Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus-I Really Need Help Before It Gets Any Worse!


  • Please log in to reply
9 replies to this topic

#1 Jeevas Crow

Jeevas Crow

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:59 AM

Posted 17 November 2012 - 03:27 PM

We have two laptops in the house, both of which use the same router. One of them has come down with a redirect virus, but unfortunately I haven't been able to find either the name of the particular program that it has nor a removal program guaranteed to remove it. Not for free, anyway, but at this point I'd probably even pay for it.

What I've Done:
Scanned with AntiMalwarebytes. -Can't detect virus.
Restored System to Date- System doesn't store a late enough date to remove virus.
Run another Antivirus Program that removed it, only to have it reappear a few days later.

Symptoms:
Redirects to unwanted sites from links.
Disabled all practical use of Firefox, had to download Chrome.
Attempts to alter system files from program files location. (This caused tons of popups and forced me into safemode.)
Occasionally, as in nearly once a day, the internet won't work for either laptop even though the router has full bar reception. It stands only like, ten feet away from where we use the laptops, so it usually isn't a reception issue. The resulting error detection says something about the DNS and server location of the website. This has led me to suspect the virus is in the router.

We can still use the internet on the infected laptop, for now. I'm worried it might spread from the router to my laptop, though I'm not sure that's possible. Both computers have DNS lookup problems on a fairly regular basis that last for a few minutes and then stop. At first I thought the router was just bleepty. It's from comcast.

I can't seem to find anyone who can tell me how to get rid of it, and I'd hardly call myself literate enough to alter any system files without incredibly detailed directions. In short, I really need help. Would it work if I just removed the virus again, turned off all wifi connection to the laptops and replaced the router? I would like to just get rid of it. I don't want to have to replace the laptop, because stuff like that has happened to me before. I'm worried that it'll kill the hard drive, we'll replace the hard drive, and then the router will just give it back and ruin that one too.

As far as systems go, we both run Windows 7.

Does anyone know any programs or hard ware solutions that could possibly help us out? Thanks in advance. ^^

Edited by hamluis, 17 November 2012 - 03:33 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:59 PM

Posted 17 November 2012 - 05:52 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Jeevas Crow

Jeevas Crow
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:59 AM

Posted 18 November 2012 - 06:01 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

