Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another Google redirect problem


  • Please log in to reply
9 replies to this topic

#1 ChristineProulx

ChristineProulx

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:54 AM

Posted 25 November 2012 - 01:35 PM

I have seen this problem on a bunch of fora, but there seem to be a lot of possible solutions. Google searches have been redirected for a few weeks now. I have run Norton, Malwarebytes, Spybot, and although some problems are found and fixed, the problem remains. I used the Kapersky TDSS removal tool, and it didn't find a problem. I don't know how to find and post a log of the programs running, but would like help in figuring out what is wrong.

Edited by bloopie, 25 November 2012 - 01:45 PM.
Mod Edit: Moved from Windows 7 to the more appropriate forum. ~bloopie


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:54 AM

Posted 25 November 2012 - 01:40 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 ChristineProulx

ChristineProulx
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:54 AM

Posted 25 November 2012 - 06:27 PM

TDSS Killer log:
14:04:21.0361 5404 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:04:21.0782 5404 ============================================================
14:04:21.0782 5404 Current date / time: 2012/11/25 14:04:21.0782
14:04:21.0782 5404 SystemInfo:
14:04:21.0782 5404
14:04:21.0782 5404 OS Version: 6.1.7601 ServicePack: 1.0
14:04:21.0782 5404 Product type: Workstation
14:04:21.0782 5404 ComputerName: PROULX-HP
14:04:21.0782 5404 UserName: Proulx
14:04:21.0782 5404 Windows directory: C:\Windows
14:04:21.0782 5404 System windows directory: C:\Windows
14:04:21.0782 5404 Running under WOW64
14:04:21.0782 5404 Processor architecture: Intel x64
14:04:21.0782 5404 Number of processors: 1
14:04:21.0782 5404 Page size: 0x1000
14:04:21.0782 5404 Boot type: Normal boot
14:04:21.0782 5404 ============================================================
14:04:23.0420 5404 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:04:23.0436 5404 Drive \Device\Harddisk1\DR1 - Size: 0x4A5BF00000 (297.44 Gb), SectorSize: 0x200, Cylinders: 0x97AB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:04:23.0452 5404 ============================================================
14:04:23.0452 5404 \Device\Harddisk0\DR0:
14:04:23.0452 5404 MBR partitions:
14:04:23.0452 5404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:04:23.0452 5404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38EC0800
14:04:23.0452 5404 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38EF3000, BlocksNum 0x1492800
14:04:23.0452 5404 \Device\Harddisk1\DR1:
14:04:23.0452 5404 MBR partitions:
14:04:23.0452 5404 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x252DF000
14:04:23.0452 5404 ============================================================
14:04:23.0498 5404 C: <-> \Device\Harddisk0\DR0\Partition2
14:04:23.0530 5404 D: <-> \Device\Harddisk0\DR0\Partition3
14:04:23.0842 5404 H: <-> \Device\Harddisk1\DR1\Partition1
14:04:23.0888 5404 ============================================================
14:04:23.0888 5404 Initialize success
14:04:23.0888 5404 ============================================================
14:04:38.0552 4748 ============================================================
14:04:38.0552 4748 Scan started
14:04:38.0552 4748 Mode: Manual; TDLFS;
14:04:38.0552 4748 ============================================================
14:04:39.0379 4748 ================ Scan system memory ========================
14:04:39.0379 4748 System memory - ok
14:04:39.0379 4748 ================ Scan services =============================
14:04:39.0520 4748 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:04:39.0535 4748 1394ohci - ok
14:04:39.0582 4748 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:04:39.0582 4748 ACPI - ok
14:04:39.0598 4748 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:04:39.0598 4748 AcpiPmi - ok
14:04:39.0816 4748 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:04:39.0832 4748 AdobeARMservice - ok
14:04:39.0894 4748 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:04:39.0894 4748 adp94xx - ok
14:04:39.0925 4748 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:04:39.0941 4748 adpahci - ok
14:04:39.0956 4748 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:04:39.0972 4748 adpu320 - ok
14:04:39.0988 4748 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:04:39.0988 4748 AeLookupSvc - ok
14:04:40.0050 4748 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:04:40.0112 4748 AFD - ok
14:04:40.0144 4748 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:04:40.0159 4748 agp440 - ok
14:04:40.0175 4748 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:04:40.0175 4748 ALG - ok
14:04:40.0206 4748 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:04:40.0222 4748 aliide - ok
14:04:40.0237 4748 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:04:40.0253 4748 amdide - ok
14:04:40.0284 4748 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:04:40.0284 4748 AmdK8 - ok
14:04:40.0300 4748 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:04:40.0315 4748 AmdPPM - ok
14:04:40.0331 4748 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:04:40.0331 4748 amdsata - ok
14:04:40.0346 4748 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:04:40.0362 4748 amdsbs - ok
14:04:40.0378 4748 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:04:40.0393 4748 amdxata - ok
14:04:40.0456 4748 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:04:40.0456 4748 AppID - ok
14:04:40.0502 4748 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:04:40.0502 4748 AppIDSvc - ok
14:04:40.0549 4748 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:04:40.0549 4748 Appinfo - ok
14:04:40.0627 4748 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:04:40.0643 4748 Apple Mobile Device - ok
14:04:40.0690 4748 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:04:40.0690 4748 arc - ok
14:04:40.0705 4748 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:04:40.0721 4748 arcsas - ok
14:04:40.0752 4748 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:04:40.0768 4748 AsyncMac - ok
14:04:40.0830 4748 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:04:40.0846 4748 atapi - ok
14:04:40.0924 4748 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:04:40.0955 4748 AudioEndpointBuilder - ok
14:04:40.0970 4748 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:04:40.0970 4748 AudioSrv - ok
14:04:41.0033 4748 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:04:41.0033 4748 AxInstSV - ok
14:04:41.0064 4748 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:04:41.0080 4748 b06bdrv - ok
14:04:41.0126 4748 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:04:41.0126 4748 b57nd60a - ok
14:04:41.0189 4748 [ 68B86DD9D455A6A8DE6D13C84FB5CE31 ] BackupService C:\Users\Proulx\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
14:04:41.0204 4748 BackupService - ok
14:04:41.0251 4748 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:04:41.0251 4748 BDESVC - ok
14:04:41.0267 4748 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:04:41.0267 4748 Beep - ok
14:04:41.0329 4748 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:04:41.0345 4748 BFE - ok
14:04:41.0516 4748 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20121106.001\BHDrvx64.sys
14:04:41.0548 4748 BHDrvx64 - ok
14:04:41.0594 4748 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:04:41.0610 4748 BITS - ok
14:04:41.0626 4748 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:04:41.0626 4748 blbdrive - ok
14:04:41.0704 4748 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:04:41.0704 4748 Bonjour Service - ok
14:04:41.0735 4748 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:04:41.0750 4748 bowser - ok
14:04:41.0782 4748 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:04:41.0782 4748 BrFiltLo - ok
14:04:41.0797 4748 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:04:41.0797 4748 BrFiltUp - ok
14:04:41.0844 4748 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:04:41.0844 4748 Browser - ok
14:04:41.0860 4748 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:04:41.0875 4748 Brserid - ok
14:04:41.0891 4748 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:04:41.0891 4748 BrSerWdm - ok
14:04:41.0906 4748 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:04:41.0922 4748 BrUsbMdm - ok
14:04:41.0953 4748 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:04:41.0953 4748 BrUsbSer - ok
14:04:41.0969 4748 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:04:41.0969 4748 BTHMODEM - ok
14:04:42.0000 4748 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:04:42.0000 4748 bthserv - ok
14:04:42.0016 4748 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:04:42.0031 4748 cdfs - ok
14:04:42.0094 4748 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:04:42.0109 4748 cdrom - ok
14:04:42.0187 4748 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:04:42.0187 4748 CertPropSvc - ok
14:04:42.0234 4748 [ 2C24DB5F78F0ACA759803001E6B4F320 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
14:04:42.0234 4748 CinemaNow Service - ok
14:04:42.0265 4748 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:04:42.0265 4748 circlass - ok
14:04:42.0296 4748 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:04:42.0312 4748 CLFS - ok
14:04:42.0359 4748 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:04:42.0390 4748 clr_optimization_v2.0.50727_32 - ok
14:04:42.0437 4748 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:04:42.0468 4748 clr_optimization_v2.0.50727_64 - ok
14:04:42.0608 4748 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:04:42.0608 4748 clr_optimization_v4.0.30319_32 - ok
14:04:42.0686 4748 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:04:42.0702 4748 clr_optimization_v4.0.30319_64 - ok
14:04:42.0749 4748 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:04:42.0749 4748 CmBatt - ok
14:04:42.0780 4748 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:04:42.0780 4748 cmdide - ok
14:04:42.0858 4748 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:04:42.0874 4748 CNG - ok
14:04:42.0905 4748 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:04:42.0905 4748 Compbatt - ok
14:04:42.0952 4748 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:04:42.0952 4748 CompositeBus - ok
14:04:42.0967 4748 COMSysApp - ok
14:04:42.0983 4748 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:04:42.0998 4748 crcdisk - ok
14:04:43.0030 4748 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:04:43.0045 4748 CryptSvc - ok
14:04:43.0108 4748 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:04:43.0108 4748 DcomLaunch - ok
14:04:43.0139 4748 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:04:43.0139 4748 defragsvc - ok
14:04:43.0186 4748 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:04:43.0186 4748 DfsC - ok
14:04:43.0248 4748 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:04:43.0248 4748 Dhcp - ok
14:04:43.0295 4748 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:04:43.0310 4748 discache - ok
14:04:43.0357 4748 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:04:43.0357 4748 Disk - ok
14:04:43.0404 4748 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:04:43.0404 4748 Dnscache - ok
14:04:43.0482 4748 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:04:43.0482 4748 dot3svc - ok
14:04:43.0513 4748 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:04:43.0529 4748 DPS - ok
14:04:43.0544 4748 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:04:43.0544 4748 drmkaud - ok
14:04:43.0622 4748 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:04:43.0654 4748 DXGKrnl - ok
14:04:43.0700 4748 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:04:43.0716 4748 EapHost - ok
14:04:43.0778 4748 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:04:43.0825 4748 ebdrv - ok
14:04:43.0872 4748 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:04:43.0888 4748 eeCtrl - ok
14:04:43.0934 4748 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:04:43.0934 4748 EFS - ok
14:04:44.0012 4748 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:04:44.0028 4748 ehRecvr - ok
14:04:44.0059 4748 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:04:44.0059 4748 ehSched - ok
14:04:44.0090 4748 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:04:44.0106 4748 elxstor - ok
