Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer virus help please


  • Please log in to reply
20 replies to this topic

#1 shorti3232

shorti3232

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:31 PM

Posted 30 November 2012 - 12:09 PM

So my friends computer has a virus. It wont open any other application. When i click on the internet it opens up a window asking to save open or cancel. That pop up comes up on any application i try to open. I cant download anything on this computer and i have no other computer to download things onto. I have tried to run safe mode like some people have said and it does not change anything. Please help me. This computer is almost useless at this point. Please and thank you :)

Edited by bloopie, 30 November 2012 - 12:57 PM.
Mod Edit: Moved from Windows 7 to AII. ~ bloopie


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:31 PM

Posted 30 November 2012 - 01:52 PM

I cant download anything on this computer and i have no other computer to download things onto.


How can we help then?

Please download this tool from one of your friend's PC and copy the tool using a flash drive to the infected one

Please download exeHelper to your desktop.

http://www.raktor.net/exeHelper/exeHelper.com

Double-click on exeHelper.com to run the fix.

A black window should pop up, press any key to close once the fix is completed.

Restart the PC and see if you can launch applications now

#3 shorti3232

shorti3232
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:31 PM

Posted 01 December 2012 - 07:22 PM

exeHelper by Raktor
Build 20100414
Run at 16:17:26 on 12/01/12
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

this is what it said, and nothing is opening still. i was able to run it directly off this computer but nothing else will open still.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:31 PM

Posted 02 December 2012 - 11:13 AM

Are you still getting the OPEN WITH option? on all applications?

Download

EXE fix

Launch the registry key file and click YES

Try to launch applications now

#5 shorti3232

shorti3232
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:31 PM

Posted 03 December 2012 - 10:50 AM

Ok, so i did what you just told me, and now applications are opening!!! :) thank you so much. What must i do next?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:31 PM

Posted 03 December 2012 - 11:34 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#7 shorti3232