12:35:02.0708 5016 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:35:03.0145 5016 ============================================================
12:35:03.0145 5016 Current date / time: 2012/11/18 12:35:03.0145
12:35:03.0145 5016 SystemInfo:
12:35:03.0145 5016
12:35:03.0145 5016 OS Version: 6.1.7600 ServicePack: 0.0
12:35:03.0145 5016 Product type: Workstation
12:35:03.0145 5016 ComputerName: OWNER-PC
12:35:03.0145 5016 UserName: Owner
12:35:03.0161 5016 Windows directory: C:\Windows
12:35:03.0161 5016 System windows directory: C:\Windows
12:35:03.0161 5016 Running under WOW64
12:35:03.0161 5016 Processor architecture: Intel x64
12:35:03.0161 5016 Number of processors: 3
12:35:03.0161 5016 Page size: 0x1000
12:35:03.0161 5016 Boot type: Normal boot
12:35:03.0161 5016 ============================================================
12:35:06.0889 5016 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:35:06.0889 5016 ============================================================
12:35:06.0889 5016 \Device\Harddisk0\DR0:
12:35:06.0889 5016 MBR partitions:
12:35:06.0889 5016 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
12:35:06.0889 5016 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030
12:35:06.0889 5016 ============================================================
12:35:06.0905 5016 C: <-> \Device\Harddisk0\DR0\Partition2
12:35:06.0905 5016 ============================================================
12:35:06.0905 5016 Initialize success
12:35:06.0905 5016 ============================================================
12:35:35.0120 0988 ============================================================
12:35:35.0120 0988 Scan started
12:35:35.0120 0988 Mode: Manual; TDLFS;
12:35:35.0120 0988 ============================================================
12:35:37.0397 0988 ================ Scan system memory ========================
12:35:37.0397 0988 System memory - ok
12:35:37.0397 0988 ================ Scan services =============================
12:35:37.0928 0988 [ 69AA89A20DEE08BFA650AAB6CE37BD10 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
12:35:37.0928 0988 1394ohci - ok
12:35:37.0990 0988 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
12:35:37.0990 0988 ACPI - ok
12:35:38.0021 0988 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
12:35:38.0021 0988 AcpiPmi - ok
12:35:38.0068 0988 [ 673F738B76C4CFA910B96EB01D4E6635 ] ACTSBUS C:\Windows\system32\DRIVERS\ACTSBUS.sys
12:35:38.0068 0988 ACTSBUS - ok
12:35:38.0131 0988 [ F42040274AAD2D416810A12287BCBA16 ] ACTSCVsp C:\Windows\system32\DRIVERS\ACTSCVsp.sys
12:35:38.0146 0988 ACTSCVsp - ok
12:35:38.0224 0988 [ B93FFC9A9C2374E91239644BE033EC6C ] ACTSFLT C:\Windows\system32\DRIVERS\ACTSFLT.sys
12:35:38.0224 0988 ACTSFLT - ok
12:35:38.0271 0988 [ 1B3706129642D6F9E3D8AEB4316F98E3 ] ACTSMBMP C:\Windows\system32\DRIVERS\ACTSMBMP.sys
12:35:38.0271 0988 ACTSMBMP - ok
12:35:38.0318 0988 [ 8EFEC32F46F1667DD6565FAD17CBE295 ] ACTSMdm C:\Windows\system32\DRIVERS\ACTSMdm.sys
12:35:38.0318 0988 ACTSMdm - ok
12:35:38.0380 0988 [ D40EDA56D990C79BCA39AC4BB6754B1C ] ACTSNVsp C:\Windows\system32\DRIVERS\ACTSNVsp.sys
12:35:38.0396 0988 ACTSNVsp - ok
12:35:38.0411 0988 [ B3D2F67C354D9376B6179D38858887AC ] ACTSRMNET C:\Windows\system32\DRIVERS\ACTSRMNET.sys
12:35:38.0411 0988 ACTSRMNET - ok
12:35:38.0443 0988 [ 90264F47034F51F0D93406114D42F066 ] ACTSVsp C:\Windows\system32\DRIVERS\ACTSVsp.sys
12:35:38.0443 0988 ACTSVsp - ok
12:35:38.0630 0988 [ 0D4C486A24A711A45FD83ACDF4D18506 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:35:38.0630 0988 AdobeFlashPlayerUpdateSvc - ok
12:35:38.0677 0988 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:35:38.0692 0988 adp94xx - ok
12:35:38.0739 0988 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:35:38.0739 0988 adpahci - ok
12:35:38.0770 0988 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:35:38.0770 0988 adpu320 - ok
12:35:38.0817 0988 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:35:38.0833 0988 AeLookupSvc - ok
12:35:39.0207 0988 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe
12:35:39.0223 0988 AESTFilters - ok
12:35:39.0301 0988 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
12:35:39.0332 0988 AFD - ok
12:35:39.0363 0988 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
12:35:39.0379 0988 agp440 - ok
12:35:39.0410 0988 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:35:39.0410 0988 ALG - ok
12:35:39.0441 0988 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
12:35:39.0457 0988 aliide - ok
12:35:39.0488 0988 [ C6469CED96FEDEF508AEB74553135CDC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:35:39.0488 0988 AMD External Events Utility - ok
12:35:39.0503 0988 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
12:35:39.0503 0988 amdide - ok
12:35:39.0550 0988 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:35:39.0550 0988 AmdK8 - ok
12:35:39.0862 0988 [ 18AD9AD00FFAD95DC820762FB7F4B80F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:35:40.0065 0988 amdkmdag - ok
12:35:40.0112 0988 [ DBF0DB9A8B60A2C029EB70824AFCCBDA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:35:40.0112 0988 amdkmdap - ok
12:35:40.0159 0988 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:35:40.0159 0988 AmdPPM - ok
12:35:40.0205 0988 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:35:40.0205 0988 amdsata - ok
12:35:40.0237 0988 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:35:40.0237 0988 amdsbs - ok
12:35:40.0252 0988 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:35:40.0252 0988 amdxata - ok
12:35:40.0299 0988 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
12:35:40.0299 0988 AppID - ok
12:35:40.0330 0988 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:35:40.0330 0988 AppIDSvc - ok
12:35:40.0361 0988 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
12:35:40.0361 0988 Appinfo - ok
12:35:40.0455 0988 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:35:40.0471 0988 Apple Mobile Device - ok
12:35:40.0486 0988 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:35:40.0502 0988 arc - ok
12:35:40.0533 0988 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:35:40.0533 0988 arcsas - ok
12:35:40.0549 0988 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:35:40.0549 0988 AsyncMac - ok
12:35:40.0580 0988 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
12:35:40.0595 0988 atapi - ok
12:35:40.0642 0988 [ 637E0753BD6DEB8EA5314A5C357EC1A0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
12:35:40.0642 0988 AtiHdmiService - ok
12:35:40.0673 0988 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
12:35:40.0673 0988 AtiPcie - ok
12:35:40.0736 0988 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:35:40.0751 0988 AudioEndpointBuilder - ok
12:35:40.0798 0988 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:35:40.0798 0988 AudioSrv - ok
12:35:40.0845 0988 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:35:40.0845 0988 AxInstSV - ok
12:35:40.0876 0988 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:35:40.0876 0988 b06bdrv - ok
12:35:40.0907 0988 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:35:40.0923 0988 b57nd60a - ok
12:35:41.0017 0988 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
12:35:41.0017 0988 BBSvc - ok
12:35:41.0063 0988 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
12:35:41.0063 0988 BBUpdate - ok
12:35:41.0095 0988 [ AC4E2D84DE54CD3A013AEFF0CC56095C ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
12:35:41.0095 0988 BCM42RLY - ok
12:35:41.0204 0988 [ 8B5D16D20774FC3727F44E161BE2C0AC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:35:41.0235 0988 BCM43XX - ok
12:35:41.0313 0988 [ D224B2E6BB543F1D8F1177D57FEC2950 ] BcmVWL C:\Windows\system32\DRIVERS\bcmvwl64.sys
12:35:41.0313 0988 BcmVWL - ok
12:35:41.0344 0988 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:35:41.0344 0988 BDESVC - ok
12:35:41.0375 0988 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:35:41.0391 0988 Beep - ok
12:35:41.0422 0988 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
12:35:41.0453 0988 BFE - ok
12:35:41.0516 0988 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
12:35:41.0547 0988 BITS - ok
12:35:41.0578 0988 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:35:41.0594 0988 blbdrive - ok
12:35:41.0656 0988 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
12:35:41.0656 0988 Bonjour Service - ok
12:35:41.0703 0988 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:35:41.0703 0988 bowser - ok
12:35:41.0734 0988 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:35:41.0750 0988 BrFiltLo - ok
12:35:41.0765 0988 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:35:41.0765 0988 BrFiltUp - ok
12:35:41.0828 0988 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
12:35:41.0828 0988 Browser - ok
12:35:41.0859 0988 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:35:41.0875 0988 Brserid - ok
12:35:41.0890 0988 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:35:41.0890 0988 BrSerWdm - ok
12:35:41.0921 0988 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:35:41.0921 0988 BrUsbMdm - ok
12:35:41.0937 0988 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:35:41.0953 0988 BrUsbSer - ok
12:35:41.0968 0988 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:35:41.0968 0988 BTHMODEM - ok
12:35:41.0999 0988 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:35:42.0015 0988 bthserv - ok
12:35:42.0046 0988 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:35:42.0046 0988 cdfs - ok
12:35:42.0093 0988 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:35:42.0109 0988 cdrom - ok
12:35:42.0140 0988 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
12:35:42.0140 0988 CertPropSvc - ok
12:35:42.0171 0988 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:35:42.0171 0988 circlass - ok
12:35:42.0218 0988 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:35:42.0218 0988 CLFS - ok
12:35:42.0296 0988 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:35:42.0296 0988 clr_optimization_v2.0.50727_32 - ok
12:35:42.0327 0988 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:35:42.0343 0988 clr_optimization_v2.0.50727_64 - ok
12:35:42.0421 0988 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:35:42.0436 0988 clr_optimization_v4.0.30319_32 - ok
12:35:42.0467 0988 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:35:42.0467 0988 clr_optimization_v4.0.30319_64 - ok
12:35:42.0514 0988 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:35:42.0514 0988 CmBatt - ok
12:35:42.0530 0988 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
12:35:42.0530 0988 cmdide - ok
12:35:42.0623 0988 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
12:35:42.0623 0988 CNG - ok
12:35:42.0670 0988 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:35:42.0670 0988 Compbatt - ok
12:35:42.0701 0988 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:35:42.0717 0988 CompositeBus - ok
12:35:42.0733 0988 COMSysApp - ok
12:35:42.0748 0988 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:35:42.0764 0988 crcdisk - ok
12:35:42.0811 0988 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:35:42.0811 0988 CryptSvc - ok
12:35:42.0873 0988 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
12:35:42.0889 0988 CtClsFlt - ok
12:35:43.0045 0988 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:35:43.0091 0988 cvhsvc - ok
12:35:43.0154 0988 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:35:43.0169 0988 DcomLaunch - ok
12:35:43.0216 0988 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:35:43.0232 0988 defragsvc - ok
12:35:43.0263 0988 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:35:43.0279 0988 DfsC - ok
12:35:43.0310 0988 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
12:35:43.0325 0988 Dhcp - ok
12:35:43.0497 0988 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:35:43.0497 0988 discache - ok
12:35:43.0544 0988 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:35:43.0544 0988 Disk - ok
