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:48:11.0981 5100 vwififlt - ok
12:48:12.0021 5100 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:48:12.0022 5100 vwifimp - ok
12:48:12.0079 5100 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:48:12.0095 5100 W32Time - ok
12:48:12.0117 5100 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:48:12.0120 5100 WacomPen - ok
12:48:12.0171 5100 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:48:12.0175 5100 WANARP - ok
12:48:12.0194 5100 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:48:12.0196 5100 Wanarpv6 - ok
12:48:12.0340 5100 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:48:12.0371 5100 WatAdminSvc - ok
12:48:12.0440 5100 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:48:12.0490 5100 wbengine - ok
12:48:12.0524 5100 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:48:12.0541 5100 WbioSrvc - ok
12:48:12.0580 5100 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
12:48:12.0597 5100 WcesComm - ok
12:48:12.0675 5100 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:48:12.0706 5100 wcncsvc - ok
12:48:12.0737 5100 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:48:12.0743 5100 WcsPlugInService - ok
12:48:12.0781 5100 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:48:12.0782 5100 Wd - ok
12:48:12.0916 5100 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:48:12.0925 5100 Wdf01000 - ok
12:48:12.0971 5100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:48:12.0976 5100 WdiServiceHost - ok
12:48:12.0980 5100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:48:12.0983 5100 WdiSystemHost - ok
12:48:13.0036 5100 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:48:13.0061 5100 WebClient - ok
12:48:13.0087 5100 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:48:13.0096 5100 Wecsvc - ok
12:48:13.0119 5100 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:48:13.0124 5100 wercplsupport - ok
12:48:13.0170 5100 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:48:13.0176 5100 WerSvc - ok
12:48:13.0229 5100 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:48:13.0233 5100 WfpLwf - ok
12:48:13.0254 5100 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:48:13.0258 5100 WIMMount - ok
12:48:13.0289 5100 WinDefend - ok
12:48:13.0300 5100 WinHttpAutoProxySvc - ok
12:48:13.0377 5100 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:48:13.0385 5100 Winmgmt - ok
12:48:13.0572 5100 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:48:13.0649 5100 WinRM - ok
12:48:13.0815 5100 [ FE88B288356E7B47B74B13372ADD906D ] WINUSB C:\Windows\system32\drivers\WinUSB.SYS
12:48:13.0820 5100 WINUSB - ok
12:48:13.0964 5100 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:48:13.0978 5100 Wlansvc - ok
12:48:14.0189 5100 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:48:14.0192 5100 wlcrasvc - ok
12:48:14.0498 5100 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:48:14.0545 5100 wlidsvc - ok
12:48:14.0585 5100 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:48:14.0586 5100 WmiAcpi - ok
12:48:14.0619 5100 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:48:14.0624 5100 wmiApSrv - ok
12:48:14.0666 5100 WMPNetworkSvc - ok
12:48:14.0861 5100 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
12:48:14.0886 5100 WMZuneComm - ok
12:48:14.0905 5100 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:48:14.0912 5100 WPCSvc - ok
12:48:14.0960 5100 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:48:14.0969 5100 WPDBusEnum - ok
12:48:15.0005 5100 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:48:15.0008 5100 ws2ifsl - ok
12:48:15.0029 5100 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:48:15.0034 5100 wscsvc - ok
12:48:15.0037 5100 WSearch - ok
12:48:15.0141 5100 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:48:15.0200 5100 wuauserv - ok
12:48:15.0233 5100 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:48:15.0234 5100 WudfPf - ok
12:48:15.0275 5100 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:48:15.0280 5100 WUDFRd - ok
12:48:15.0298 5100 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:48:15.0300 5100 wudfsvc - ok
12:48:15.0349 5100 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:48:15.0356 5100 WwanSvc - ok
12:48:15.0438 5100 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:48:15.0455 5100 YahooAUService - ok
12:48:15.0508 5100 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
12:48:15.0514 5100 yukonw7 - ok
12:48:16.0177 5100 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
12:48:16.0352 5100 ZuneNetworkSvc - ok
12:48:16.0449 5100 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
12:48:16.0472 5100 ZuneWlanCfgSvc - ok
12:48:17.0310 5100 ================ Scan global ===============================
12:48:17.0345 5100 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:48:17.0391 5100 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:48:17.0401 5100 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:48:17.0425 5100 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:48:17.0491 5100 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:48:17.0494 5100 [Global] - ok
12:48:17.0495 5100 ================ Scan MBR ==================================
12:48:17.0503 5100 [ 59E8699D6ACAEA8EBB8A3ED243D39140 ] \Device\Harddisk0\DR0
12:48:18.0592 5100 \Device\Harddisk0\DR0 - ok
12:48:18.0592 5100 ================ Scan VBR ==================================
12:48:18.0634 5100 [ 6444A207E07A99C3C2A3126ED5C4FF88 ] \Device\Harddisk0\DR0\Partition1
12:48:18.0640 5100 \Device\Harddisk0\DR0\Partition1 - ok
12:48:18.0657 5100 [ D680981E1F6FB40CE05F846F9BA5970B ] \Device\Harddisk0\DR0\Partition2
12:48:18.0664 5100 \Device\Harddisk0\DR0\Partition2 - ok
12:48:18.0695 5100 [ 522D87448C7DE7925D193C382CD25872 ] \Device\Harddisk0\DR0\Partition3
12:48:18.0701 5100 \Device\Harddisk0\DR0\Partition3 - ok
12:48:18.0785 5100 [ 66C06C91C16CFADA6557028710950942 ] \Device\Harddisk0\DR0\Partition4
12:48:18.0793 5100 \Device\Harddisk0\DR0\Partition4 - ok
12:48:18.0794 5100 ============================================================
12:48:18.0794 5100 Scan finished
12:48:18.0794 5100 ============================================================
12:48:18.0814 3460 Detected object count: 0
12:48:18.0815 3460 Actual detected object count: 0
12:52:18.0297 5324 Deinitialize success

aswMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-17 12:53:58
-----------------------------
12:53:58.157 OS Version: Windows x64 6.1.7601 Service Pack 1
12:53:58.157 Number of processors: 8 586 0x1E05
12:53:58.158 ComputerName: HPLAPTOP UserName: david
12:53:59.827 Initialize success
12:59:49.650 AVAST engine defs: 12111700
13:00:40.454 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:00:40.461 Disk 0 Vendor: ST950042 0005 Size: 476940MB BusType: 3
13:00:40.496 Disk 0 MBR read successfully
13:00:40.502 Disk 0 MBR scan
13:00:40.512 Disk 0 unknown MBR code
13:00:40.567 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
13:00:40.589 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 461240 MB offset 409600
13:00:40.628 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15396 MB offset 945029120
13:00:40.685 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
13:00:40.727 Disk 0 scanning C:\Windows\system32\drivers
13:00:55.076 Service scanning
13:01:20.241 Modules scanning
13:01:20.262 Disk 0 trace - called modules:
13:01:20.621 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
13:01:20.633 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800712e790]
13:01:20.645 3 CLASSPNP.SYS[fffff8800117943f] -> nt!IofCallDriver -> [0xfffffa80070fda50]
13:01:20.653 5 hpdskflt.sys[fffff880023dd189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006342050]
13:01:23.288 AVAST engine scan C:\Windows
13:01:26.398 AVAST engine scan C:\Windows\system32
13:04:29.295 AVAST engine scan C:\Windows\system32\drivers
13:04:46.085 AVAST engine scan C:\Users\david
13:15:50.788 AVAST engine scan C:\ProgramData
13:17:44.518 Scan finished successfully
13:20:28.291 Disk 0 MBR has been saved successfully to "C:\Users\david\Desktop\MBR.dat"
13:20:28.300 The log file has been saved successfully to "C:\Users\david\Desktop\aswMBR.txt"


ESET:

C:\temp\6752737.Uninstall\Uninstall.exe a variant of Win32/InstallCore.AY application cleaned by deleting - quarantined
C:\temp\Temporary Internet Files\Content.IE5\TJK0BA7Z\video-rewardz_com[1].txt HTML/Fraud.BG trojan cleaned by deleting - quarantined
C:\Users\david\Downloads\MediaPlayerSetup.exe a variant of Win32/InstallCore.AY application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:48 AM

Posted 17 November 2012 - 06:25 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 VOLBEAT

VOLBEAT
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 17 November 2012 - 09:55 PM

Here are the logs. Thanks again!!