shorti3232
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:31 PM

Posted 03 December 2012 - 11:42 AM

TDS-08:39:55.0923 0428 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
08:39:56.0429 0428 ============================================================
08:39:56.0429 0428 Current date / time: 2012/12/03 08:39:56.0429
08:39:56.0429 0428 SystemInfo:
08:39:56.0429 0428
08:39:56.0430 0428 OS Version: 6.1.7601 ServicePack: 1.0
08:39:56.0430 0428 Product type: Workstation
08:39:56.0430 0428 ComputerName: HOME-PC
08:39:56.0430 0428 UserName: Home
08:39:56.0430 0428 Windows directory: C:\Windows
08:39:56.0430 0428 System windows directory: C:\Windows
08:39:56.0430 0428 Processor architecture: Intel x86
08:39:56.0430 0428 Number of processors: 2
08:39:56.0430 0428 Page size: 0x1000
08:39:56.0430 0428 Boot type: Normal boot
08:39:56.0430 0428 ============================================================
08:39:57.0695 0428 Drive \Device\Harddisk0\DR0 - Size: 0x1248119400 (73.13 Gb), SectorSize: 0x200, Cylinders: 0x254A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:39:57.0699 0428 ============================================================
08:39:57.0699 0428 \Device\Harddisk0\DR0:
08:39:57.0700 0428 MBR partitions:
08:39:57.0700 0428 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:39:57.0700 0428 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x920D800
08:39:57.0700 0428 ============================================================
08:39:57.0730 0428 C: <-> \Device\Harddisk0\DR0\Partition2
08:39:57.0730 0428 ============================================================
08:39:57.0730 0428 Initialize success
08:39:57.0730 0428 ============================================================
08:40:21.0184 5264 ============================================================
08:40:21.0184 5264 Scan started
08:40:21.0184 5264 Mode: Manual; TDLFS;
08:40:21.0184 5264 ============================================================
08:40:22.0667 5264 ================ Scan system memory ========================
08:40:22.0667 5264 System memory - ok
08:40:22.0668 5264 ================ Scan services =============================
08:40:22.0973 5264 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
08:40:22.0977 5264 1394ohci - ok
08:40:23.0011 5264 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:40:23.0018 5264 ACPI - ok
08:40:23.0046 5264 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:40:23.0048 5264 AcpiPmi - ok
08:40:23.0155 5264 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:40:23.0160 5264 AdobeARMservice - ok
08:40:23.0295 5264 [ F19C98AD81D2C0E1BBFD8153D2C80EE8 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:40:23.0301 5264 AdobeFlashPlayerUpdateSvc - ok
08:40:23.0363 5264 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:40:23.0371 5264 adp94xx - ok
08:40:23.0420 5264 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:40:23.0427 5264 adpahci - ok
08:40:23.0460 5264 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:40:23.0464 5264 adpu320 - ok
08:40:23.0523 5264 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:40:23.0525 5264 AeLookupSvc - ok
08:40:23.0607 5264 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
08:40:23.0616 5264 AFD - ok
08:40:23.0637 5264 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
08:40:23.0639 5264 agp440 - ok
08:40:23.0683 5264 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
08:40:23.0685 5264 aic78xx - ok
08:40:23.0755 5264 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
08:40:23.0757 5264 ALG - ok
08:40:23.0793 5264 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
08:40:23.0795 5264 aliide - ok
08:40:23.0802 5264 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
08:40:23.0804 5264 amdagp - ok
08:40:23.0811 5264 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
08:40:23.0812 5264 amdide - ok
08:40:23.0822 5264 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:40:23.0824 5264 AmdK8 - ok
08:40:23.0837 5264 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
08:40:23.0839 5264 AmdPPM - ok
08:40:23.0880 5264 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:40:23.0882 5264 amdsata - ok
08:40:23.0920 5264 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:40:23.0924 5264 amdsbs - ok
08:40:23.0948 5264 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:40:23.0950 5264 amdxata - ok
08:40:23.0976 5264 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
08:40:23.0978 5264 AppID - ok
08:40:24.0024 5264 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:40:24.0026 5264 AppIDSvc - ok
08:40:24.0050 5264 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
08:40:24.0052 5264 Appinfo - ok
08:40:24.0170 5264 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:40:24.0172 5264 Apple Mobile Device - ok
08:40:24.0212 5264 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
08:40:24.0214 5264 arc - ok
08:40:24.0233 5264 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:40:24.0235 5264 arcsas - ok
08:40:24.0267 5264 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:40:24.0268 5264 AsyncMac - ok