12:35:43.0591 0988 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:35:43.0606 0988 Dnscache - ok
12:35:43.0700 0988 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
12:35:43.0700 0988 DockLoginService - ok
12:35:43.0731 0988 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
12:35:43.0747 0988 dot3svc - ok
12:35:43.0762 0988 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
12:35:43.0778 0988 DPS - ok
12:35:43.0809 0988 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:35:43.0809 0988 drmkaud - ok
12:35:43.0949 0988 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:35:43.0965 0988 DXGKrnl - ok
12:35:43.0996 0988 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:35:43.0996 0988 EapHost - ok
12:35:44.0371 0988 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:35:44.0449 0988 ebdrv - ok
12:35:44.0495 0988 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
12:35:44.0495 0988 EFS - ok
12:35:44.0636 0988 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:35:44.0667 0988 ehRecvr - ok
12:35:44.0698 0988 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:35:44.0698 0988 ehSched - ok
12:35:44.0761 0988 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:35:44.0776 0988 elxstor - ok
12:35:44.0792 0988 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
12:35:44.0792 0988 ErrDev - ok
12:35:44.0885 0988 esgiguard - ok
12:35:44.0948 0988 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:35:44.0963 0988 EventSystem - ok
12:35:44.0995 0988 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:35:44.0995 0988 exfat - ok
12:35:45.0026 0988 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:35:45.0041 0988 fastfat - ok
12:35:45.0088 0988 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
12:35:45.0135 0988 Fax - ok
12:35:45.0151 0988 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:35:45.0166 0988 fdc - ok
12:35:45.0182 0988 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:35:45.0182 0988 fdPHost - ok
12:35:45.0197 0988 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:35:45.0213 0988 FDResPub - ok
12:35:45.0244 0988 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:35:45.0244 0988 FileInfo - ok
12:35:45.0260 0988 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:35:45.0260 0988 Filetrace - ok
12:35:45.0291 0988 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:35:45.0291 0988 flpydisk - ok
12:35:45.0322 0988 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:35:45.0338 0988 FltMgr - ok
12:35:45.0431 0988 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
12:35:45.0463 0988 FontCache - ok
12:35:45.0525 0988 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:35:45.0525 0988 FontCache3.0.0.0 - ok
12:35:45.0556 0988 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:35:45.0556 0988 FsDepends - ok
12:35:45.0603 0988 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:35:45.0603 0988 Fs_Rec - ok
12:35:45.0650 0988 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:35:45.0665 0988 fvevol - ok
12:35:45.0697 0988 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:35:45.0697 0988 gagp30kx - ok
12:35:45.0743 0988 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:35:45.0775 0988 GEARAspiWDM - ok
12:35:45.0806 0988 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
12:35:45.0806 0988 GoToAssist - ok
12:35:45.0868 0988 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
12:35:45.0899 0988 gpsvc - ok
12:35:45.0977 0988 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:35:45.0977 0988 gupdate - ok
12:35:46.0024 0988 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:35:46.0024 0988 gupdatem - ok
12:35:46.0055 0988 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:35:46.0071 0988 hcw85cir - ok
12:35:46.0118 0988 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:35:46.0118 0988 HdAudAddService - ok
12:35:46.0149 0988 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:35:46.0149 0988 HDAudBus - ok
12:35:46.0180 0988 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:35:46.0180 0988 HidBatt - ok
12:35:46.0211 0988 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:35:46.0211 0988 HidBth - ok
12:35:46.0243 0988 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:35:46.0243 0988 HidIr - ok
12:35:46.0274 0988 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:35:46.0274 0988 hidserv - ok
12:35:46.0321 0988 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:35:46.0321 0988 HidUsb - ok
12:35:46.0336 0988 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:35:46.0352 0988 hkmsvc - ok
12:35:46.0383 0988 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:35:46.0383 0988 HomeGroupListener - ok
12:35:46.0430 0988 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:35:46.0430 0988 HomeGroupProvider - ok
12:35:46.0477 0988 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
12:35:46.0477 0988 HpSAMD - ok
12:35:46.0539 0988 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:35:46.0586 0988 HTTP - ok
12:35:46.0601 0988 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:35:46.0601 0988 hwpolicy - ok
12:35:46.0617 0988 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:35:46.0617 0988 i8042prt - ok
12:35:46.0679 0988 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:35:46.0695 0988 iaStorV - ok
12:35:46.0789 0988 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:35:46.0820 0988 idsvc - ok
12:35:47.0225 0988 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:35:47.0397 0988 igfx - ok
12:35:47.0444 0988 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:35:47.0444 0988 iirsp - ok
12:35:47.0491 0988 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
12:35:47.0522 0988 IKEEXT - ok
12:35:47.0569 0988 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
12:35:47.0569 0988 intelide - ok
12:35:47.0600 0988 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:35:47.0615 0988 intelppm - ok
12:35:47.0647 0988 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:35:47.0647 0988 IPBusEnum - ok
12:35:47.0678 0988 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:35:47.0678 0988 IpFilterDriver - ok
12:35:47.0709 0988 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:35:47.0740 0988 iphlpsvc - ok
12:35:47.0787 0988 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
12:35:47.0787 0988 IPMIDRV - ok
12:35:47.0803 0988 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:35:47.0803 0988 IPNAT - ok
12:35:47.0912 0988 [ F8E8676D1B6B2CC12DF9AA6B1A43D929 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:35:47.0943 0988 iPod Service - ok
12:35:47.0990 0988 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:35:47.0990 0988 IRENUM - ok
12:35:48.0005 0988 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
12:35:48.0021 0988 isapnp - ok
12:35:48.0037 0988 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:35:48.0052 0988 iScsiPrt - ok
12:35:48.0068 0988 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:35:48.0068 0988 kbdclass - ok
12:35:48.0099 0988 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:35:48.0099 0988 kbdhid - ok
12:35:48.0115 0988 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
12:35:48.0115 0988 KeyIso - ok
12:35:48.0177 0988 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:35:48.0177 0988 KSecDD - ok
12:35:48.0224 0988 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:35:48.0224 0988 KSecPkg - ok
12:35:48.0255 0988 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:35:48.0255 0988 ksthunk - ok
12:35:48.0333 0988 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:35:48.0380 0988 KtmRm - ok
12:35:48.0411 0988 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:35:48.0427 0988 LanmanServer - ok
12:35:48.0473 0988 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:35:48.0489 0988 LanmanWorkstation - ok
12:35:48.0520 0988 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:35:48.0520 0988 lltdio - ok
12:35:48.0567 0988 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:35:48.0567 0988 lltdsvc - ok
12:35:48.0583 0988 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:35:48.0598 0988 lmhosts - ok
12:35:48.0645 0988 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:35:48.0645 0988 LSI_FC - ok
12:35:48.0661 0988 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:35:48.0676 0988 LSI_SAS - ok
12:35:48.0692 0988 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:35:48.0692 0988 LSI_SAS2 - ok
12:35:48.0707 0988 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:35:48.0707 0988 LSI_SCSI - ok
12:35:48.0739 0988 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:35:48.0754 0988 luafv - ok
12:35:48.0785 0988 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:35:48.0785 0988 Mcx2Svc - ok
12:35:48.0817 0988 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:35:48.0817 0988 megasas - ok
12:35:48.0832 0988 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:35:48.0848 0988 MegaSR - ok
12:35:48.0879 0988 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:35:48.0895 0988 MMCSS - ok
12:35:48.0988 0988 [ EEDE3738878A4F415FE6DC22BFE8071A ] Mobile Broadband Experience Client C:\Program Files (x86)\Cricket Broadband\A605\Mobile Broadband Experience Client\MBBEClient.exe
12:35:49.0066 0988 Mobile Broadband Experience Client - ok
12:35:49.0113 0988 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:35:49.0113 0988 Modem - ok
12:35:49.0160 0988 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:35:49.0160 0988 monitor - ok
12:35:49.0175 0988 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:35:49.0191 0988 mouclass - ok
12:35:49.0207 0988 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:35:49.0207 0988 mouhid - ok
12:35:49.0222 0988 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:35:49.0222 0988 mountmgr - ok
12:35:49.0300 0988 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:35:49.0300 0988 MozillaMaintenance - ok
12:35:49.0331 0988 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
12:35:49.0331 0988 mpio - ok
12:35:49.0363 0988 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:35:49.0363 0988 mpsdrv - ok
12:35:49.0409 0988 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:35:49.0441 0988 MpsSvc - ok
12:35:49.0456 0988 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:35:49.0472 0988 MRxDAV - ok
12:35:49.0534 0988 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:35:49.0534 0988 mrxsmb - ok
12:35:49.0581 0988 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:35:49.0597 0988 mrxsmb10 - ok
12:35:49.0612 0988 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:35:49.0628 0988 mrxsmb20 - ok
12:35:49.0643 0988 [ BCCF16D5FB1109162380E3E28DC9E4E5 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
12:35:49.0643 0988 msahci - ok
12:35:49.0690 0988 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
12:35:49.0690 0988 msdsm - ok
12:35:49.0706 0988 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:35:49.0721 0988 MSDTC - ok
12:35:49.0753 0988 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:35:49.0753 0988 Msfs - ok
12:35:49.0753 0988 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:35:49.0753 0988 mshidkmdf - ok
12:35:49.0784 0988 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
12:35:49.0784 0988 msisadrv - ok
12:35:49.0815 0988 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:35:49.0815 0988 MSiSCSI - ok
12:35:49.0831 0988 msiserver - ok
12:35:49.0862 0988 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:35:49.0862 0988 MSKSSRV - ok
12:35:49.0877 0988 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:35:49.0893 0988 MSPCLOCK - ok
12:35:49.0909 0988 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:35:49.0909 0988 MSPQM - ok
12:35:49.0924 0988 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:35:49.0940 0988 MsRPC - ok
12:35:49.0955 0988 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:35:49.0955 0988 mssmbios - ok
12:35:49.0971 0988 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:35:49.0971 0988 MSTEE - ok