14:04:44.0184 4748 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:04:44.0200 4748 EraserUtilRebootDrv - ok
14:04:44.0231 4748 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:04:44.0231 4748 ErrDev - ok
14:04:44.0278 4748 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:04:44.0278 4748 EventSystem - ok
14:04:44.0309 4748 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:04:44.0309 4748 exfat - ok
14:04:44.0356 4748 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:04:44.0356 4748 fastfat - ok
14:04:44.0418 4748 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:04:44.0434 4748 Fax - ok
14:04:44.0465 4748 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:04:44.0465 4748 fdc - ok
14:04:44.0496 4748 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:04:44.0496 4748 fdPHost - ok
14:04:44.0512 4748 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:04:44.0512 4748 FDResPub - ok
14:04:44.0527 4748 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:04:44.0527 4748 FileInfo - ok
14:04:44.0543 4748 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:04:44.0543 4748 Filetrace - ok
14:04:44.0574 4748 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:04:44.0574 4748 flpydisk - ok
14:04:44.0605 4748 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:04:44.0605 4748 FltMgr - ok
14:04:44.0668 4748 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:04:44.0683 4748 FontCache - ok
14:04:44.0746 4748 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:04:44.0824 4748 FontCache3.0.0.0 - ok
14:04:45.0042 4748 [ E3A2929A1AD3FC34876619AE23DF7B89 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
14:04:45.0089 4748 ForceWare Intelligent Application Manager (IAM) - ok
14:04:45.0104 4748 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:04:45.0120 4748 FsDepends - ok
14:04:45.0151 4748 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:04:45.0167 4748 Fs_Rec - ok
14:04:45.0229 4748 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:04:45.0229 4748 fvevol - ok
14:04:45.0245 4748 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:04:45.0245 4748 gagp30kx - ok
14:04:45.0338 4748 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
14:04:45.0354 4748 GamesAppService - ok
14:04:45.0401 4748 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:04:45.0401 4748 GEARAspiWDM - ok
14:04:45.0479 4748 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:04:45.0510 4748 gpsvc - ok
14:04:45.0619 4748 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:04:45.0635 4748 gupdate - ok
14:04:45.0666 4748 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:04:45.0666 4748 gupdatem - ok
14:04:45.0713 4748 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:04:45.0713 4748 gusvc - ok
14:04:45.0728 4748 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:04:45.0744 4748 hcw85cir - ok
14:04:45.0775 4748 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:04:45.0791 4748 HdAudAddService - ok
14:04:45.0806 4748 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:04:45.0822 4748 HDAudBus - ok
14:04:45.0838 4748 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:04:45.0838 4748 HidBatt - ok
14:04:45.0869 4748 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:04:45.0869 4748 HidBth - ok
14:04:45.0884 4748 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:04:45.0884 4748 HidIr - ok
14:04:45.0916 4748 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:04:45.0916 4748 hidserv - ok
14:04:45.0947 4748 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:04:45.0947 4748 HidUsb - ok
14:04:45.0994 4748 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:04:45.0994 4748 hkmsvc - ok
14:04:46.0056 4748 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:04:46.0056 4748 HomeGroupListener - ok
14:04:46.0118 4748 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:04:46.0118 4748 HomeGroupProvider - ok
14:04:46.0165 4748 HP Health Check Service - ok
14:04:46.0196 4748 hpqwmiex - ok
14:04:46.0243 4748 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:04:46.0243 4748 HpSAMD - ok
14:04:46.0274 4748 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:04:46.0290 4748 HTTP - ok
14:04:46.0306 4748 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:04:46.0306 4748 hwpolicy - ok
14:04:46.0352 4748 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:04:46.0352 4748 i8042prt - ok
14:04:46.0399 4748 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:04:46.0399 4748 iaStorV - ok
14:04:46.0446 4748 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:04:46.0462 4748 idsvc - ok
14:04:46.0586 4748 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20121123.001\IDSvia64.sys
14:04:46.0602 4748 IDSVia64 - ok
14:04:46.0711 4748 [ 23E1BCADABE423C35C19BBDFF10CCE6D ] IHA_MessageCenter C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
14:04:46.0727 4748 IHA_MessageCenter - ok
14:04:46.0758 4748 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:04:46.0758 4748 iirsp - ok
14:04:46.0820 4748 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:04:46.0836 4748 IKEEXT - ok
14:04:46.0898 4748 [ 28CEEFBD2C63F91DC17DED3E8D27ECF5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:04:46.0976 4748 IntcAzAudAddService - ok
14:04:46.0992 4748 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:04:46.0992 4748 intelide - ok
14:04:47.0039 4748 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:04:47.0039 4748 intelppm - ok
14:04:47.0101 4748 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
14:04:47.0101 4748 IntuitUpdateServiceV4 - ok
14:04:47.0148 4748 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:04:47.0148 4748 IPBusEnum - ok
14:04:47.0195 4748 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:04:47.0195 4748 IpFilterDriver - ok
14:04:47.0257 4748 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:04:47.0273 4748 iphlpsvc - ok
14:04:47.0320 4748 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:04:47.0335 4748 IPMIDRV - ok
14:04:47.0382 4748 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:04:47.0398 4748 IPNAT - ok
14:04:47.0476 4748 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:04:47.0507 4748 iPod Service - ok
14:04:47.0522 4748 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:04:47.0522 4748 IRENUM - ok
14:04:47.0554 4748 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:04:47.0554 4748 isapnp - ok
14:04:47.0585 4748 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:04:47.0616 4748 iScsiPrt - ok
14:04:47.0741 4748 [ CD91D1BD200D9F39682A08E987F0DBE2 ] JLTECH0227 C:\Windows\system32\Drivers\jl2005c.sys
14:04:47.0772 4748 JLTECH0227 - ok
14:04:47.0788 4748 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:04:47.0788 4748 kbdclass - ok
14:04:47.0819 4748 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:04:47.0819 4748 kbdhid - ok
14:04:47.0819 4748 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:04:47.0819 4748 KeyIso - ok
14:04:47.0866 4748 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:04:47.0881 4748 KSecDD - ok
14:04:47.0928 4748 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:04:47.0944 4748 KSecPkg - ok
14:04:48.0022 4748 [ E47FFCA0909871AC1BFF0D446FF63CA9 ] KSS C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
14:04:48.0022 4748 KSS - ok
14:04:48.0068 4748 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:04:48.0084 4748 ksthunk - ok
14:04:48.0131 4748 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:04:48.0162 4748 KtmRm - ok
14:04:48.0256 4748 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:04:48.0256 4748 LanmanServer - ok
14:04:48.0318 4748 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:04:48.0318 4748 LanmanWorkstation - ok
14:04:48.0380 4748 [ 3503F257B3203F824B1567238EBE17E2 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:04:48.0380 4748 LightScribeService - ok
14:04:48.0412 4748 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:04:48.0412 4748 lltdio - ok
14:04:48.0458 4748 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:04:48.0458 4748 lltdsvc - ok
14:04:48.0490 4748 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:04:48.0490 4748 lmhosts - ok
14:04:48.0521 4748 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:04:48.0521 4748 LSI_FC - ok
14:04:48.0536 4748 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:04:48.0536 4748 LSI_SAS - ok
14:04:48.0552 4748 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:04:48.0552 4748 LSI_SAS2 - ok
14:04:48.0568 4748 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:04:48.0568 4748 LSI_SCSI - ok
14:04:48.0599 4748 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:04:48.0599 4748 luafv - ok
14:04:48.0614 4748 lxbl_device - ok
14:04:48.0646 4748 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:04:48.0661 4748 Mcx2Svc - ok
14:04:48.0677 4748 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:04:48.0677 4748 megasas - ok
14:04:48.0692 4748 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:04:48.0708 4748 MegaSR - ok
14:04:48.0755 4748 Microsoft SharePoint Workspace Audit Service - ok
14:04:48.0802 4748 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:04:48.0817 4748 MMCSS - ok
14:04:48.0848 4748 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:04:48.0848 4748 Modem - ok
14:04:48.0880 4748 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:04:48.0880 4748 monitor - ok
14:04:48.0926 4748 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:04:48.0926 4748 mouclass - ok
14:04:48.0973 4748 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:04:48.0973 4748 mouhid - ok
14:04:49.0004 4748 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:04:49.0020 4748 mountmgr - ok
14:04:49.0082 4748 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:04:49.0098 4748 MozillaMaintenance - ok
14:04:49.0129 4748 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:04:49.0129 4748 mpio - ok
14:04:49.0160 4748 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:04:49.0160 4748 mpsdrv - ok
14:04:49.0223 4748 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:04:49.0238 4748 MpsSvc - ok
14:04:49.0285 4748 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:04:49.0285 4748 MRxDAV - ok
14:04:49.0332 4748 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:04:49.0348 4748 mrxsmb - ok
14:04:49.0394 4748 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:04:49.0410 4748 mrxsmb10 - ok
14:04:49.0457 4748 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:04:49.0472 4748 mrxsmb20 - ok
14:04:49.0519 4748 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:04:49.0519 4748 msahci - ok
14:04:49.0550 4748 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:04:49.0582 4748 msdsm - ok
14:04:49.0613 4748 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:04:49.0613 4748 MSDTC - ok
14:04:49.0660 4748 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:04:49.0660 4748 Msfs - ok
14:04:49.0675 4748 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:04:49.0675 4748 mshidkmdf - ok
14:04:49.0691 4748 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:04:49.0706 4748 msisadrv - ok
14:04:49.0753 4748 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:04:49.0753 4748 MSiSCSI - ok
14:04:49.0753 4748 msiserver - ok
14:04:49.0784 4748 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:04:49.0784 4748 MSKSSRV - ok
14:04:49.0816 4748 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:04:49.0816 4748 MSPCLOCK - ok
14:04:49.0831 4748 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:04:49.0847 4748 MSPQM - ok
14:04:49.0878 4748 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:04:49.0894 4748 MsRPC - ok
14:04:49.0925 4748 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:04:49.0925 4748 mssmbios - ok
14:04:49.0956 4748 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:04:49.0956 4748 MSTEE - ok
14:04:49.0972 4748 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:04:49.0972 4748 MTConfig - ok
14:04:49.0987 4748 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:04:49.0987 4748 Mup - ok
14:04:50.0143 4748 [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
14:04:50.0174 4748 N360 - ok
14:04:50.0237 4748 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:04:50.0237 4748 napagent - ok
14:04:50.0284 4748 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:04:50.0299 4748 NativeWifiP - ok