08:40:24.0306 5264 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
08:40:24.0307 5264 atapi - ok
08:40:24.0344 5264 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:40:24.0352 5264 AudioEndpointBuilder - ok
08:40:24.0388 5264 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
08:40:24.0392 5264 Audiosrv - ok
08:40:24.0449 5264 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:40:24.0452 5264 AxInstSV - ok
08:40:24.0506 5264 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
08:40:24.0514 5264 b06bdrv - ok
08:40:24.0556 5264 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
08:40:24.0560 5264 b57nd60x - ok
08:40:24.0635 5264 [ 82DD21BFA8BBE0A3A3833A1BD8E86158 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
08:40:24.0636 5264 bcm4sbxp - ok
08:40:24.0656 5264 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
08:40:24.0659 5264 BDESVC - ok
08:40:24.0691 5264 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
08:40:24.0692 5264 Beep - ok
08:40:24.0765 5264 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
08:40:24.0774 5264 BFE - ok
08:40:25.0033 5264 [ A503D32AE26F77CB942AED530112EDAA ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120413.001_ae0\BHDrvx86.sys
08:40:25.0078 5264 BHDrvx86 - ok
08:40:25.0141 5264 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
08:40:25.0187 5264 BITS - ok
08:40:25.0204 5264 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:40:25.0205 5264 blbdrive - ok
08:40:25.0336 5264 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:40:25.0344 5264 Bonjour Service - ok
08:40:25.0405 5264 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:40:25.0407 5264 bowser - ok
08:40:25.0444 5264 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:40:25.0446 5264 BrFiltLo - ok
08:40:25.0470 5264 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:40:25.0471 5264 BrFiltUp - ok
08:40:25.0512 5264 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
08:40:25.0514 5264 Browser - ok
08:40:25.0550 5264 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:40:25.0555 5264 Brserid - ok
08:40:25.0565 5264 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:40:25.0567 5264 BrSerWdm - ok
08:40:25.0581 5264 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:40:25.0582 5264 BrUsbMdm - ok
08:40:25.0589 5264 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:40:25.0591 5264 BrUsbSer - ok
08:40:25.0687 5264 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
08:40:25.0690 5264 BthEnum - ok
08:40:25.0700 5264 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:40:25.0704 5264 BTHMODEM - ok
08:40:25.0748 5264 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:40:25.0750 5264 BthPan - ok
08:40:25.0821 5264 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
08:40:25.0831 5264 BTHPORT - ok
08:40:25.0886 5264 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
08:40:25.0888 5264 bthserv - ok
08:40:25.0908 5264 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
08:40:25.0911 5264 BTHUSB - ok
08:40:26.0005 5264 [ 599E7F6259A127C174C49938D2AA6A60 ] ccSet_NIS C:\Windows\system32\drivers\NIS\1306020.00A\ccSetx86.sys
08:40:26.0008 5264 ccSet_NIS - ok
08:40:26.0038 5264 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:40:26.0040 5264 cdfs - ok
08:40:26.0138 5264 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:40:26.0141 5264 cdrom - ok
08:40:26.0176 5264 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
08:40:26.0178 5264 CertPropSvc - ok
08:40:26.0206 5264 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
08:40:26.0207 5264 circlass - ok
08:40:26.0245 5264 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
08:40:26.0250 5264 CLFS - ok
08:40:26.0329 5264 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:40:26.0334 5264 clr_optimization_v2.0.50727_32 - ok
08:40:26.0447 5264 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:40:26.0452 5264 clr_optimization_v4.0.30319_32 - ok
08:40:26.0474 5264 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:40:26.0476 5264 CmBatt - ok
08:40:26.0512 5264 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:40:26.0513 5264 cmdide - ok
08:40:26.0574 5264 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
08:40:26.0582 5264 CNG - ok
08:40:26.0609 5264 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:40:26.0611 5264 Compbatt - ok
08:40:26.0641 5264 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
08:40:26.0643 5264 CompositeBus - ok
08:40:26.0654 5264 COMSysApp - ok
08:40:26.0666 5264 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:40:26.0668 5264 crcdisk - ok
08:40:26.0739 5264 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:40:26.0743 5264 CryptSvc - ok
08:40:26.0787 5264 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
08:40:26.0796 5264 DcomLaunch - ok
08:40:26.0818 5264 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
08:40:26.0825 5264 defragsvc - ok
08:40:26.0850 5264 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:40:26.0852 5264 DfsC - ok
08:40:26.0898 5264 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
08:40:26.0903 5264 Dhcp - ok
08:40:26.0936 5264 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