12:35:49.0987 0988 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:35:49.0987 0988 MTConfig - ok
12:35:50.0002 0988 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:35:50.0002 0988 Mup - ok
12:35:50.0049 0988 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
12:35:50.0065 0988 napagent - ok
12:35:50.0127 0988 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:35:50.0127 0988 NativeWifiP - ok
12:35:50.0174 0988 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
12:35:50.0205 0988 NDIS - ok
12:35:50.0236 0988 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:35:50.0236 0988 NdisCap - ok
12:35:50.0252 0988 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:35:50.0267 0988 NdisTapi - ok
12:35:50.0283 0988 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:35:50.0283 0988 Ndisuio - ok
12:35:50.0299 0988 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:35:50.0314 0988 NdisWan - ok
12:35:50.0330 0988 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:35:50.0330 0988 NDProxy - ok
12:35:50.0361 0988 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:35:50.0361 0988 NetBIOS - ok
12:35:50.0377 0988 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:35:50.0392 0988 NetBT - ok
12:35:50.0423 0988 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
12:35:50.0423 0988 Netlogon - ok
12:35:50.0470 0988 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:35:50.0486 0988 Netman - ok
12:35:50.0501 0988 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:35:50.0517 0988 netprofm - ok
12:35:50.0579 0988 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:35:50.0579 0988 NetTcpPortSharing - ok
12:35:50.0611 0988 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:35:50.0626 0988 nfrd960 - ok
12:35:50.0657 0988 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:35:50.0673 0988 NlaSvc - ok
12:35:50.0689 0988 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:35:50.0689 0988 Npfs - ok
12:35:50.0720 0988 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:35:50.0720 0988 nsi - ok
12:35:50.0751 0988 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:35:50.0751 0988 nsiproxy - ok
12:35:50.0860 0988 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:35:50.0923 0988 Ntfs - ok
12:35:50.0954 0988 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:35:50.0954 0988 Null - ok
12:35:51.0001 0988 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:35:51.0016 0988 nvraid - ok
12:35:51.0063 0988 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:35:51.0063 0988 nvstor - ok
12:35:51.0094 0988 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
12:35:51.0094 0988 nv_agp - ok
12:35:51.0110 0988 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:35:51.0125 0988 ohci1394 - ok
12:35:51.0172 0988 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:35:51.0188 0988 ose - ok
12:35:51.0359 0988 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:35:51.0515 0988 osppsvc - ok
12:35:51.0562 0988 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:35:51.0578 0988 p2pimsvc - ok
12:35:51.0609 0988 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:35:51.0625 0988 p2psvc - ok
12:35:51.0656 0988 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:35:51.0671 0988 Parport - ok
12:35:51.0703 0988 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:35:51.0718 0988 partmgr - ok
12:35:51.0734 0988 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:35:51.0734 0988 PcaSvc - ok
12:35:51.0781 0988 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
12:35:51.0781 0988 pci - ok
12:35:51.0796 0988 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
12:35:51.0796 0988 pciide - ok
12:35:51.0827 0988 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:35:51.0843 0988 pcmcia - ok
12:35:51.0859 0988 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:35:51.0874 0988 pcw - ok
12:35:51.0905 0988 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:35:51.0921 0988 PEAUTH - ok
12:35:52.0015 0988 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:35:52.0015 0988 PerfHost - ok
12:35:52.0108 0988 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
12:35:52.0171 0988 pla - ok
12:35:52.0233 0988 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:35:52.0249 0988 PlugPlay - ok
12:35:52.0373 0988 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
12:35:52.0420 0988 PMBDeviceInfoProvider - ok
12:35:52.0451 0988 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:35:52.0451 0988 PNRPAutoReg - ok
12:35:52.0483 0988 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:35:52.0498 0988 PNRPsvc - ok
12:35:52.0545 0988 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:35:52.0561 0988 PolicyAgent - ok
12:35:52.0607 0988 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:35:52.0607 0988 Power - ok
12:35:52.0654 0988 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:35:52.0654 0988 PptpMiniport - ok
12:35:52.0670 0988 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:35:52.0670 0988 Processor - ok
12:35:52.0717 0988 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
12:35:52.0717 0988 ProfSvc - ok
12:35:52.0748 0988 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:35:52.0748 0988 ProtectedStorage - ok
12:35:52.0779 0988 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:35:52.0795 0988 Psched - ok
12:35:52.0826 0988 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:35:52.0826 0988 PxHlpa64 - ok
12:35:52.0888 0988 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:35:52.0935 0988 ql2300 - ok
12:35:52.0966 0988 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:35:52.0966 0988 ql40xx - ok
12:35:52.0997 0988 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:35:53.0013 0988 QWAVE - ok
12:35:53.0029 0988 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:35:53.0044 0988 QWAVEdrv - ok
12:35:53.0060 0988 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:35:53.0060 0988 RasAcd - ok
12:35:53.0107 0988 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:35:53.0107 0988 RasAgileVpn - ok
12:35:53.0122 0988 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:35:53.0138 0988 RasAuto - ok
12:35:53.0153 0988 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:35:53.0153 0988 Rasl2tp - ok
12:35:53.0185 0988 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
12:35:53.0200 0988 RasMan - ok
12:35:53.0231 0988 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:35:53.0231 0988 RasPppoe - ok
12:35:53.0231 0988 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:35:53.0231 0988 RasSstp - ok
12:35:53.0278 0988 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:35:53.0278 0988 rdbss - ok
12:35:53.0309 0988 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:35:53.0309 0988 rdpbus - ok
12:35:53.0325 0988 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:35:53.0325 0988 RDPCDD - ok
12:35:53.0341 0988 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:35:53.0341 0988 RDPENCDD - ok
12:35:53.0372 0988 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:35:53.0372 0988 RDPREFMP - ok
12:35:53.0419 0988 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:35:53.0419 0988 RDPWD - ok
12:35:53.0465 0988 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:35:53.0465 0988 rdyboost - ok
12:35:53.0497 0988 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:35:53.0497 0988 RemoteAccess - ok
12:35:53.0528 0988 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:35:53.0543 0988 RemoteRegistry - ok
12:35:53.0575 0988 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:35:53.0575 0988 RpcEptMapper - ok
12:35:53.0606 0988 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:35:53.0606 0988 RpcLocator - ok
12:35:53.0637 0988 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
12:35:53.0653 0988 RpcSs - ok
12:35:53.0699 0988 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:35:53.0699 0988 rspndr - ok
12:35:53.0762 0988 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:35:53.0762 0988 RTL8167 - ok
12:35:53.0777 0988 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
12:35:53.0777 0988 SamSs - ok
12:35:53.0809 0988 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
12:35:53.0824 0988 sbp2port - ok
12:35:53.0855 0988 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:35:53.0855 0988 SCardSvr - ok
12:35:53.0887 0988 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:35:53.0887 0988 scfilter - ok
12:35:53.0949 0988 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
12:35:53.0996 0988 Schedule - ok
12:35:54.0043 0988 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:35:54.0043 0988 SCPolicySvc - ok
12:35:54.0074 0988 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:35:54.0074 0988 SDRSVC - ok
12:35:54.0121 0988 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:35:54.0121 0988 secdrv - ok
12:35:54.0136 0988 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
12:35:54.0136 0988 seclogon - ok
12:35:54.0167 0988 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:35:54.0167 0988 SENS - ok
12:35:54.0199 0988 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:35:54.0199 0988 SensrSvc - ok
12:35:54.0214 0988 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:35:54.0214 0988 Serenum - ok
12:35:54.0214 0988 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:35:54.0230 0988 Serial - ok
12:35:54.0245 0988 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:35:54.0245 0988 sermouse - ok
12:35:54.0292 0988 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
12:35:54.0308 0988 SessionEnv - ok
12:35:54.0339 0988 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
12:35:54.0339 0988 sffdisk - ok
12:35:54.0355 0988 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
12:35:54.0355 0988 sffp_mmc - ok
12:35:54.0370 0988 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
12:35:54.0370 0988 sffp_sd - ok
12:35:54.0386 0988 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:35:54.0386 0988 sfloppy - ok
12:35:54.0448 0988 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
12:35:54.0464 0988 Sftfs - ok
12:35:54.0604 0988 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:35:54.0620 0988 sftlist - ok
12:35:54.0651 0988 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:35:54.0667 0988 Sftplay - ok
12:35:54.0698 0988 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:35:54.0698 0988 Sftredir - ok
12:35:55.0057 0988 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:35:55.0119 0988 SftService - ok
12:35:55.0150 0988 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
12:35:55.0150 0988 Sftvol - ok
12:35:55.0275 0988 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:35:55.0275 0988 sftvsa - ok
12:35:55.0322 0988 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:35:55.0337 0988 SharedAccess - ok
12:35:55.0384 0988 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:35:55.0384 0988 ShellHWDetection - ok
12:35:55.0415 0988 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:35:55.0415 0988 SiSRaid2 - ok
12:35:55.0447 0988 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:35:55.0447 0988 SiSRaid4 - ok
12:35:55.0540 0988 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:35:55.0556 0988 SkypeUpdate - ok
12:35:55.0603 0988 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:35:55.0603 0988 Smb - ok
12:35:55.0681 0988 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:35:55.0681 0988 SNMPTRAP - ok
12:35:55.0727 0988 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:35:55.0727 0988 spldr - ok
12:35:55.0774 0988 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
12:35:55.0774 0988 Spooler - ok
12:35:55.0915 0988 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
12:35:56.0024 0988 sppsvc - ok
12:35:56.0086 0988 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:35:56.0086 0988 sppuinotify - ok
12:35:56.0180 0988 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
12:35:56.0180 0988 sprtsvc_DellSupportCenter - ok