14:04:50.0424 4748 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20121124.005\ENG64.SYS
14:04:50.0424 4748 NAVENG - ok
14:04:50.0486 4748 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20121124.005\EX64.SYS
14:04:50.0533 4748 NAVEX15 - ok
14:04:50.0596 4748 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:04:50.0611 4748 NDIS - ok
14:04:50.0658 4748 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:04:50.0658 4748 NdisCap - ok
14:04:50.0689 4748 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:04:50.0689 4748 NdisTapi - ok
14:04:50.0736 4748 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:04:50.0736 4748 Ndisuio - ok
14:04:50.0783 4748 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:04:50.0783 4748 NdisWan - ok
14:04:50.0830 4748 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:04:50.0830 4748 NDProxy - ok
14:04:50.0845 4748 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:04:50.0861 4748 NetBIOS - ok
14:04:50.0908 4748 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:04:50.0908 4748 NetBT - ok
14:04:50.0923 4748 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:04:50.0923 4748 Netlogon - ok
14:04:50.0970 4748 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:04:50.0986 4748 Netman - ok
14:04:51.0017 4748 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:04:51.0017 4748 netprofm - ok
14:04:51.0048 4748 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:04:51.0048 4748 NetTcpPortSharing - ok
14:04:51.0079 4748 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:04:51.0095 4748 nfrd960 - ok
14:04:51.0126 4748 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:04:51.0126 4748 NlaSvc - ok
14:04:51.0188 4748 Norton PC Checkup Application Launcher - ok
14:04:51.0220 4748 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:04:51.0235 4748 Npfs - ok
14:04:51.0251 4748 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:04:51.0251 4748 nsi - ok
14:04:51.0282 4748 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:04:51.0282 4748 nsiproxy - ok
14:04:51.0329 4748 [ 86FC4C3284B16989132040272A6C0F74 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
14:04:51.0422 4748 nSvcIp - ok
14:04:51.0500 4748 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:04:51.0532 4748 Ntfs - ok
14:04:51.0563 4748 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:04:51.0563 4748 Null - ok
14:04:51.0750 4748 [ 1CF597C9F0745735A6C5181ECB83706E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:04:51.0968 4748 nvlddmkm - ok
14:04:52.0000 4748 [ C0A0F2F1068A4E8B0666DF768CAA93D9 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
14:04:52.0000 4748 NVNET - ok
14:04:52.0046 4748 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:04:52.0046 4748 nvraid - ok
14:04:52.0078 4748 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:04:52.0078 4748 nvstor - ok
14:04:52.0093 4748 [ 1E45F96342429D63DC30E0D9117DA3D8 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
14:04:52.0093 4748 nvstor64 - ok
14:04:52.0171 4748 [ E71CFA7AE5E7518E29073D7C20A8FCA1 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:04:52.0234 4748 nvsvc - ok
14:04:52.0280 4748 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:04:52.0296 4748 nv_agp - ok
14:04:52.0343 4748 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:04:52.0358 4748 ohci1394 - ok
14:04:52.0436 4748 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:04:52.0436 4748 ose - ok
14:04:52.0608 4748 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:04:52.0717 4748 osppsvc - ok
14:04:52.0748 4748 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:04:52.0764 4748 p2pimsvc - ok
14:04:52.0780 4748 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:04:52.0780 4748 p2psvc - ok
14:04:52.0811 4748 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:04:52.0811 4748 Parport - ok
14:04:52.0842 4748 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:04:52.0842 4748 partmgr - ok
14:04:52.0858 4748 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:04:52.0858 4748 PcaSvc - ok
14:04:52.0936 4748 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe
14:04:52.0936 4748 PCCUJobMgr - ok
14:04:52.0998 4748 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:04:52.0998 4748 pci - ok
14:04:53.0029 4748 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:04:53.0029 4748 pciide - ok
14:04:53.0060 4748 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:04:53.0060 4748 pcmcia - ok
14:04:53.0092 4748 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:04:53.0107 4748 pcw - ok
14:04:53.0154 4748 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:04:53.0170 4748 PEAUTH - ok
14:04:53.0232 4748 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:04:53.0232 4748 PerfHost - ok
14:04:53.0294 4748 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:04:53.0326 4748 pla - ok
14:04:53.0372 4748 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:04:53.0388 4748 PlugPlay - ok
14:04:53.0435 4748 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:04:53.0435 4748 PNRPAutoReg - ok
14:04:53.0450 4748 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:04:53.0466 4748 PNRPsvc - ok
14:04:53.0482 4748 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:04:53.0482 4748 PolicyAgent - ok
14:04:53.0513 4748 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:04:53.0513 4748 Power - ok
14:04:53.0544 4748 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:04:53.0544 4748 PptpMiniport - ok
14:04:53.0575 4748 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:04:53.0575 4748 Processor - ok
14:04:53.0684 4748 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:04:53.0731 4748 ProfSvc - ok
14:04:53.0747 4748 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:04:53.0747 4748 ProtectedStorage - ok
14:04:53.0778 4748 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:04:53.0794 4748 Psched - ok
14:04:53.0825 4748 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:04:53.0856 4748 ql2300 - ok
14:04:53.0872 4748 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:04:53.0872 4748 ql40xx - ok
14:04:53.0903 4748 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:04:53.0903 4748 QWAVE - ok
14:04:53.0934 4748 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:04:53.0950 4748 QWAVEdrv - ok
14:04:53.0981 4748 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:04:53.0996 4748 RasAcd - ok
14:04:54.0012 4748 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:04:54.0028 4748 RasAgileVpn - ok
14:04:54.0059 4748 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:04:54.0059 4748 RasAuto - ok
14:04:54.0106 4748 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:04:54.0106 4748 Rasl2tp - ok
14:04:54.0121 4748 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:04:54.0137 4748 RasMan - ok
14:04:54.0152 4748 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:04:54.0152 4748 RasPppoe - ok
14:04:54.0168 4748 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:04:54.0168 4748 RasSstp - ok
14:04:54.0215 4748 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:04:54.0230 4748 rdbss - ok
14:04:54.0246 4748 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:04:54.0246 4748 rdpbus - ok
14:04:54.0262 4748 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:04:54.0262 4748 RDPCDD - ok
14:04:54.0277 4748 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:04:54.0277 4748 RDPENCDD - ok
14:04:54.0308 4748 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:04:54.0308 4748 RDPREFMP - ok
14:04:54.0355 4748 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:04:54.0355 4748 RDPWD - ok
14:04:54.0386 4748 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:04:54.0386 4748 rdyboost - ok
14:04:54.0418 4748 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:04:54.0418 4748 RemoteAccess - ok
14:04:54.0449 4748 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:04:54.0449 4748 RemoteRegistry - ok
14:04:54.0480 4748 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:04:54.0480 4748 RpcEptMapper - ok
14:04:54.0496 4748 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:04:54.0496 4748 RpcLocator - ok
14:04:54.0542 4748 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:04:54.0542 4748 RpcSs - ok
14:04:54.0574 4748 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:04:54.0574 4748 rspndr - ok
14:04:54.0589 4748 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:04:54.0589 4748 SamSs - ok
14:04:54.0620 4748 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:04:54.0620 4748 sbp2port - ok
14:04:54.0730 4748 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:04:54.0776 4748 SBSDWSCService - ok
14:04:54.0808 4748 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:04:54.0808 4748 SCardSvr - ok
14:04:54.0854 4748 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:04:54.0854 4748 scfilter - ok
14:04:54.0901 4748 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:04:54.0917 4748 Schedule - ok
14:04:54.0979 4748 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:04:54.0979 4748 SCPolicySvc - ok
14:04:55.0010 4748 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:04:55.0010 4748 SDRSVC - ok
14:04:55.0042 4748 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:04:55.0042 4748 secdrv - ok
14:04:55.0088 4748 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:04:55.0088 4748 seclogon - ok
14:04:55.0104 4748 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:04:55.0104 4748 SENS - ok
14:04:55.0135 4748 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:04:55.0135 4748 SensrSvc - ok
14:04:55.0182 4748 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:04:55.0198 4748 Serenum - ok
14:04:55.0213 4748 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:04:55.0213 4748 Serial - ok
14:04:55.0244 4748 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:04:55.0260 4748 sermouse - ok
14:04:55.0322 4748 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:04:55.0322 4748 SessionEnv - ok
14:04:55.0369 4748 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:04:55.0369 4748 sffdisk - ok
14:04:55.0369 4748 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:04:55.0385 4748 sffp_mmc - ok
14:04:55.0400 4748 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:04:55.0400 4748 sffp_sd - ok
14:04:55.0416 4748 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:04:55.0416 4748 sfloppy - ok
14:04:55.0447 4748 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:04:55.0447 4748 SharedAccess - ok
14:04:55.0463 4748 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:04:55.0463 4748 ShellHWDetection - ok
14:04:55.0494 4748 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:04:55.0494 4748 SiSRaid2 - ok
14:04:55.0510 4748 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:04:55.0510 4748 SiSRaid4 - ok
14:04:55.0572 4748 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:04:55.0588 4748 SkypeUpdate - ok
14:04:55.0697 4748 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:04:55.0697 4748 Smb - ok
14:04:55.0728 4748 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:04:55.0728 4748 SNMPTRAP - ok
14:04:55.0728 4748 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:04:55.0728 4748 spldr - ok
14:04:55.0790 4748 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:04:55.0790 4748 Spooler - ok
14:04:55.0868 4748 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:04:55.0931 4748 sppsvc - ok
14:04:55.0946 4748 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:04:55.0946 4748 sppuinotify - ok
14:04:56.0040 4748 [ C3716EC0D36AD924B6888D794563E647 ] sprtsvc_ddoctorv2 C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe
14:04:56.0040 4748 sprtsvc_ddoctorv2 - ok
14:04:56.0118 4748 sprtsvc_verizondm - ok
14:04:56.0227 4748 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
14:04:56.0243 4748 SRTSP - ok
14:04:56.0274 4748 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
14:04:56.0290 4748 SRTSPX - ok
14:04:56.0336 4748 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:04:56.0336 4748 srv - ok
14:04:56.0368 4748 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:04:56.0368 4748 srv2 - ok
14:04:56.0399 4748 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:04:56.0399 4748 srvnet - ok
14:04:56.0430 4748 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:04:56.0446 4748 SSDPSRV - ok
14:04:56.0461 4748 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:04:56.0461 4748 SstpSvc - ok