08:40:26.0938 5264 discache - ok
08:40:27.0015 5264 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
08:40:27.0017 5264 Disk - ok
08:40:27.0062 5264 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:40:27.0065 5264 Dnscache - ok
08:40:27.0093 5264 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
08:40:27.0098 5264 dot3svc - ok
08:40:27.0122 5264 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
08:40:27.0125 5264 DPS - ok
08:40:27.0160 5264 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:40:27.0161 5264 drmkaud - ok
08:40:27.0210 5264 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:40:27.0245 5264 DXGKrnl - ok
08:40:27.0290 5264 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
08:40:27.0293 5264 EapHost - ok
08:40:27.0467 5264 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
08:40:27.0615 5264 ebdrv - ok
08:40:27.0695 5264 [ 579A6B6135D32B857FAF0E3A974535D8 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
08:40:27.0701 5264 eeCtrl - ok
08:40:27.0743 5264 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
08:40:27.0746 5264 EFS - ok
08:40:27.0842 5264 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:40:27.0865 5264 ehRecvr - ok
08:40:27.0884 5264 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
08:40:27.0886 5264 ehSched - ok
08:40:27.0946 5264 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:40:27.0954 5264 elxstor - ok
08:40:28.0029 5264 [ 028D50F059BD0D2CCB209E9011B9A9A4 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:40:28.0032 5264 EraserUtilRebootDrv - ok
08:40:28.0052 5264 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:40:28.0053 5264 ErrDev - ok
08:40:28.0100 5264 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
08:40:28.0106 5264 EventSystem - ok
08:40:28.0128 5264 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
08:40:28.0131 5264 exfat - ok
08:40:28.0149 5264 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:40:28.0154 5264 fastfat - ok
08:40:28.0196 5264 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
08:40:28.0220 5264 Fax - ok
08:40:28.0245 5264 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
08:40:28.0247 5264 fdc - ok
08:40:28.0269 5264 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
08:40:28.0271 5264 fdPHost - ok
08:40:28.0289 5264 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
08:40:28.0290 5264 FDResPub - ok
08:40:28.0309 5264 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:40:28.0311 5264 FileInfo - ok
08:40:28.0336 5264 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:40:28.0338 5264 Filetrace - ok
08:40:28.0364 5264 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:40:28.0366 5264 flpydisk - ok
08:40:28.0404 5264 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:40:28.0409 5264 FltMgr - ok
08:40:28.0493 5264 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
08:40:28.0538 5264 FontCache - ok
08:40:28.0604 5264 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:40:28.0606 5264 FontCache3.0.0.0 - ok
08:40:28.0619 5264 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:40:28.0621 5264 FsDepends - ok
08:40:28.0657 5264 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:40:28.0659 5264 Fs_Rec - ok
08:40:28.0708 5264 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:40:28.0712 5264 fvevol - ok
08:40:28.0744 5264 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:40:28.0746 5264 gagp30kx - ok
08:40:28.0799 5264 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:40:28.0800 5264 GEARAspiWDM - ok
08:40:28.0853 5264 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
08:40:28.0889 5264 gpsvc - ok
08:40:28.0956 5264 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:40:28.0959 5264 gusvc - ok
08:40:28.0977 5264 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:40:28.0982 5264 hcw85cir - ok
08:40:29.0043 5264 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:40:29.0049 5264 HdAudAddService - ok
08:40:29.0101 5264 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:40:29.0103 5264 HDAudBus - ok
08:40:29.0129 5264 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:40:29.0130 5264 HidBatt - ok
08:40:29.0157 5264 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:40:29.0159 5264 HidBth - ok
08:40:29.0181 5264 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
08:40:29.0183 5264 HidIr - ok
08:40:29.0226 5264 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
08:40:29.0228 5264 hidserv - ok
08:40:29.0261 5264 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:40:29.0263 5264 HidUsb - ok
08:40:29.0294 5264 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:40:29.0297 5264 hkmsvc - ok
08:40:29.0345 5264 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:40:29.0350 5264 HomeGroupListener - ok
08:40:29.0390 5264 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:40:29.0396 5264 HomeGroupProvider - ok
08:40:29.0428 5264 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:40:29.0431 5264 HpSAMD - ok
08:40:29.0525 5264 [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
08:40:29.0571 5264 HSF_DPV - ok