12:35:56.0227 0988 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:35:56.0242 0988 srv - ok
12:35:56.0273 0988 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:35:56.0273 0988 srv2 - ok
12:35:56.0336 0988 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:35:56.0336 0988 srvnet - ok
12:35:56.0367 0988 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:35:56.0383 0988 SSDPSRV - ok
12:35:56.0398 0988 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:35:56.0398 0988 SstpSvc - ok
12:35:56.0601 0988 [ DA7702025DFD169B909C4DA3126762CC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe
12:35:56.0601 0988 STacSV - ok
12:35:56.0648 0988 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:35:56.0648 0988 stexstor - ok
12:35:56.0710 0988 [ CAF5A9708671B14B9670260735B22C4E ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:35:56.0741 0988 STHDA - ok
12:35:56.0804 0988 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
12:35:56.0819 0988 stisvc - ok
12:35:56.0851 0988 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:35:56.0851 0988 swenum - ok
12:35:56.0913 0988 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:35:56.0929 0988 swprv - ok
12:35:56.0991 0988 [ 8A3FBCB3D6D4710730D27DA4392A4863 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:35:56.0991 0988 SynTP - ok
12:35:57.0069 0988 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
12:35:57.0131 0988 SysMain - ok
12:35:57.0147 0988 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:35:57.0147 0988 TabletInputService - ok
12:35:57.0178 0988 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
12:35:57.0178 0988 TapiSrv - ok
12:35:57.0194 0988 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:35:57.0194 0988 TBS - ok
12:35:57.0287 0988 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:35:57.0350 0988 Tcpip - ok
12:35:57.0506 0988 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:35:57.0537 0988 TCPIP6 - ok
12:35:57.0584 0988 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:35:57.0599 0988 tcpipreg - ok
12:35:57.0615 0988 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:35:57.0615 0988 TDPIPE - ok
12:35:57.0662 0988 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:35:57.0662 0988 TDTCP - ok
12:35:57.0693 0988 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:35:57.0709 0988 tdx - ok
12:35:57.0724 0988 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:35:57.0724 0988 TermDD - ok
12:35:57.0787 0988 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
12:35:57.0818 0988 TermService - ok
12:35:57.0833 0988 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:35:57.0849 0988 Themes - ok
12:35:57.0880 0988 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:35:57.0896 0988 THREADORDER - ok
12:35:57.0927 0988 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:35:57.0943 0988 TrkWks - ok
12:35:57.0989 0988 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:35:57.0989 0988 TrustedInstaller - ok
12:35:58.0021 0988 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:35:58.0021 0988 tssecsrv - ok
12:35:58.0067 0988 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:35:58.0083 0988 tunnel - ok
12:35:58.0099 0988 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:35:58.0099 0988 uagp35 - ok
12:35:58.0130 0988 [ 31BA4A33AFAB6A69EA092B18017F737F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:35:58.0145 0988 udfs - ok
12:35:58.0192 0988 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:35:58.0192 0988 UI0Detect - ok
12:35:58.0223 0988 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
12:35:58.0223 0988 uliagpkx - ok
12:35:58.0255 0988 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:35:58.0255 0988 umbus - ok
12:35:58.0286 0988 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:35:58.0286 0988 UmPass - ok
12:35:58.0379 0988 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:35:58.0411 0988 upnphost - ok
12:35:58.0442 0988 [ 54D4B48D443E7228BF64CF7CDC3118AC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:35:58.0457 0988 USBAAPL64 - ok
12:35:58.0489 0988 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:35:58.0489 0988 usbccgp - ok
12:35:58.0520 0988 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
12:35:58.0535 0988 usbcir - ok
12:35:58.0567 0988 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:35:58.0567 0988 usbehci - ok
12:35:58.0598 0988 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
12:35:58.0613 0988 usbfilter - ok
12:35:58.0645 0988 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:35:58.0645 0988 usbhub - ok
12:35:58.0676 0988 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:35:58.0676 0988 usbohci - ok
12:35:58.0691 0988 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:35:58.0707 0988 usbprint - ok
12:35:58.0738 0988 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:35:58.0738 0988 USBSTOR - ok
12:35:58.0754 0988 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:35:58.0754 0988 usbuhci - ok
12:35:58.0785 0988 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:35:58.0801 0988 usbvideo - ok
12:35:58.0832 0988 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:35:58.0847 0988 UxSms - ok
12:35:58.0847 0988 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
12:35:58.0863 0988 VaultSvc - ok
12:35:58.0894 0988 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
12:35:58.0894 0988 vdrvroot - ok
12:35:58.0941 0988 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
12:35:58.0972 0988 vds - ok
12:35:58.0988 0988 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:35:58.0988 0988 vga - ok
12:35:59.0003 0988 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:35:59.0003 0988 VgaSave - ok
12:35:59.0035 0988 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
12:35:59.0050 0988 vhdmp - ok
12:35:59.0081 0988 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
12:35:59.0081 0988 viaide - ok
12:35:59.0113 0988 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
12:35:59.0128 0988 volmgr - ok
12:35:59.0159 0988 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:35:59.0159 0988 volmgrx - ok
12:35:59.0191 0988 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
12:35:59.0191 0988 volsnap - ok
12:35:59.0222 0988 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:35:59.0237 0988 vsmraid - ok
12:35:59.0440 0988 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
12:35:59.0503 0988 VSS - ok
12:35:59.0534 0988 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:35:59.0534 0988 vwifibus - ok
12:35:59.0565 0988 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:35:59.0565 0988 vwififlt - ok
12:35:59.0612 0988 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:35:59.0643 0988 W32Time - ok
12:35:59.0674 0988 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:35:59.0674 0988 WacomPen - ok
12:35:59.0721 0988 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:35:59.0721 0988 WANARP - ok
12:35:59.0737 0988 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:35:59.0737 0988 Wanarpv6 - ok
12:35:59.0846 0988 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:35:59.0893 0988 WatAdminSvc - ok
12:35:59.0955 0988 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
12:36:00.0049 0988 wbengine - ok
12:36:00.0095 0988 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:36:00.0111 0988 WbioSrvc - ok
12:36:00.0142 0988 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:36:00.0158 0988 wcncsvc - ok
12:36:00.0189 0988 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:36:00.0189 0988 WcsPlugInService - ok
12:36:00.0220 0988 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:36:00.0220 0988 Wd - ok
12:36:00.0283 0988 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:36:00.0314 0988 Wdf01000 - ok
12:36:00.0345 0988 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:36:00.0345 0988 WdiServiceHost - ok
12:36:00.0361 0988 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:36:00.0361 0988 WdiSystemHost - ok
12:36:00.0423 0988 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
12:36:00.0439 0988 WebClient - ok
12:36:00.0454 0988 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:36:00.0470 0988 Wecsvc - ok
12:36:00.0485 0988 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:36:00.0485 0988 wercplsupport - ok
12:36:00.0517 0988 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:36:00.0517 0988 WerSvc - ok
12:36:00.0548 0988 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:36:00.0548 0988 WfpLwf - ok
12:36:00.0579 0988 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
12:36:00.0579 0988 WimFltr - ok
12:36:00.0610 0988 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:36:00.0610 0988 WIMMount - ok
12:36:00.0626 0988 WinDefend - ok
12:36:00.0641 0988 WinHttpAutoProxySvc - ok
12:36:00.0813 0988 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:36:00.0829 0988 Winmgmt - ok
12:36:00.0891 0988 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
12:36:00.0953 0988 WinRM - ok
12:36:01.0047 0988 [ 4D52C872018AF7E18D078978DCC3F6F2 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:36:01.0047 0988 WinUsb - ok
12:36:01.0109 0988 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:36:01.0125 0988 Wlansvc - ok
12:36:01.0265 0988 [ DE816A0624D54D68E1FB8A9028DCF81A ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
12:36:01.0265 0988 wltrysvc - ok
12:36:01.0312 0988 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:36:01.0312 0988 WmiAcpi - ok
12:36:01.0343 0988 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:36:01.0359 0988 wmiApSrv - ok
12:36:01.0375 0988 WMPNetworkSvc - ok
12:36:01.0406 0988 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:36:01.0406 0988 WPCSvc - ok
12:36:01.0437 0988 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:36:01.0453 0988 WPDBusEnum - ok
12:36:01.0468 0988 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:36:01.0468 0988 ws2ifsl - ok
12:36:01.0515 0988 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
12:36:01.0531 0988 wscsvc - ok
12:36:01.0531 0988 WSearch - ok
12:36:01.0811 0988 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:36:01.0921 0988 wuauserv - ok
12:36:01.0983 0988 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:36:01.0983 0988 WudfPf - ok
12:36:02.0030 0988 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:36:02.0030 0988 WUDFRd - ok
12:36:02.0077 0988 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:36:02.0077 0988 wudfsvc - ok
12:36:02.0123 0988 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:36:02.0123 0988 WwanSvc - ok
12:36:02.0170 0988 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
12:36:02.0170 0988 yukonw7 - ok
12:36:02.0201 0988 ================ Scan global ===============================
12:36:02.0233 0988 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:36:02.0295 0988 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
12:36:02.0311 0988 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
12:36:02.0342 0988 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:36:02.0389 0988 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:36:02.0389 0988 [Global] - ok
12:36:02.0389 0988 ================ Scan MBR ==================================
12:36:02.0404 0988 [ C3220EB08ADD62E3ED9F72A1F4E4B1BB ] \Device\Harddisk0\DR0
12:36:06.0367 0988 \Device\Harddisk0\DR0 - ok
12:36:06.0367 0988 ================ Scan VBR ==================================
12:36:06.0413 0988 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
12:36:06.0429 0988 \Device\Harddisk0\DR0\Partition1 - ok
12:36:06.0445 0988 [ 9353CF31A6EC515E78353D1600509A2F ] \Device\Harddisk0\DR0\Partition2
12:36:06.0460 0988 \Device\Harddisk0\DR0\Partition2 - ok
12:36:06.0460 0988 ============================================================
12:36:06.0460 0988 Scan finished
12:36:06.0460 0988 ============================================================
12:36:06.0491 3392 Detected object count: 0
12:36:06.0491 3392 Actual detected object count: 0