14:04:56.0492 4748 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:04:56.0492 4748 stexstor - ok
14:04:56.0539 4748 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:04:56.0539 4748 stisvc - ok
14:04:56.0570 4748 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:04:56.0586 4748 swenum - ok
14:04:56.0617 4748 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:04:56.0617 4748 swprv - ok
14:04:56.0680 4748 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
14:04:56.0711 4748 SymDS - ok
14:04:56.0758 4748 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
14:04:56.0758 4748 SymEFA - ok
14:04:56.0804 4748 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:04:56.0804 4748 SymEvent - ok
14:04:56.0836 4748 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
14:04:56.0851 4748 SymIRON - ok
14:04:56.0898 4748 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS
14:04:56.0914 4748 SymNetS - ok
14:04:56.0992 4748 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:04:57.0038 4748 SysMain - ok
14:04:57.0070 4748 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:04:57.0085 4748 TabletInputService - ok
14:04:57.0101 4748 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:04:57.0101 4748 TapiSrv - ok
14:04:57.0132 4748 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:04:57.0132 4748 TBS - ok
14:04:57.0241 4748 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:04:57.0304 4748 Tcpip - ok
14:04:57.0350 4748 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:04:57.0366 4748 TCPIP6 - ok
14:04:57.0382 4748 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:04:57.0382 4748 tcpipreg - ok
14:04:57.0413 4748 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:04:57.0428 4748 TDPIPE - ok
14:04:57.0460 4748 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:04:57.0475 4748 TDTCP - ok
14:04:57.0538 4748 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:04:57.0553 4748 tdx - ok
14:04:57.0616 4748 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:04:57.0616 4748 TermDD - ok
14:04:57.0709 4748 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:04:57.0709 4748 TermService - ok
14:04:57.0725 4748 tgsrvc_verizondm - ok
14:04:57.0756 4748 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:04:57.0756 4748 Themes - ok
14:04:57.0787 4748 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:04:57.0787 4748 THREADORDER - ok
14:04:57.0834 4748 [ EFEF22B9577E5051057FDE1AE381B50C ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
14:04:57.0881 4748 TomTomHOMEService - ok
14:04:57.0912 4748 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:04:57.0928 4748 TrkWks - ok
14:04:57.0990 4748 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:04:57.0990 4748 TrustedInstaller - ok
14:04:58.0052 4748 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:04:58.0052 4748 tssecsrv - ok
14:04:58.0115 4748 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:04:58.0130 4748 TsUsbFlt - ok
14:04:58.0208 4748 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:04:58.0208 4748 tunnel - ok
14:04:58.0240 4748 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:04:58.0255 4748 uagp35 - ok
14:04:58.0286 4748 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:04:58.0286 4748 udfs - ok
14:04:58.0333 4748 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:04:58.0333 4748 UI0Detect - ok
14:04:58.0380 4748 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:04:58.0380 4748 uliagpkx - ok
14:04:58.0442 4748 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:04:58.0442 4748 umbus - ok
14:04:58.0474 4748 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:04:58.0474 4748 UmPass - ok
14:04:58.0505 4748 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:04:58.0505 4748 upnphost - ok
14:04:58.0552 4748 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:04:58.0567 4748 USBAAPL64 - ok
14:04:58.0614 4748 [ 5FCC71487888589A9244AF54CFEFAB29 ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys
14:04:58.0630 4748 usbbus - ok
14:04:58.0661 4748 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:04:58.0661 4748 usbccgp - ok
14:04:58.0708 4748 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:04:58.0708 4748 usbcir - ok
14:04:58.0739 4748 [ 3FB6E423F7567C92C32EA786F5FD0C69 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys
14:04:58.0754 4748 UsbDiag - ok
14:04:58.0817 4748 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:04:58.0817 4748 usbehci - ok
14:04:58.0832 4748 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:04:58.0848 4748 usbhub - ok
14:04:58.0879 4748 [ 78D551F5B93488B4666F5FC8DD4815F3 ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys
14:04:58.0879 4748 USBModem - ok
14:04:58.0895 4748 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:04:58.0895 4748 usbohci - ok
14:04:58.0942 4748 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:04:58.0942 4748 usbprint - ok
14:04:58.0957 4748 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:04:58.0957 4748 USBSTOR - ok
14:04:58.0973 4748 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:04:58.0973 4748 usbuhci - ok
14:04:59.0004 4748 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:04:59.0004 4748 UxSms - ok
14:04:59.0020 4748 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:04:59.0020 4748 VaultSvc - ok
14:04:59.0035 4748 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:04:59.0035 4748 vdrvroot - ok
14:04:59.0082 4748 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:04:59.0098 4748 vds - ok
14:04:59.0113 4748 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:04:59.0129 4748 vga - ok
14:04:59.0160 4748 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:04:59.0160 4748 VgaSave - ok
14:04:59.0207 4748 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:04:59.0222 4748 vhdmp - ok
14:04:59.0270 4748 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:04:59.0270 4748 viaide - ok
14:04:59.0286 4748 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:04:59.0286 4748 volmgr - ok
14:04:59.0348 4748 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:04:59.0364 4748 volmgrx - ok
14:04:59.0411 4748 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:04:59.0426 4748 volsnap - ok
14:04:59.0457 4748 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:04:59.0457 4748 vsmraid - ok
14:04:59.0520 4748 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:04:59.0582 4748 VSS - ok
14:04:59.0629 4748 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:04:59.0645 4748 vwifibus - ok
14:04:59.0691 4748 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:04:59.0691 4748 W32Time - ok
14:04:59.0723 4748 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:04:59.0723 4748 WacomPen - ok
14:04:59.0769 4748 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:04:59.0769 4748 WANARP - ok
14:04:59.0785 4748 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:04:59.0785 4748 Wanarpv6 - ok
14:04:59.0847 4748 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:04:59.0879 4748 WatAdminSvc - ok
14:04:59.0941 4748 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:04:59.0988 4748 wbengine - ok
14:05:00.0019 4748 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:05:00.0019 4748 WbioSrvc - ok
14:05:00.0066 4748 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:05:00.0081 4748 wcncsvc - ok
14:05:00.0081 4748 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:05:00.0097 4748 WcsPlugInService - ok
14:05:00.0113 4748 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:05:00.0113 4748 Wd - ok
14:05:00.0175 4748 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:05:00.0175 4748 Wdf01000 - ok
14:05:00.0191 4748 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:05:00.0206 4748 WdiServiceHost - ok
14:05:00.0206 4748 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:05:00.0206 4748 WdiSystemHost - ok
14:05:00.0284 4748 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:05:00.0300 4748 WebClient - ok
14:05:00.0362 4748 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:05:00.0378 4748 Wecsvc - ok
14:05:00.0409 4748 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:05:00.0425 4748 wercplsupport - ok
14:05:00.0456 4748 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:05:00.0471 4748 WerSvc - ok
14:05:00.0565 4748 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:05:00.0581 4748 WfpLwf - ok
14:05:00.0612 4748 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:05:00.0627 4748 WIMMount - ok
14:05:00.0643 4748 WinDefend - ok
14:05:00.0659 4748 WinHttpAutoProxySvc - ok
14:05:00.0815 4748 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:05:00.0830 4748 Winmgmt - ok
14:05:00.0971 4748 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:05:01.0017 4748 WinRM - ok
14:05:01.0095 4748 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:05:01.0127 4748 WinUsb - ok
14:05:01.0267 4748 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:05:01.0298 4748 Wlansvc - ok
14:05:01.0470 4748 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:05:01.0501 4748 wlidsvc - ok
14:05:01.0548 4748 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:05:01.0548 4748 WmiAcpi - ok
14:05:01.0595 4748 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:05:01.0610 4748 wmiApSrv - ok
14:05:01.0704 4748 WMPNetworkSvc - ok
14:05:01.0813 4748 [ 58540037A4A3EEEEFA47C84100E1694F ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
14:05:01.0829 4748 WMZuneComm - ok
14:05:01.0907 4748 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:05:01.0922 4748 WPCSvc - ok
14:05:01.0985 4748 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:05:02.0000 4748 WPDBusEnum - ok
14:05:02.0047 4748 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:05:02.0047 4748 ws2ifsl - ok
14:05:02.0203 4748 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:05:02.0219 4748 wscsvc - ok
14:05:02.0219 4748 WSearch - ok
14:05:02.0343 4748 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:05:02.0375 4748 wuauserv - ok
14:05:02.0421 4748 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:05:02.0421 4748 WudfPf - ok
14:05:02.0453 4748 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:05:02.0453 4748 WUDFRd - ok
14:05:02.0453 4748 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:05:02.0468 4748 wudfsvc - ok
14:05:02.0499 4748 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:05:02.0499 4748 WwanSvc - ok
14:05:02.0687 4748 [ D6EF205269C2A584AF6B56B9F95010F8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
14:05:02.0827 4748 ZuneNetworkSvc - ok
14:05:02.0874 4748 [ 7A565AFE58F3822A9E622868E5CC0E5C ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
14:05:02.0874 4748 ZuneWlanCfgSvc - ok
14:05:02.0874 4748 ================ Scan global ===============================
14:05:02.0905 4748 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:05:02.0952 4748 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:05:02.0952 4748 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:05:02.0983 4748 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:05:02.0999 4748 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:05:03.0014 4748 [Global] - ok
14:05:03.0014 4748 ================ Scan MBR ==================================
14:05:03.0014 4748 [ 0FC600DCA49E6F5B6EE67796D6475EFF ] \Device\Harddisk0\DR0
14:05:03.0217 4748 \Device\Harddisk0\DR0 - ok
14:05:03.0217 4748 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
14:05:03.0591 4748 \Device\Harddisk1\DR1 - ok
14:05:03.0591 4748 ================ Scan VBR ==================================
14:05:03.0607 4748 [ A3EFA4934668C7891AF9AD4C3E3E76F2 ] \Device\Harddisk0\DR0\Partition1
14:05:03.0623 4748 \Device\Harddisk0\DR0\Partition1 - ok
14:05:03.0685 4748 [ 1EE05BA3AA769DCD0C98ED830F2A2BAD ] \Device\Harddisk0\DR0\Partition2
14:05:03.0685 4748 \Device\Harddisk0\DR0\Partition2 - ok
14:05:03.0701 4748 [ 2E725B9B0832EFACAE0EA2D6F51427EE ] \Device\Harddisk0\DR0\Partition3
14:05:03.0716 4748 \Device\Harddisk0\DR0\Partition3 - ok
14:05:03.0732 4748 [ 20ADE080E353F008F267E90E4A453B8A ] \Device\Harddisk1\DR1\Partition1
14:05:03.0732 4748 \Device\Harddisk1\DR1\Partition1 - ok
14:05:03.0732 4748 ============================================================
14:05:03.0732 4748 Scan finished
14:05:03.0732 4748 ============================================================
14:05:03.0747 4308 Detected object count: 0
14:05:03.0747 4308 Actual detected object count: 0
14:05:26.0820 3856 Deinitialize success