08:40:29.0628 5264 [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
08:40:29.0632 5264 HSXHWAZL - ok
08:40:29.0695 5264 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:40:29.0765 5264 HTTP - ok
08:40:29.0788 5264 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:40:29.0790 5264 hwpolicy - ok
08:40:29.0819 5264 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:40:29.0822 5264 i8042prt - ok
08:40:29.0865 5264 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:40:29.0872 5264 iaStorV - ok
08:40:29.0950 5264 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:40:29.0991 5264 idsvc - ok
08:40:30.0139 5264 [ B6662611E8FA3A71473C4A9BD0D23755 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120420.001_b0e\IDSvix86.sys
08:40:30.0148 5264 IDSVix86 - ok
08:40:30.0413 5264 [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
08:40:30.0613 5264 igfx - ok
08:40:30.0646 5264 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:40:30.0648 5264 iirsp - ok
08:40:30.0713 5264 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
08:40:30.0750 5264 IKEEXT - ok
08:40:30.0771 5264 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
08:40:30.0773 5264 intelide - ok
08:40:30.0801 5264 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:40:30.0802 5264 intelppm - ok
08:40:30.0824 5264 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:40:30.0827 5264 IPBusEnum - ok
08:40:30.0850 5264 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:40:30.0853 5264 IpFilterDriver - ok
08:40:30.0924 5264 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:40:30.0947 5264 iphlpsvc - ok
08:40:30.0966 5264 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:40:30.0968 5264 IPMIDRV - ok
08:40:30.0977 5264 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:40:30.0981 5264 IPNAT - ok
08:40:31.0094 5264 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:40:31.0128 5264 iPod Service - ok
08:40:31.0158 5264 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:40:31.0159 5264 IRENUM - ok
08:40:31.0191 5264 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:40:31.0193 5264 isapnp - ok
08:40:31.0223 5264 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:40:31.0229 5264 iScsiPrt - ok
08:40:31.0278 5264 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:40:31.0280 5264 kbdclass - ok
08:40:31.0309 5264 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:40:31.0311 5264 kbdhid - ok
08:40:31.0333 5264 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
08:40:31.0335 5264 KeyIso - ok
08:40:31.0393 5264 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:40:31.0395 5264 KSecDD - ok
08:40:31.0463 5264 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:40:31.0466 5264 KSecPkg - ok
08:40:31.0504 5264 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
08:40:31.0513 5264 KtmRm - ok
08:40:31.0567 5264 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
08:40:31.0572 5264 LanmanServer - ok
08:40:31.0606 5264 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:40:31.0611 5264 LanmanWorkstation - ok
08:40:31.0668 5264 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:40:31.0670 5264 lltdio - ok
08:40:31.0694 5264 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:40:31.0702 5264 lltdsvc - ok
08:40:31.0734 5264 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
08:40:31.0736 5264 lmhosts - ok
08:40:31.0782 5264 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:40:31.0784 5264 LSI_FC - ok
08:40:31.0803 5264 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:40:31.0805 5264 LSI_SAS - ok
08:40:31.0827 5264 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:40:31.0829 5264 LSI_SAS2 - ok
08:40:31.0852 5264 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:40:31.0854 5264 LSI_SCSI - ok
08:40:31.0874 5264 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
08:40:31.0877 5264 luafv - ok
08:40:31.0916 5264 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:40:31.0919 5264 Mcx2Svc - ok
08:40:32.0002 5264 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
08:40:32.0008 5264 MDM - ok
08:40:32.0078 5264 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
08:40:32.0079 5264 mdmxsdk - ok
08:40:32.0116 5264 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
08:40:32.0118 5264 megasas - ok
08:40:32.0161 5264 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:40:32.0166 5264 MegaSR - ok
08:40:32.0197 5264 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
08:40:32.0200 5264 MMCSS - ok
08:40:32.0218 5264 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
08:40:32.0219 5264 Modem - ok
08:40:32.0256 5264 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:40:32.0257 5264 monitor - ok
08:40:32.0287 5264 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:40:32.0288 5264 mouclass - ok
08:40:32.0322 5264 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:40:32.0324 5264 mouhid - ok
08:40:32.0350 5264 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:40:32.0352 5264 mountmgr - ok
08:40:32.0453 5264 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:40:32.0457 5264 MozillaMaintenance - ok