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-18 12:38:08
-----------------------------
12:38:08.331 OS Version: Windows x64 6.1.7600
12:38:08.331 Number of processors: 3 586 0x503
12:38:08.331 ComputerName: OWNER-PC UserName: Owner
12:38:10.063 Initialize success
12:39:53.959 AVAST engine defs: 12111801
12:40:19.652 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:40:19.652 Disk 0 Vendor: ST9500325AS D005DEM1 Size: 476940MB BusType: 11
12:40:19.668 Disk 0 MBR read successfully
12:40:19.683 Disk 0 MBR scan
12:40:19.683 Disk 0 Windows 7 default MBR code
12:40:19.699 Disk 0 Partition 1 00 DE Dell Utility DELL 8.0 100 MB offset 2048
12:40:19.714 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
12:40:19.746 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461838 MB offset 30926848
12:40:19.792 Disk 0 scanning C:\Windows\system32\drivers
12:40:36.250 Service scanning
12:41:05.329 Modules scanning
12:41:05.345 Disk 0 trace - called modules:
12:41:05.360 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:41:05.376 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800483d1b0]
12:41:05.391 3 CLASSPNP.SYS[fffff880018c743f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80047b9060]
12:41:08.106 AVAST engine scan C:\Windows
12:41:11.678 AVAST engine scan C:\Windows\system32
12:45:45.630 AVAST engine scan C:\Windows\system32\drivers
12:46:03.913 AVAST engine scan C:\Users\Owner
12:59:57.532 AVAST engine scan C:\ProgramData
13:01:06.406 Scan finished successfully
13:02:08.804 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
13:02:08.820 The log file has been saved successfully to "C:\aswMRB 11_18.txt"