Malwarebytes:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.17.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
david :: HPLAPTOP [administrator]

11/17/2012 5:38:37 PM
mbam-log-2012-11-17 (17-38-37).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 621848
Time elapsed: 2 hour(s), 50 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox:

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by david (administrator) on 17-11-2012 at 20:32:11
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15279 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : hplaptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-24-D6-2B-8D-47
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-24-D6-2B-8D-46
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d877:53e6:6819:1f6a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.157(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, November 17, 2012 5:01:20 PM
Lease Expires . . . . . . . . . . : Sunday, November 18, 2012 5:01:24 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 301998843
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-6D-DB-43-00-26-9E-70-C6-26
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-26-9E-70-C6-26
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:107a:e8d:3f57:fe62(Preferred)
Link-local IPv6 Address . . . . . : fe80::107a:e8d:3f57:fe62%153(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4009:801::1006
74.125.225.129
74.125.225.130
74.125.225.131
74.125.225.132
74.125.225.133
74.125.225.134
74.125.225.135
74.125.225.136
74.125.225.137
74.125.225.142
74.125.225.128


Pinging google.com [74.125.225.68] with 32 bytes of data:
Reply from 74.125.225.68: bytes=32 time=59ms TTL=55
Reply from 74.125.225.68: bytes=32 time=62ms TTL=55

Ping statistics for 74.125.225.68:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 59ms, Maximum = 62ms, Average = 60ms
Server: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
General failure.
General failure.

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
141...00 24 d6 2b 8d 47 ......Microsoft Virtual WiFi Miniport Adapter
11...00 24 d6 2b 8d 46 ......Intel® WiFi Link 5100 AGN
10...00 26 9e 70 c6 26 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
154...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
153...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.157 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.157 281
192.168.1.157 255.255.255.255 On-link 192.168.1.157 281
192.168.1.255 255.255.255.255 On-link 192.168.1.157 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.157 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.157 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
153 58 ::/0 On-link
1 306 ::1/128 On-link
153 58 2001::/32 On-link
153 306 2001:0:9d38:6ab8:107a:e8d:3f57:fe62/128
On-link
11 281 fe80::/64 On-link
153 306 fe80::/64 On-link
153 306 fe80::107a:e8d:3f57:fe62/128
On-link
11 281 fe80::d877:53e6:6819:1f6a/128
On-link
1 306 ff00::/8 On-link
153 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/17/2012 05:47:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: TESV.exe, version: 1.8.151.0, time stamp: 0x5086bed7
Faulting module name: TESV.exe, version: 1.8.151.0, time stamp: 0x5086bed7
Exception code: 0xc0000417
Fault offset: 0x00b6101d
Faulting process id: 0x10dc
Faulting application start time: 0xTESV.exe0
Faulting application path: TESV.exe1
Faulting module path: TESV.exe2
Report Id: TESV.exe3

Error: (11/17/2012 05:18:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: TESV.exe, version: 1.8.151.0, time stamp: 0x5086bed7
Faulting module name: TESV.exe, version: 1.8.151.0, time stamp: 0x5086bed7
Exception code: 0xc0000417
Fault offset: 0x00b6101d
Faulting process id: 0x8bc
Faulting application start time: 0xTESV.exe0
Faulting application path: TESV.exe1
Faulting module path: TESV.exe2
Report Id: TESV.exe3

Error: (11/17/2012 05:06:11 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (11/17/2012 05:06:11 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (11/17/2012 05:01:35 PM) (Source: SmartMenu) (User: )
Description: Failed to load resources

Error: (11/17/2012 04:51:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/17/2012 04:51:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/17/2012 01:22:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/17/2012 01:22:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/17/2012 00:50:53 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (11/17/2012 05:03:44 PM) (Source: Service Control Manager) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%2

Error: (11/17/2012 05:01:41 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/17/2012 05:01:23 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/17/2012 05:01:22 PM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (11/17/2012 05:01:19 PM) (Source: Service Control Manager) (User: )
Description: The Akamai NetSession Interface service terminated with the following error:
%%126

Error: (11/17/2012 05:01:16 PM) (Source: NetBT) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "0024D62B8D46" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (11/17/2012 05:00:56 PM) (Source: NetBT) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "00269E70C626" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (11/17/2012 05:00:06 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/17/2012 00:48:15 PM) (Source: Service Control Manager) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%2

Error: (11/17/2012 00:45:55 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (11/17/2012 05:47:40 PM) (Source: Application Error)(User: )
Description: TESV.exe1.8.151.05086bed7TESV.exe1.8.151.05086bed7c000041700b6101d10dc01cdc51dd8b77d7fC:\Program Files (x86)\Steam\steamapps\common\Skyrim\TESV.exeC:\Program Files (x86)\Steam\steamapps\common\Skyrim\TESV.exe2c1fa24b-3111-11e2-b59c-00269e70c626