08:40:32.0489 5264 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
08:40:32.0492 5264 mpio - ok
08:40:32.0537 5264 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:40:32.0539 5264 mpsdrv - ok
08:40:32.0599 5264 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:40:32.0634 5264 MpsSvc - ok
08:40:32.0660 5264 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:40:32.0663 5264 MRxDAV - ok
08:40:32.0726 5264 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:40:32.0729 5264 mrxsmb - ok
08:40:32.0761 5264 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:40:32.0767 5264 mrxsmb10 - ok
08:40:32.0786 5264 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:40:32.0789 5264 mrxsmb20 - ok
08:40:32.0812 5264 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
08:40:32.0814 5264 msahci - ok
08:40:32.0839 5264 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:40:32.0842 5264 msdsm - ok
08:40:32.0870 5264 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
08:40:32.0875 5264 MSDTC - ok
08:40:32.0912 5264 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:40:32.0914 5264 Msfs - ok
08:40:32.0953 5264 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:40:32.0954 5264 mshidkmdf - ok
08:40:32.0975 5264 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:40:32.0977 5264 msisadrv - ok
08:40:33.0024 5264 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:40:33.0029 5264 MSiSCSI - ok
08:40:33.0037 5264 msiserver - ok
08:40:33.0068 5264 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:40:33.0069 5264 MSKSSRV - ok
08:40:33.0083 5264 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:40:33.0084 5264 MSPCLOCK - ok
08:40:33.0103 5264 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:40:33.0108 5264 MSPQM - ok
08:40:33.0131 5264 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:40:33.0135 5264 MsRPC - ok
08:40:33.0150 5264 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:40:33.0152 5264 mssmbios - ok
08:40:33.0171 5264 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:40:33.0172 5264 MSTEE - ok
08:40:33.0179 5264 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:40:33.0180 5264 MTConfig - ok
08:40:33.0207 5264 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
08:40:33.0208 5264 Mup - ok
08:40:33.0261 5264 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
08:40:33.0269 5264 napagent - ok
08:40:33.0329 5264 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:40:33.0353 5264 NativeWifiP - ok
08:40:33.0452 5264 [ 862F55824AC81295837B0AB63F91071F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120420.032\NAVENG.SYS
08:40:33.0455 5264 NAVENG - ok
08:40:33.0549 5264 [ 529D571B551CB9DA44237389B936F1AE ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120420.032\NAVEX15.SYS
08:40:33.0639 5264 NAVEX15 - ok
08:40:33.0755 5264 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:40:33.0788 5264 NDIS - ok
08:40:33.0827 5264 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:40:33.0829 5264 NdisCap - ok
08:40:33.0864 5264 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:40:33.0866 5264 NdisTapi - ok
08:40:33.0926 5264 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:40:33.0927 5264 Ndisuio - ok
08:40:33.0956 5264 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:40:33.0959 5264 NdisWan - ok
08:40:33.0984 5264 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:40:33.0986 5264 NDProxy - ok
08:40:34.0021 5264 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:40:34.0023 5264 NetBIOS - ok
08:40:34.0039 5264 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:40:34.0043 5264 NetBT - ok
08:40:34.0066 5264 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
08:40:34.0068 5264 Netlogon - ok
08:40:34.0129 5264 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
08:40:34.0136 5264 Netman - ok
08:40:34.0151 5264 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
08:40:34.0164 5264 netprofm - ok
08:40:34.0202 5264 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:40:34.0205 5264 NetTcpPortSharing - ok
08:40:34.0437 5264 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
08:40:34.0607 5264 netw5v32 - ok
08:40:34.0654 5264 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:40:34.0656 5264 nfrd960 - ok
08:40:34.0754 5264 [ 7A02F128A454BB22E300F3F80BC1BD22 ] NIS C:\Program Files\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe
08:40:34.0757 5264 NIS - ok
08:40:34.0826 5264 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
08:40:34.0836 5264 NlaSvc - ok
08:40:34.0855 5264 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:40:34.0856 5264 Npfs - ok
08:40:34.0883 5264 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
08:40:34.0886 5264 nsi - ok
08:40:34.0903 5264 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:40:34.0904 5264 nsiproxy - ok
08:40:35.0010 5264 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:40:35.0068 5264 Ntfs - ok
08:40:35.0091 5264 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
08:40:35.0093 5264 Null - ok
08:40:35.0145 5264 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:40:35.0148 5264 nvraid - ok