aswMBR"
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-25 14:06:28
-----------------------------
14:06:28.860 OS Version: Windows x64 6.1.7601 Service Pack 1
14:06:28.860 Number of processors: 1 586 0x602
14:06:28.876 ComputerName: PROULX-HP UserName: Proulx
14:06:31.468 Initialize success
14:08:23.512 AVAST engine defs: 12112500
14:08:29.612 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b
14:08:29.612 Disk 0 Vendor: ST350041 HP35 Size: 476940MB BusType: 3
14:08:29.643 Disk 0 MBR read successfully
14:08:29.643 Disk 0 MBR scan
14:08:29.643 Disk 0 unknown MBR code
14:08:29.658 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:08:29.674 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 466305 MB offset 206848
14:08:29.705 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 10533 MB offset 955199488
14:08:29.736 Disk 0 scanning C:\Windows\system32\drivers
14:08:43.168 Service scanning
14:09:12.106 Modules scanning
14:09:12.122 Disk 0 trace - called modules:
14:09:12.153 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
14:09:12.668 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003298710]
14:09:12.683 3 CLASSPNP.SYS[fffff88001b7943f] -> nt!IofCallDriver -> [0xfffffa8002f26440]
14:09:12.699 5 ACPI.sys[fffff88000f457a1] -> nt!IofCallDriver -> \Device\0000005b[0xfffffa800302e7b0]
14:09:15.912 AVAST engine scan C:\Windows
14:09:18.284 AVAST engine scan C:\Windows\system32
14:14:16.121 AVAST engine scan C:\Windows\system32\drivers
14:14:35.296 AVAST engine scan C:\Users\Proulx
14:20:41.851 Disk 0 MBR has been saved successfully to "C:\Users\Proulx\Desktop\MBR.dat"
14:20:41.866 The log file has been saved successfully to "C:\Users\Proulx\Desktop\aswMBR.txt"