Error: (11/17/2012 05:18:46 PM) (Source: Application Error)(User: )
Description: TESV.exe1.8.151.05086bed7TESV.exe1.8.151.05086bed7c000041700b6101d8bc01cdc519d47a1cc3C:\Program Files (x86)\Steam\steamapps\common\Skyrim\TESV.exeC:\Program Files (x86)\Steam\steamapps\common\Skyrim\TESV.exe22410060-310d-11e2-b59c-00269e70c626

Error: (11/17/2012 05:06:11 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (11/17/2012 05:06:11 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (11/17/2012 05:01:35 PM) (Source: SmartMenu)(User: )
Description: Failed to load resources

Error: (11/17/2012 04:51:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\david\Downloads\esetsmartinstaller_enu.exe

Error: (11/17/2012 04:51:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\david\Downloads\esetsmartinstaller_enu.exe

Error: (11/17/2012 01:22:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\david\Downloads\esetsmartinstaller_enu.exe

Error: (11/17/2012 01:22:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\david\Downloads\esetsmartinstaller_enu.exe

Error: (11/17/2012 00:50:53 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Flash Player 10 Plugin 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Reader 9.5.2 MUI (Version: 9.5.2)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Assassin's Creed
AVG 2013 (Version: 13.0.2629)
AVG 2013 (Version: 13.0.2793)
AVG 2013 (Version: 2013.0.2793)
Bandisoft MPEG-1 Decoder
Bonjour (Version: 2.0.5.0)
Borderlands
Call of Juarez
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Counter-Strike: Source
Counter-Strike: Source Beta
D3DX10 (Version: 15.4.2368.0902)
Deus Ex: Human Revolution
DivX Setup (Version: 1.0.0.450)
Dota 2
Dual-Core Optimizer (Version: 1.1.4.0169)
ENE CIR Receiver Driver (Version: 2.7.4.0)
EverQuest II Extended
Fallout 3 (Version: 1.00.0000)
Garry's Mod
Google Chrome (Version: 23.0.1271.64)
Google Update Helper (Version: 1.3.21.123)
Half-Life 2
Half-Life 2: Episode One
Half-Life 2: Episode Two
Half-Life 2: Lost Coast
HP 3D DriveGuard (Version: 4.0.3.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Wireless Assistant (Version: 3.50.11.2)
Intel® Turbo Boost Technology Driver (Version: 01.00.00.1030)
Intel® Matrix Storage Manager
iTunes (Version: 10.3.1.55)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 37 (Version: 6.0.370)
Junk Mail filter update (Version: 15.4.3502.0922)
Lead and Gold - Gangs of the Wild West
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Compact Framework 3.5 (Version: 3.5.7283)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Flight
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office Home and Student 60 day trial
Microsoft Office XP Professional (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Netflix in Windows Media Center (Version: 3.3.1.0)
Nexon Game Manager
NVIDIA Control Panel 276.00 (Version: 276.00)
NVIDIA Drivers (Version: 1.9)
NVIDIA Graphics Driver 276.00 (Version: 276.00)
NVIDIA Install Application (Version: 2.275.82.0)
NVIDIA PhysX v8.10.29 (Version: 8.10.29)
NVIDIA Update 1.3.12 (Version: 1.3.12)
NVIDIA Update Components (Version: 1.3.12)
ORION: Dino Beatdown
Pando Media Booster (Version: 2.3.5.6)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
PL-2303 USB-to-Serial (Version: 1.1.0)
PL-2303 Vista Driver Installer (Version: 3.0.1.0)
PowerRecover (Version: 5.5.1923)
Privacy SafeGuard version 1.1 (Version: 1.1)
QuickTime (Version: 7.69.80.9)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0011)
RIFT™
ROBLOX Player for david
ROBLOX Studio for david
Serious Sam HD: The Second Encounter
SOE Web Installer (Version: 1.0.3.133)
Source SDK Base 2007
SourceForts (Version: 1.9.4)
Spybot - Search & Destroy (Version: 1.6.2)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1012)
Symbol Device Configuration Package for PPT8800w v1.5 (Version: 1.05.00)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
TabIt version 2.03 (Trial) (Version: 2.03)
Team Fortress 2
Team Fortress 2 Beta
Team Fortress Classic
The Elder Scrolls V: Skyrim
The Lord of the Rings Online™ v03.05.01.8027 (Version: 03.05.01.8027)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 3.1.1.0)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Xvid Video Codec (Version: 1.3.2)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 6134.88 MB
Available physical RAM: 3640.41 MB
Total Pagefile: 12267.96 MB
Available Pagefile: 9355.21 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.47 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:450.43 GB) (Free:173.58 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15.04 GB) (Free:2.47 GB) NTFS