C:\Users\Owner\AppData\Local\Creative Tech\ewoqxtzr.dll Win32/Kryptik.ANOZ.Gen trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C97D778T\73487397hel[1].jpg Win32/LockScreen.AOH trojan cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\jar_cache4870036782581216686.tmp a variant of Java/TrojanDownloader.OpenStream.NCE trojan deleted - quarantined
C:\Users\Owner\AppData\Local\Temp\NODE0CB.tmp Win32/Kryptik.ANOZ.Gen trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\3423e38b-473eb081 Java/Exploit.CVE-2011-3544.S trojan deleted - quarantined
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\54943905-16013bea multiple threats deleted - quarantined


Thank you very much for your help! I was so worried it would be impossible to fix. ^^

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:59 PM

Posted 18 November 2012 - 06:03 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 Jeevas Crow

Jeevas Crow
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:59 AM

Posted 18 November 2012 - 08:21 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.18.06

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

11/18/2012 15:51:37
mbam-log-2012-11-18 (15-51-37).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 383747
Time elapsed: 1 hour(s), 3 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Creative Tech (Trojan.RedirRdll2.Gen) -> Data: Rundll32.exe "C:\Users\Owner\AppData\Local\Creative Tech\ewoqxtzr.dll",ir_fe_ocr_linesegment -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Owner (administrator) on 18-11-2012 at 16:59:09
Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.or.comcast.net.

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
Physical Address. . . . . . . . . : C4-46-19-72-27-78
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.or.comcast.net.
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : C4-46-19-72-27-78
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2849:49be:a65c:7615%12(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, November 18, 2012 16:57:49
Lease Expires . . . . . . . . . . : Sunday, November 25, 2012 16:58:24
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 230966809
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-FE-FA-9F-A4-BA-DB-DC-8E-E3
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Reusable ISATAP Interface {A5228636-07A3-408D-BACE-8ADB7FC21680}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.or.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{EC764A4B-B108-4EB5-A0B9-ABBF1127ACC7}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.or.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:14c6:33b8:bc57:691(Preferred)
Link-local IPv6 Address . . . . . : fe80::14c6:33b8:bc57:691%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:400a:800::100e
74.125.224.71
74.125.224.73
74.125.224.64
74.125.224.68
74.125.224.69
74.125.224.65
74.125.224.66
74.125.224.72
74.125.224.70
74.125.224.78
74.125.224.67


Pinging google.com [74.125.224.38] with 32 bytes of data:
Reply from 74.125.224.38: bytes=32 time=35ms TTL=54
Reply from 74.125.224.38: bytes=32 time=31ms TTL=54

Ping statistics for 74.125.224.38:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 35ms, Average = 33ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=128ms TTL=49
Reply from 98.139.183.24: bytes=32 time=144ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 128ms, Maximum = 144ms, Average = 136ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...c4 46 19 72 27 78 ......Broadcom Virtual Wireless Adapter
12...c4 46 19 72 27 78 ......DW1501 Wireless-N WLAN Half-Mini Card
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.4 25
10.0.0.0 255.255.255.0 On-link 10.0.0.4 281
10.0.0.4 255.255.255.255 On-link 10.0.0.4 281
10.0.0.255 255.255.255.255 On-link 10.0.0.4 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:9d38:6ab8:14c6:33b8:bc57:691/128
On-link
12 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::14c6:33b8:bc57:691/128
On-link
12 281 fe80::2849:49be:a65c:7615/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/18/2012 04:55:44 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}wltrynt SENS Logon Spy Subscription

Error: (11/18/2012 03:03:22 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}wltrynt SENS Logon Spy Subscription

Error: (11/18/2012 01:02:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/18/2012 01:02:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/17/2012 10:49:49 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32307978

Error: (11/17/2012 10:49:49 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32307978

Error: (11/17/2012 10:49:49 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2012 01:51:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2199

Error: (11/17/2012 01:51:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2199

Error: (11/17/2012 01:51:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (11/18/2012 04:55:42 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/17/2012 11:58:15 AM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (11/17/2012 11:48:46 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2012 11:46:48 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2012 11:46:48 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2012 11:46:48 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2012 11:46:48 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2012 11:46:48 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2012 11:46:48 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2012 11:46:46 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (11/18/2012 04:55:44 PM) (Source: EventSystem)(User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}wltrynt SENS Logon Spy Subscription

Error: (11/18/2012 03:03:22 PM) (Source: EventSystem)(User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}wltrynt SENS Logon Spy Subscription

Error: (11/18/2012 01:02:38 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Owner\Downloads\esetsmartinstaller_enu.exe

Error: (11/18/2012 01:02:36 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Owner\Downloads\esetsmartinstaller_enu.exe

Error: (11/17/2012 10:49:49 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32307978

Error: (11/17/2012 10:49:49 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32307978

Error: (11/17/2012 10:49:49 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2012 01:51:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2199

Error: (11/17/2012 01:51:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2199