ESET:
C:\Program Files (x86)\ReferenceBoss_1pEI\Installr\1.bin\1pEIPlug.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\ReferenceBoss_1pEI\Installr\1.bin\1pEZSETP.dll a variant of Win32/Toolbar.MyWebSearch.Q application cleaned by deleting - quarantined
C:\Program Files (x86)\ReferenceBoss_1pEI\Installr\1.bin\NP1pEISb.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:54 AM

Posted 25 November 2012 - 06:28 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 ChristineProulx

ChristineProulx
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:54 AM

Posted 25 November 2012 - 09:12 PM

I haven't done it all, but wanted to report before I go to bed:
Malware Bytes ran for almost 2 hours and reported no infected files at the time I left the room. I came back and it was no longer running; when I opened it there was no log for the scan today.

FSS"
Farbar Service Scanner Version: 09-11-2012
Ran by Proulx (administrator) on 25-11-2012 at 20:55:35
Running from "C:\Users\Proulx\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-11-15 21:45] - [2012-10-03 12:56] - 1914248 ____A (Microsoft Corporation) 37608401DFDB388CAF66917F6B2D6FB0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Ran Adware cleaner. It restarted the computer, showed the txt file, when I clicked File to save it, it vanished. I don't know if it is still somewhere.

Mini-toolbox:
MiniToolBox by Farbar Version: 25-11-2012
Ran by Proulx (administrator) on 25-11-2012 at 21:09:58
Running from "C:\Users\Proulx\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Proulx-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.actdsltmp

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : domain.actdsltmp
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : 70-71-BC-39-ED-2A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4dba:fe6:5aed:31fa%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, November 25, 2012 9:00:49 PM
Lease Expires . . . . . . . . . . : Sunday, December 02, 2012 9:00:49 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 259027388
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-AC-DC-EA-70-71-BC-39-ED-2A
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.domain.actdsltmp:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domain.actdsltmp
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1827:44b:3f57:fef9(Preferred)
Link-local IPv6 Address . . . . . : fe80::1827:44b:3f57:fef9%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server:
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:800::1006
74.125.226.194
74.125.226.197
74.125.226.192
74.125.226.196
74.125.226.206
74.125.226.198
74.125.226.193
74.125.226.199
74.125.226.201
74.125.226.195
74.125.226.200


Pinging google.com [74.125.226.192] with 32 bytes of data:
Reply from 74.125.226.192: bytes=32 time=75ms TTL=55
Reply from 74.125.226.192: bytes=32 time=45ms TTL=55

Ping statistics for 74.125.226.192:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 45ms, Maximum = 75ms, Average = 60ms
Server:
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=184ms TTL=50
Reply from 98.138.253.109: bytes=32 time=187ms TTL=50

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 184ms, Maximum = 187ms, Average = 185ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...70 71 bc 39 ed 2a ......NVIDIA nForce 10/100 Mbps Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
10...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.6 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.6 276
192.168.1.6 255.255.255.255 On-link 192.168.1.6 276
192.168.1.255 255.255.255.255 On-link 192.168.1.6 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.6 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.6 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 58 ::/0 On-link
1 306 ::1/128 On-link
10 58 2001::/32 On-link
10 306 2001:0:9d38:6ab8:1827:44b:3f57:fef9/128
On-link
11 276 fe80::/64 On-link
10 306 fe80::/64 On-link
10 306 fe80::1827:44b:3f57:fef9/128
On-link
11 276 fe80::4dba:fe6:5aed:31fa/128
On-link
1 306 ff00::/8 On-link
10 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/25/2012 07:49:43 PM) (Source: Windows Backup) (User: )
Description: The backup was not successful. The error is: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005).

Error: (11/25/2012 03:07:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16099

Error: (11/25/2012 03:07:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16099

Error: (11/25/2012 03:06:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2012 02:21:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/25/2012 02:21:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/25/2012 01:59:38 PM) (Source: MsiInstaller) (User: Proulx-HP)
Description: Application: Kaspersky Security Scan -- Error 1922. Service Kaspersky Security Scan Service (KSS) could not be deleted. Verify that you have sufficient privileges to remove system services.

Error: (11/25/2012 01:59:05 PM) (Source: MsiInstaller) (User: Proulx-HP)
Description: Application: Kaspersky Security Scan -- Error 1922. Service Kaspersky Security Scan Service (KSS) could not be deleted. Verify that you have sufficient privileges to remove system services.

Error: (11/25/2012 01:46:30 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 714

Start Time: 01cdcb115f1a8320

Termination Time: 0

Application Path: C:\Windows\Explorer.EXE

Report Id:

Error: (11/25/2012 08:55:05 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10733


System errors:
=============
Error: (11/25/2012 09:03:06 PM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (11/25/2012 04:46:46 PM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (11/25/2012 03:18:27 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (11/25/2012 03:18:21 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service.

Error: (11/25/2012 01:11:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (11/25/2012 08:35:19 AM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (11/25/2012 05:35:07 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (11/24/2012 06:34:35 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service hung on starting.

Error: (11/24/2012 06:30:20 PM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (11/24/2012 06:26:02 PM) (Source: DCOM) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}


Microsoft Office Sessions:
=========================
Error: (11/25/2012 07:49:43 PM) (Source: Windows Backup)(User: )
Description: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005)

Error: (11/25/2012 03:07:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16099

Error: (11/25/2012 03:07:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16099

Error: (11/25/2012 03:06:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2012 02:21:28 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Proulx\Downloads\esetsmartinstaller_enu.exe

Error: (11/25/2012 02:21:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Proulx\Downloads\esetsmartinstaller_enu.exe

Error: (11/25/2012 01:59:38 PM) (Source: MsiInstaller)(User: Proulx-HP)
Description: Application: Kaspersky Security Scan -- Error 1922. Service Kaspersky Security Scan Service (KSS) could not be deleted. Verify that you have sufficient privileges to remove system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/25/2012 01:59:05 PM) (Source: MsiInstaller)(User: Proulx-HP)
Description: Application: Kaspersky Security Scan -- Error 1922. Service Kaspersky Security Scan Service (KSS) could not be deleted. Verify that you have sufficient privileges to remove system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/25/2012 01:46:30 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.1756771401cdcb115f1a83200C:\Windows\Explorer.EXE

Error: (11/25/2012 08:55:05 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10733