========================= Users: ========================================

User accounts for \\HPLAPTOP

Administrator ASPNET david
Guest UpdatusUser

========================= Restore Points ==================================

17-11-2012 05:36:52 Removed NetAssistant
17-11-2012 05:48:44 Installed AVG 2013
17-11-2012 05:49:06 Installed AVG 2013
17-11-2012 15:19:39 Installed AVG PC TuneUp
17-11-2012 15:30:06 Windows Update
17-11-2012 15:39:59 Removed AVG PC TuneUp
17-11-2012 15:41:39 Removed AVG PC TuneUp Language Pack (en-US)
18-11-2012 00:12:01 Removed HP MediaSmart SmartMenu
18-11-2012 00:13:15 Removed HP 3D DriveGuard
18-11-2012 00:18:59 Removed Safari
18-11-2012 01:36:35 Removed IDT Audio

**** End of log ****

Farbar:

Farbar Service Scanner Version: 09-11-2012
Ran by david (administrator) on 17-11-2012 at 20:37:19
Running from "C:\Users\david\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Other errors
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-11-16 11:07] - [2012-10-03 11:56] - 1914248 ____A (Microsoft Corporation) 37608401DFDB388CAF66917F6B2D6FB0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

AdwCleaner:

# AdwCleaner v2.008 - Logfile created 11/17/2012 at 20:38:46
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : david - HPLAPTOP
# Boot Mode : Normal
# Running from : C:\Users\david\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\FREEzeFrog
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\david\AppData\Local\Conduit
Folder Deleted : C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Folder Deleted : C:\Users\david\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\david\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\david\AppData\LocalLow\Mp3Tube Toolbar
Folder Deleted : C:\Users\david\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\david\AppData\Roaming\Babylon
Folder Deleted : C:\Users\david\AppData\Roaming\FREEzeFrog

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3244149
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\FREEzeFrog
Key Deleted : HKLM\Software\Funmoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchfunmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDtByCzy0EyBtD0CyCtByC0DtB0B0AtN0D0Tzu0CtByByBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1112953642 --> hxxp://www.google.com

-\\ Google Chrome v [Unable to get version]

File : C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3977 octets] - [17/11/2012 20:38:46]

########## EOF - C:\AdwCleaner[S1].txt - [4037 octets] ##########

Junkware Removal Tool:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.2.0 (11.17.2012)
OS: Windows 7 Home Premium x64
Ran by david on Sat 11/17/2012 at 20:44:21.21
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{462be121-2b54-4218-bf00-b9bf8135b23f}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{462be121-2b54-4218-bf00-b9bf8135b23f}



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Users\david\appdata\local\funmoods-speeddial_sf.crx"
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\privacy safeguard"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\david\appdata\local\Google\Chrome\User Data\Default\Extensions\geggofhlfbcmanadhknllmlajiafopoh
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\geggofhlfbcmanadhknllmlajiafopoh



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 11/17/2012 at 20:49:23.32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:48 AM

Posted 17 November 2012 - 10:18 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here


Current issues?

#7 VOLBEAT

VOLBEAT
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 17 November 2012 - 10:51 PM

Here are the logs...

Rkill:

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/17/2012 09:45:32 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\david\Desktop\rkill\rkill-11-17-2012-09-45-37.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com

20 out of 15299 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 11/17/2012 09:45:52 PM
Execution time: 0 hours(s), 0 minute(s), and 19 seconds(s)