Error: (11/17/2012 01:51:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

ACTScom Modem (Version: 1.2.7.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.228)
Adobe Reader 9.1 (Version: 9.1.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Advanced Audio FX Engine (Version: 1.12.05)
AIM 7
Apple Application Support (Version: 1.5.0)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.2.0)
Ask Toolbar Updater (Version: 1.2.1.23037)
ATI Catalyst Install Manager (Version: 3.0.774.0)
Best Buy pc app (Version: 3.0.0.0)
Best Buy pc app (Version: 3.1.2.0)
Bing Bar (Version: 7.0.850.0)
BitTorrent (Version: 7.2.0)
Bonjour (Version: 2.0.4.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0427.2150.37350)
Catalyst Control Center Graphics Full Existing (Version: 2010.0427.2150.37350)
Catalyst Control Center Graphics Full New (Version: 2010.0427.2150.37350)
Catalyst Control Center Graphics Light (Version: 2010.0427.2150.37350)
Catalyst Control Center Graphics Previews Common (Version: 2010.0427.2150.37350)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0427.2150.37350)
Catalyst Control Center InstallProxy (Version: 2010.0427.2150.37350)
Catalyst Control Center Localization All (Version: 2010.0427.2150.37350)
ccc-core-static (Version: 2010.0427.2150.37350)
ccc-utility64 (Version: 2010.0427.2150.37350)
CCC Help Chinese Standard (Version: 2010.0427.2149.37350)
CCC Help Chinese Traditional (Version: 2010.0427.2149.37350)
CCC Help Czech (Version: 2010.0427.2149.37350)
CCC Help Danish (Version: 2010.0427.2149.37350)
CCC Help Dutch (Version: 2010.0427.2149.37350)
CCC Help English (Version: 2010.0427.2149.37350)
CCC Help Finnish (Version: 2010.0427.2149.37350)
CCC Help French (Version: 2010.0427.2149.37350)
CCC Help German (Version: 2010.0427.2149.37350)
CCC Help Greek (Version: 2010.0427.2149.37350)
CCC Help Hungarian (Version: 2010.0427.2149.37350)
CCC Help Italian (Version: 2010.0427.2149.37350)
CCC Help Japanese (Version: 2010.0427.2149.37350)
CCC Help Korean (Version: 2010.0427.2149.37350)
CCC Help Norwegian (Version: 2010.0427.2149.37350)
CCC Help Polish (Version: 2010.0427.2149.37350)
CCC Help Portuguese (Version: 2010.0427.2149.37350)
CCC Help Russian (Version: 2010.0427.2149.37350)
CCC Help Spanish (Version: 2010.0427.2149.37350)
CCC Help Swedish (Version: 2010.0427.2149.37350)
CCC Help Thai (Version: 2010.0427.2149.37350)
CCC Help Turkish (Version: 2010.0427.2149.37350)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Cricket Broadband A605 (Version: 2.14.2252)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Webcam Central (Version: 1.40.05)
Download Updater (AOL LLC)
DW WLAN Card Utility (Version: 5.60.48.35)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Google Chrome (Version: 23.0.1271.64)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
GoToAssist 8.0.0.514
Grooveshark (Version: 20120118.01)
Grooveshark (Version: 255.01)
iTunes (Version: 10.2.1.1)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 37 (Version: 6.0.370)
Junk Mail filter update (Version: 14.0.8089.726)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
PMB (Version: 5.5.02.12220)
Quickset64 (Version: 10.5.0)
QuickTime (Version: 7.69.80.9)
Roxio Burn (Version: 1.01)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
Synaptics Pointing Device Driver (Version: 15.0.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VLC media player 1.1.7 (Version: 1.1.7)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 3835.93 MB
Available physical RAM: 2627.8 MB
Total Pagefile: 7670 MB
Available Pagefile: 6222.15 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.73 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:379.87 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest Owner

========================= Restore Points ==================================

04-11-2012 01:40:59 Windows 7 Service Pack 1
07-11-2012 06:08:49 Windows Update
07-11-2012 06:13:34 Installed SpyHunter
07-11-2012 06:44:37 Removed SpyHunter
07-11-2012 17:56:06 Installed Java™ 6 Update 37
13-11-2012 06:20:26 Windows Update
15-11-2012 11:00:22 Windows Update

**** End of log ****


Farbar Service Scanner Version: 09-11-2012
Ran by Owner (administrator) on 18-11-2012 at 17:01:11
Running from "C:\Users\Owner\Downloads"
Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 03:02] - [2011-12-27 19:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-10 19:41] - [2012-03-30 03:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-09 09:28] - [2012-06-01 21:25] - 0182272 ____A (Microsoft Corporation) BAF19B633933A9FB4883D27D66C39E9A

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v2.008 - Logfile created 11/18/2012 at 17:02:41
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Owner - OWNER-PC
# Boot Mode : Normal
# Running from : C:\Users\Owner\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Users\Owner\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zqy8t5ys.default\searchplugins\Askcom.xml
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Owner\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zqy8t5ys.default\extensions\toolbar@ask.com
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zqy8t5ys.default\prefs.js

C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zqy8t5ys.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_u[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [6479 octets] - [18/11/2012 17:02:41]

########## EOF - C:\AdwCleaner[S2].txt - [6539 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.3.3 (11.18.2012)
OS: Windows 7 Home Premium x64
Ran by Owner on Sun 11/18/2012 at 17:05:42.38
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\best buy pc app"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/18/2012 at 17:10:59.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thanks for doing all this for me. =)

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:59 PM

Posted 18 November 2012 - 08:36 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 Jeevas Crow

Jeevas Crow
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:59 AM

Posted 18 November 2012 - 11:15 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here


Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/18/2012 08:10:21 PM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* SMTMP folder detected. Please see this link for more information: http://www.bleepingcomputer.com/forums/topic405109.html

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/18/2012 08:10:39 PM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Broadcom Wireless Manager UI" "DW WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dw wlan card\wltray.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "Dell Webcam Central" "WebcamDell2.exe" "Creative Technology Ltd" "c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe"
+ "DellSupportCenter" "Dell Support Center Updates" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtcmd.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "PMBVolumeWatcher" "Media Check Tool" "Sony Corporation" "c:\program files (x86)\sony\pmb\pmbvolumewatcher.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ ""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"" "Update Client for Dell DataSafe Local Backup" "Dell" "c:\program files (x86)\dell datasafe local backup\components\dsupdate\dsupdate.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\owner\appdata\local\facebook\update\facebookupdate.exe"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.2 r202" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-618245155-1263730655-1733164781-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\owner\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-618245155-1263730655-1733164781-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\owner\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\aestsr64.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files (x86)\bonjour\mdnsresponder.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\514\g2aservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "Mobile Broadband Experience Client" "Gathers performance and operational information from a data card inserted on the PC" "" "c:\program files (x86)\cricket broadband\a605\mobile broadband experience client\mbbeclient.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PMBDeviceInfoProvider" "Enables PMB to communicate with the device." "Sony Corporation" "c:\program files (x86)\sony\pmb\pmbdeviceinfoprovider.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks SAS" "c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtsvc.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\stacsv64.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "Dell Inc." "c:\program files\dell\dw wlan card\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ACTSBUS" "USB Composite Device Driver (MSS Ver.3)" "DEVGURU Co., LTD." "c:\windows\system32\drivers\actsbus.sys"
+ "ACTSCVsp" "ACTScom CM Port device driver" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\actscvsp.sys"
+ "ACTSFLT" "ACTScom Auto-Install CD-ROM Device Driver" "DEVGURU Co., LTD." "c:\windows\system32\drivers\actsflt.sys"
+ "ACTSMBMP" "ACTScom Mobile Broadband device driver" "DEVGURU Co., LTD." "c:\windows\system32\drivers\actsmbmp.sys"
+ "ACTSMdm" "ACTScom Modem Driver" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\actsmdm.sys"
+ "ACTSNVsp" "ACTScom NMEA Port device driver" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\actsnvsp.sys"
+ "ACTSRMNET" "ACTScom RMNET Service Device Driver" "DEVGURU Co., LTD." "c:\windows\system32\drivers\actsrmnet.sys"
+ "ACTSVsp" "ACTScom DM Port device driver" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\actsvsp.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BcmVWL" "Broadcom 802.11 Network Adapter Virtual Wireless Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmvwl64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "esgiguard" "" "" "File not found: C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "DW WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:59 PM

Posted 19 November 2012 - 08:29 AM

Download

UNHIDE

Run the tool and this should restore the hidden files


Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 Jeevas Crow

Jeevas Crow
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:59 AM

Posted 19 November 2012 - 01:34 PM

Thank you so much for your help!

The search engines are working great now! =D

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:59 PM

Posted 19 November 2012 - 09:00 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users