=========================== Installed Programs ============================

Adobe AIR (Version: 3.1.0.4880)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Any Video Converter 3.2.7
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.2.6
Audible Download Manager (Version: 6.6.0.15)
Bejeweled 2 Deluxe (Version: 2.2.0.82)
Blackhawk Striker 2 (Version: 2.2.0.82)
Blasterball 3 (Version: 2.2.0.82)
Bonjour (Version: 3.0.0.10)
BookSmart® 3.2.5 3.2.5
Build-a-lot 2 (Version: 2.2.0.82)
Cake Mania (Version: 2.2.0.82)
Chuzzle Deluxe (Version: 2.2.0.82)
CinemaNow Media Manager (Version: 1.9.1.105)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink DVD Suite Deluxe (Version: 7.0.2712)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Desktop Doctor (Version: 2.5.5)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.82)
Dora's Carnival Adventure (Version: 2.2.0.82)
Drawing for Children 2.2
Dulux MyColour4
Duplicate Image Finder (Version: 1.0.20)
eMusic Download Manager 4.1.4 (Version: 4.1.4)
Escape Rosecliff Island (Version: 2.2.0.82)
ESET Online Scanner v3
Eudora (Version: 7.0)
Evernote v. 4.5.7 (Version: 4.5.7.7146)
exPressit SE (Version: 3.10.0000)
Faerie Solitaire (Version: 2.2.0.82)
FATE (Version: 2.2.0.82)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
Flickr Uploadr 3.2.1
Foxit Reader (Version: 4.1.1.805)
Free WAV To MP3 Converter 2.1 (Version: 2.1)
FYZip 1.00 (Version: 1.00)
Google Chrome (Version: 23.0.1271.64)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Hardware Diagnostic Tools (Version: 6.0.5418.39)
Hitman Pro 3.5 (Version: 3.5.6.109)
HP Customer Experience Enhancements (Version: 6.0.1.4)
HP Games (Version: 1.0.2.4)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP Odometer (Version: 2.10.0000)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.003.001.001)
iCloud (Version: 2.0.2.187)
IHA_MessageCenter (Version: 1.8.70)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 30 (Version: 6.0.300)
Jewel Quest 3 (Version: 2.2.0.82)
Jewel Quest Solitaire 2 (Version: 2.2.0.82)
Junk Mail filter update (Version: 14.0.8089.726)
Kaspersky Security Scan (Version: 12.0.1.117)
Kidzui
LabelPrint (Version: 2.5.2610)
Lexmark Z700-P700 Series
LG USB Modem driver
LightScribe System Software (Version: 1.18.11.1)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 60 day trial
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MPEG4 Direct Maker
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Manager
Mystery P.I. - The New York Fortune (Version: 2.2.0.82)
Norton Online Backup (Version: 2.0.0.34)
Norton PC Checkup (Version: 2.0.15.91)
Norton PC Checkup (Version: 3.0.2.115.0)
Norton Security Suite (Version: 5.2.2.3)
NVIDIA Display Control Panel (Version: 1.10)
NVIDIA Drivers (Version: 1.5)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7324.0)
OpenOffice.org 3.2 (Version: 3.2.9502)
OverDrive Media Console (Version: 3.2.5)
Penguins! (Version: 2.2.0.82)
Pet Vet (remove only)
PhotoNow! (Version: 1.1.6904)
Picasa 3 (Version: 3.8)
PictureMover (Version: 3.3.1.19)
Plants vs. Zombies (Version: 2.2.0.82)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.82)
Polar Bowler (Version: 2.2.0.82)
Polar Golfer (Version: 2.2.0.82)
Power2Go (Version: 6.1.3810)
PowerDirector (Version: 8.0.2704)
Puppy Luv (Version: 2.2.0.95)
QuickTime (Version: 7.72.80.56)
Real Alternative 2.0.2 (Version: 2.0.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek High Definition Audio Driver (Version: 6.0.1.6053)
RealUpgrade 1.1 (Version: 1.1.0)
Recovery Manager (Version: 5.5.2719)
Roxio CinemaNow 2.0 (Version: 1.0.262)
Skype™ 5.10 (Version: 5.10.116)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.6 (Version: 4.6.0)
swMSM (Version: 12.0.0.1)
TextTwist 2 (Version: 2.2.0.82)
TomTom HOME 2.8.2.2264 (Version: 2.8.2.2264)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2596)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0424)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0209)
TurboTax 2011 wmaiper (Version: 011.000.1380)
TurboTax 2011 wrapper (Version: 011.000.0120)
Uninstall Dual Mode Camera (ST606)
Unity Web Player (Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Verizon Download Manager (Version: 44)
Verizon Toolbar (Version: 6.0.0.33)
Virtual Families (Version: 2.2.0.82)
Virtual Villagers - The Secret City (Version: 2.2.0.82)
Vz In Home Agent (Version: 8.03.61)
Wheel of Fortune 2 (Version: 2.2.0.82)
WildTangent Games App (Version: 4.0.10.2)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile Device Updater Component (Version: 04.07.1404.01)
WxDownload Expansion (Version: 1.0)
Zuma's Revenge (Version: 2.2.0.82)
Zune (Version: 04.07.1404.01)
Zune Language Pack (DEU) (Version: 04.07.1404.01)
Zune Language Pack (ESP) (Version: 04.07.1404.01)
Zune Language Pack (FRA) (Version: 04.07.1404.01)
Zune Language Pack (ITA) (Version: 04.07.1404.01)
Zune Language Pack (NLD) (Version: 04.07.1404.01)
Zune Language Pack (PTB) (Version: 04.07.1404.01)
Zune Language Pack (PTG) (Version: 04.07.1404.01)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 2815.3 MB
Available physical RAM: 1210.97 MB
Total Pagefile: 5628.8 MB
Available Pagefile: 3735.67 MB
Total Virtual: 4095.88 MB
Available Virtual: 3953.63 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:455.38 GB) (Free:210.14 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:10.29 GB) (Free:1.25 GB) NTFS
6 Drive h: (HP SimpleSave) (Fixed) (Total:297.44 GB) (Free:0.02 GB) NTFS

========================= Users: ========================================

User accounts for \\PROULX-HP

Administrator Guest Proulx

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

19-11-2012 00:00:48 Windows Backup
20-11-2012 11:02:48 Windows Update
23-11-2012 11:13:28 Windows Update
25-11-2012 18:39:27 Removed HP Advisor.
25-11-2012 18:47:45 Removed Comcast Desktop Software (v1.2.0.9)
25-11-2012 18:51:14 Removed ooVoo
26-11-2012 00:02:23 Windows Backup

**** End of log ****

When I downloaded JRT.exe, my antivirus told me it was "unsafe."

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:54 AM

Posted 25 November 2012 - 09:34 PM

Disable your antivirus and run JRT

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 ChristineProulx

ChristineProulx
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:54 AM

Posted 02 December 2012 - 05:32 PM

The problem seemed to be fixed, but it was not. Working on the last few posts:

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/02/2012 05:24:17 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Proulx\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (PID: 2136) [UP-HEUR]
* C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe (PID: 6072) [Mal-GEN]

2 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Proulx\Desktop\rkill\rkill-12-02-2012-05-24-34.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 12/02/2012 05:24:48 PM
Execution time: 0 hours(s), 0 minute(s), and 30 seconds(s)