AutoRuns:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "amd_dc_opt" "AMD Dual-Core Optimizer" "AMD" "c:\program files (x86)\amd\dual-core optimizer\amd_dc_opt.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgui.exe"
+ "UpdatePRCShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\recovery\muitransfer\muistartmenu.exe"
+ "WirelessAssistant" "HP Wireless Assistant Main Program" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp wireless assistant\hpwamain.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "PeerBlock" "PeerBlock" "PeerBlock, LLC" "c:\program files\peerblock\peerblock.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
+ "Xvid" "" "" "c:\program files (x86)\xvid\checkupdate.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Privacy Safeguard BHO" "PrivacySafeguard" "PrivacySafeguard" "c:\program files\privacysafeguard\privacysafeguard-x64.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Privacy Safeguard BHO" "PrivacySafeguard" "PrivacySafeguard" "c:\program files\privacysafeguard\privacysafeguard.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Adobe online update program" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\HPCeeScheduleFordavid" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\InstallShield Software online update program" "InstallShield Update Service Update Manager" "InstallShield Software Corporation" "c:\program files (x86)\common files\installshield\updateservice\isuspm.exe"
+ "\InstallShield Software update service" "InstallShield Update Service Scheduler" "InstallShield Software Corporation" "c:\program files (x86)\common files\installshield\updateservice\issch.exe"
+ "\Java Update Scheduler" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "" "" "File not found: c:\Program Files\Microsoft Security Client\MpCmdRun.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\Spybot - Search & Destroy - Scheduled Task" "Spybot - Search & Destroy" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\spybotsd.exe"
+ "\Spybot - Search & Destroy Updater - Scheduled Task" "Updater for Spybot-S&D" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdupdate.exe"
+ "\Sun Microsystems online update program" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jusched.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\aestsr64.exe"
+ "AgereModemAudio" "LSI Soft Modem Call Progress Service" "LSI Corporation" "c:\program files\lsi softmodem\agr64svc.exe"
+ "Akamai" "Provides networking protocol and file transfer technologies. If the service is stopped, those applications that depend on the service may fail to transfer files or otherwise function properly." "" "File not found: c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files (x86)\bonjour\mdnsresponder.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "gupdate1cad5f965529a7d" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "" "File not found: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "McciCMService64" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AgereSoftModem" "SoftModem Device Driver" "LSI Corporation" "c:\windows\system32\drivers\agrsm64.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "EagleX64" "" "" "File not found: C:\Windows\system32\drivers\EagleX64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "enecir" "ENE CIR Driver for eHome(64)" "ENE TECHNOLOGY INC." "c:\windows\system32\drivers\enecir.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpqKbFiltr" "HpqKbFiltr Keyboard Filter Driver" "Hewlett-Packard Development Company, L.P." "c:\windows\system32\drivers\hpqkbfiltr.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "JMCR" "JMicron JMB38X Flash Media Controller Driver" "JMicron Technology Corporation" "c:\windows\system32\drivers\jmcr.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MCSTRM" "" "" "File not found: C:\Windows\System32\Drivers\MCSTRM.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "NETw5s64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5s64.sys"
+ "netw5v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 276.00 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "pbfilter" "" "" "c:\program files\peerblock\pbfilter.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Ser2pl" "USB-to-Serial Cable Driver" "Prolific Technology Inc." "c:\windows\system32\drivers\ser2pl64.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.bdmpeg" "" "" "c:\windows\syswow64\bdmpega.acm"
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.mpeg" "" "" "c:\windows\syswow64\bdmpegv.dll"
+ "vidc.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmprevu.dll"
+ "Bandisoft MPEG-1 Audio Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll"
+ "Bandisoft MPEG-1 Video Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "WME Record Queue" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmedque.dll"
+ "Video Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmprevu.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMEnc Screen Capture Filter" "WMESrcWp Module" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmesrcwp.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MX870 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlma7.dll"
+ "Canon BJ Language Monitor MX870 series XPS" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmxlma7.dll"
+ "Canon BJNP Port" "Canon IJ Network 64bit comm Module" "CANON INC." "c:\windows\system32\cnmn6ppm.dll"
+ "Canon MP FAX Language Monitor MX870 series" "MP FAX Language Monitor DLL" "Canon Inc." "c:\windows\system32\cncf2lm.dll"
+ "PCL hpz3llhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3llhn.dll"




The system seems to be running very well at this time. I have not received any pop ups from AVG this evening alerting me of any threats like I was when I first posted. Thanks and I'll be awaiting your reply!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:48 AM

Posted 18 November 2012 - 05:41 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 VOLBEAT

VOLBEAT
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 18 November 2012 - 11:04 AM

Thank you so much for your help, narenxp! I hope you take great pride in the work you do here and know how much your time is appreciated. This site comes with high recommendations, and I have much respect for the countless hours the good people like you put into helping people like me. Again, thank you, and I hope you have a great day and wonderful holidays!

Mike

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:48 AM

Posted 18 November 2012 - 12:51 PM

You're most welcome and happy to help :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users