Autoruns:
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp odometer\hpsysdrv.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "ddoctorv2" "" "SupportSoft, Inc." "c:\program files (x86)\comcast\desktop doctor\bin\sprtcmd.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "ISUSScheduler" "InstallShield Update Service Scheduler" "InstallShield Software Corporation" "c:\program files (x86)\common files\installshield\updateservice\issch.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
+ "VERIZONDM" "" "SupportSoft, Inc." "c:\program files (x86)\verizondm\bin\sprtcmd.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Audible Download Manager.lnk" "Download Manager for Audible content" "Audible, Inc." "c:\program files (x86)\audible\bin\audibledownloadhelper.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ApplePhotoStreams" "ApplePhotoStreams.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\applephotostreams.exe"
+ "Desktop Software" "" "" "File not found: C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe"
+ "Evernote" "" "" "c:\users\proulx\appdata\local\google\evernote\trijtzxoi.dll"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\proulx\appdata\local\google\update\googleupdate.exe"
+ "iCloudServices" "iCloud" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\icloudservices.exe"
+ "ISUSPM Startup" "InstallShield Update Service Update Manager" "InstallShield Software Corporation" "c:\program files (x86)\common files\installshield\updateservice\isuspm.exe"
+ "KSS" "Kaspersky Security Scan" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky security scan 2.0\kss.exe"
+ "MobileDocuments" "" "" "File not found: C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"
+ "MusicManager" "Music Manager" "Google Inc." "c:\users\proulx\appdata\local\programs\google\musicmanager\musicmanager.exe"
+ "OfficeSyncProcess" "Microsoft Office Document Cache" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\msosync.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\5.2.2.3\bushell.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\5.2.2.3\navshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "FYZip" "FYZip Shell Extension" "TightRope Interactive" "c:\program files (x86)\fyzip\fyzip.dll"
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\5.2.2.3\bushell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "FYZip" "FYZip Shell Extension" "TightRope Interactive" "c:\program files (x86)\fyzip\fyzip.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "FYZip" "FYZip Shell Extension" "TightRope Interactive" "c:\program files (x86)\fyzip\fyzip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "AudibleShlExt Class" "AudibleExt Module" "Audible, Inc." "c:\program files (x86)\audible\bin\audibleext.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\5.2.2.3\bushell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\5.2.2.3\navshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\5.2.2.3\bushell.dll"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\5.2.2.3\bushell.dll"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\5.2.2.3\bushell.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Symantec Intrusion Prevention" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\5.2.2.3\ips\ipsbho.dll"
+ "Symantec NCO BHO" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\5.2.2.3\coieplg.dll"
+ "Updater For Verizon Toolbar" "" "" "File not found: C:\Program Files (x86)\verizontb\auxi\verizonAu.dll"
+ "Verizon Toolbar" "" "" "File not found: C:\Program Files (x86)\verizontb\verizonDx.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "wxDownload Class" "" "" "c:\programdata\wxdownload\50a0ffec0816d.ocx"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\5.2.2.3\coieplg.dll"
+ "Verizon Toolbar" "" "" "File not found: C:\Program Files (x86)\verizontb\verizonDx.dll"
+ "WeatherBlink" "" "" "File not found: C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcbar.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Evernote 4" "" "" "File not found: C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Spybot - Search && Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Sun Java Console" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2iexp.dll"
"Task Scheduler" "" "" ""
+ "\0" "Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\internet explorer\iexplore.exe"
+ "\4831" "" "" "File not found: C:\Users\Proulx\AppData\Local\Temp\launchie.vbs"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3629493757-2740549282-3209582802-1001Core" "Google Installer" "Google Inc." "c:\users\proulx\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3629493757-2740549282-3209582802-1001UA" "Google Installer" "Google Inc." "c:\users\proulx\appdata\local\google\update\googleupdate.exe"
+ "\HPCeeScheduleForProulx" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PC Checkup 3 Weekly Scan" "NortonLive Updater" "Symantec Corporation" "c:\program files (x86)\norton pc checkup 3.0\nlapplauncher.exe"
+ "\PCDRScheduledMaintenance" "Hardware Diagnostic Tools" "PC-Doctor, Inc." "c:\program files\pc-doctor for windows\pcdrcui.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-3629493757-2740549282-3209582802-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-3629493757-2740549282-3209582802-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RecoveryCDWin7" "" "" "File not found: C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"
+ "\Symantec\Norton Error Analyzer 5.2.2.3" "Symantec Error Reporting" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\5.2.2.3\symerr.exe"
+ "\{F0E263CB-F282-4240-B470-CF09281894F0}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BackupService" "UACTokenSvc" "ArcSoft, Inc." "c:\users\proulx\appdata\roaming\hp simplesave application\uuactokensvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "CinemaNow Service" "CinemaNow Service Application" "CinemaNow, Inc." "c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowsvc.exe"
+ "ForceWare Intelligent Application Manager (IAM)" "app_filter Module" "" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nsvcappflt.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HP Health Check Service" "HP Health Check Service" "" "File not found: C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
+ "hpqwmiex" "" "" "File not found: C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
+ "IHA_MessageCenter" "IHA_MessageCenter" "Verizon" "c:\program files (x86)\verizon\iha_messagecenter\bin\verizon_ihamessagecenter.exe"
+ "IntuitUpdateServiceV4" "Helps Intuit applications automatically update themselves." "Intuit Inc." "c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "lxbl_device" "Printer Communication System" " " "c:\windows\system32\lxblcoms.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "N360" "Norton Security Suite" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\5.2.2.3\ccsvchst.exe"
+ "Norton PC Checkup Application Launcher" "Provides consolidated application launching facility" "Symantec Corporation" "c:\program files (x86)\norton pc checkup 3.0\symcpcculaunchsvc.exe"
+ "nSvcIp" "NVIDIA Corporation" "" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nsvcip.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PCCUJobMgr" "Job Manager service for common client services" "Symantec Corporation" "c:\program files (x86)\norton pc checkup\engine\2.0.15.91\ccsvchst.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "sprtsvc_ddoctorv2" "SupportSoft Sprocket Service" "SupportSoft, Inc." "c:\program files (x86)\comcast\desktop doctor\bin\sprtsvc.exe"
+ "sprtsvc_verizondm" "SupportSoft Sprocket Service" "SupportSoft, Inc." "c:\program files (x86)\verizondm\bin\sprtsvc.exe"
+ "tgsrvc_verizondm" "SupportSoft Repair Service" "SupportSoft, Inc." "c:\program files (x86)\verizondm\bin\tgsrvc.exe"
+ "TomTomHOMEService" "TomTom Home Service for ejecting devices" "TomTom" "c:\program files (x86)\tomtom home 2\tomtomhomeservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "WMZuneComm" "Zune Connectivity for Windows Mobile devices" "Microsoft Corporation" "c:\program files\zune\wmzunecomm.exe"
+ "ZuneNetworkSvc" "Shares Zune media libraries to Zune devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\zune\zunenss.exe"
+ "ZuneWlanCfgSvc" "Configures Zune for wireless syncing" "Microsoft Corporation" "c:\program files\zune\zunewlancfgsvc.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BHDrvx64" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20121106.001\bhdrvx64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "IDSVia64" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20121130.001\idsvia64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "JLTECH0227" "Universal Serial Bus Camera Driver" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\jl2005c.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs\20121201.006\eng64.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs\20121201.006\ex64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 186.40 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NVNET" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvmf6264.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "nvstor64" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor64.sys"
+ "PCDSRVC{F36B3A4C-F95654BD-06000000}_0" "Kernel Driver" "PC-Doctor, Inc." "c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0502020.003\srtsp64.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0502020.003\srtspx64.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0502020.003\symds64.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0502020.003\symefa64.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent64x86.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0502020.003\ironx64.sys"
+ "SymNetS" "Network Security Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0502020.003\symnets.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "usbbus" "LG CDMA USB Multi function Driver" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64bus.sys"
+ "UsbDiag" "LGE CDMA USB Serial Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64diag.sys"
+ "USBModem" "LGE CDMA Modem Support" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64modem.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codec" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.lameacm" "Lame MP3 codec engine" "http://www.mp3dev.org/" "c:\windows\syswow64\lameacm.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIV3" "DivX ;-) MPEG-4 Video Codec " "Hacked with Joy !" "c:\windows\syswow64\divxc32.dll"
+ "vidc.DIV4" "DivX ;-) MPEG-4 Video Codec " "Hacked with Joy !" "c:\windows\syswow64\divxc32f.dll"
+ "VIDC.FFDS" "" "" "c:\windows\syswow64\ff_vfw.dll"
+ "vidc.xvid" "" "" "c:\windows\syswow64\xvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Microsoft Zune H.264 Video Decoder" "Microsoft Zune H.264 Video Decoder" "Microsoft Corporation" "c:\program files\zune\zuneh264dec.dll"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
+ "WMEnc Screen Capture Filter" "ZuneSrcWrp Module" "Microsoft Corporation" "c:\program files\zune\zunesrcwrp.dll"
+ "Zune Enhanced Video Renderer" "Enhanced Video Renderer DLL" "Microsoft Corporation" "c:\program files\zune\zuneevr.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audible Words Codec" "Audible Audio Files DirectShow Source Filter" "Audible, Inc." "c:\windows\syswow64\awrdscdc.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "DivX MPEG-4 DVD Video Decompressor " "DivX MPEG-4 DVD Video Decompressor " "Hacked With Joy ! " "c:\windows\syswow64\divx_c32.ax"
+ "DivXAntiFreeze" "DivX AntiFreeze Filter" "" "c:\windows\syswow64\divxaf.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "MPC - RealAudio Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files (x86)\real alternative\realmediasplitter.ax"
+ "MPC - RealMedia Source" "RealMedia Splitter" "MPC-HC Team" "c:\program files (x86)\real alternative\realmediasplitter.ax"
+ "MPC - RealMedia Splitter" "RealMedia Splitter" "MPC-HC Team" "c:\program files (x86)\real alternative\realmediasplitter.ax"
+ "MPC - RealVideo Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files (x86)\real alternative\realmediasplitter.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "XviD MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "c:\progra~2\wxdown~1\sprote~1.dll" "SProtector 1.66.1133" "" "c:\program files (x86)\wxdownload\sprotector.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Z700-P700 Series Port" "Printer Communication System" " " "c:\windows\system32\lxbllmpm.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:54 AM

Posted 02 December 2012 - 07:07 PM

I still didnot get your junkware removal tool.Try to run it in safemode with networking

Launch Autoruns and uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Evernote" "" "" "c:\users\proulx\appdata\local\google\evernote\trijtzxoi.dll"

Restart the PC and delete this file

c:\users\proulx\appdata\local\google\evernote\trijtzxoi.dll

You should not have redirects now.

#9 ChristineProulx

ChristineProulx
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:54 AM

Posted 02 December 2012 - 09:36 PM

Everything looks clear now. I did 3 searches that took me to the correct page. Thanks!



JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.7.5 (12.02.2012:2)
OS: Windows 7 Home Premium x64
Ran by Proulx on Sun 12/02/2012 at 21:25:52.65
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{3bd44f0e-0596-4008-aee0-45d47e3a8f0e}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{443789b7-f39c-4b5c-9287-da72d38f4fe6}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{443789b7-f39c-4b5c-9287-da72d38f4fe6}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{59c6f12b-f004-43e5-9997-08f2123119b6}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{a531d99c-5a22-449b-83da-872725c6d0ed}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afbcb7e0-f91a-4951-9f31-58fee57a25c4}



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Proulx\AppData\Roaming\pccustubinstaller"
Successfully deleted: [Folder] "C:\Program Files (x86)\aol toolbar"



~~~ FireFox

Successfully deleted: [File] C:\Users\Proulx\AppData\Roaming\mozilla\firefox\profiles\xe67ksgt.default\extensions\hjfxzclcfo@hjfxzclcfo.org.xpi [Tracur]
Successfully deleted: [File] C:\Users\Proulx\AppData\Roaming\mozilla\firefox\profiles\xe67ksgt.default\searchplugins\bing-zugo.xml
Successfully deleted the following from C:\Users\Proulx\AppData\Roaming\mozilla\firefox\profiles\xe67ksgt.default\prefs.js

user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023
user_pref("extensions.toolbar.mindspark._5qMembers_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._5qMembers_.hp.user.defined", false);
user_pref("extensions.toolbar.mindspark._5qMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._5qMembers_.installation.installDate", "2012061519");
user_pref("extensions.toolbar.mindspark._5qMembers_.installation.partnerId", "ZJxdm047YYus");
user_pref("extensions.toolbar.mindspark._5qMembers_.installation.partnerSubId", "CMTxwODx0LACFQlN4AodN1DZVw");
user_pref("extensions.toolbar.mindspark._5qMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._5qMembers_.installation.toolbarId", "C9C82FB9-427B-4670-8C1F-A68A4D3D6E57");
user_pref("extensions.toolbar.mindspark._5qMembers_.lastActivePing", "1339843596623");
user_pref("extensions.toolbar.mindspark._5qMembers_.tab.date", "1339801942902");
user_pref("extensions.toolbar.mindspark._5qMembers_.weather.location", "01440");
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "zwinky@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "zwinky@mindspark.com");
user_pref("extensions.toolbar.mindspark.sa.enabled", true);
user_pref("extensions.toolbar.mindspark.sa.owner", "zwinky@mindspark.com");
user_pref("extensions.toolbar.mindspark.tab.enabled", true);
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/02/2012 at 21:33:31.71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:54 AM

Posted 03 December 2012 - 01:32 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users