08:40:35.0162 5264 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:40:35.0166 5264 nvstor - ok
08:40:35.0192 5264 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:40:35.0195 5264 nv_agp - ok
08:40:35.0340 5264 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:40:35.0362 5264 odserv - ok
08:40:35.0414 5264 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:40:35.0416 5264 ohci1394 - ok
08:40:35.0490 5264 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:40:35.0495 5264 ose - ok
08:40:35.0561 5264 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:40:35.0568 5264 p2pimsvc - ok
08:40:35.0607 5264 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
08:40:35.0615 5264 p2psvc - ok
08:40:35.0636 5264 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
08:40:35.0638 5264 Parport - ok
08:40:35.0717 5264 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:40:35.0719 5264 partmgr - ok
08:40:35.0759 5264 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
08:40:35.0761 5264 Parvdm - ok
08:40:35.0794 5264 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:40:35.0800 5264 PcaSvc - ok
08:40:35.0820 5264 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
08:40:35.0827 5264 pci - ok
08:40:35.0862 5264 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
08:40:35.0864 5264 pciide - ok
08:40:35.0897 5264 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:40:35.0903 5264 pcmcia - ok
08:40:35.0928 5264 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
08:40:35.0930 5264 pcw - ok
08:40:35.0966 5264 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:40:36.0001 5264 PEAUTH - ok
08:40:36.0160 5264 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
08:40:36.0262 5264 pla - ok
08:40:36.0355 5264 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:40:36.0362 5264 PlugPlay - ok
08:40:36.0384 5264 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:40:36.0387 5264 PNRPAutoReg - ok
08:40:36.0417 5264 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:40:36.0421 5264 PNRPsvc - ok
08:40:36.0468 5264 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:40:36.0477 5264 PolicyAgent - ok
08:40:36.0514 5264 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
08:40:36.0519 5264 Power - ok
08:40:36.0556 5264 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:40:36.0559 5264 PptpMiniport - ok
08:40:36.0585 5264 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
08:40:36.0587 5264 Processor - ok
08:40:36.0638 5264 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
08:40:36.0642 5264 ProfSvc - ok
08:40:36.0655 5264 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:40:36.0657 5264 ProtectedStorage - ok
08:40:36.0687 5264 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:40:36.0689 5264 Psched - ok
08:40:36.0767 5264 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:40:36.0837 5264 ql2300 - ok
08:40:36.0875 5264 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:40:36.0878 5264 ql40xx - ok
08:40:36.0921 5264 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
08:40:36.0927 5264 QWAVE - ok
08:40:36.0944 5264 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:40:36.0945 5264 QWAVEdrv - ok
08:40:36.0966 5264 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:40:36.0968 5264 RasAcd - ok
08:40:37.0002 5264 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:40:37.0004 5264 RasAgileVpn - ok
08:40:37.0026 5264 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
08:40:37.0030 5264 RasAuto - ok
08:40:37.0056 5264 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:40:37.0058 5264 Rasl2tp - ok
08:40:37.0102 5264 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
08:40:37.0110 5264 RasMan - ok
08:40:37.0134 5264 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:40:37.0137 5264 RasPppoe - ok
08:40:37.0178 5264 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:40:37.0180 5264 RasSstp - ok
08:40:37.0190 5264 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:40:37.0195 5264 rdbss - ok
08:40:37.0219 5264 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
08:40:37.0221 5264 rdpbus - ok
08:40:37.0236 5264 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:40:37.0237 5264 RDPCDD - ok
08:40:37.0280 5264 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:40:37.0282 5264 RDPENCDD - ok
08:40:37.0292 5264 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:40:37.0294 5264 RDPREFMP - ok
08:40:37.0347 5264 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:40:37.0353 5264 RDPWD - ok
08:40:37.0394 5264 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:40:37.0399 5264 rdyboost - ok
08:40:37.0431 5264 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
08:40:37.0435 5264 RemoteAccess - ok
08:40:37.0481 5264 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:40:37.0485 5264 RemoteRegistry - ok
08:40:37.0528 5264 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:40:37.0532 5264 RFCOMM - ok
08:40:37.0603 5264 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
08:40:37.0605 5264 rimmptsk - ok
08:40:37.0620 5264 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
08:40:37.0622 5264 rimsptsk - ok
08:40:37.0676 5264 [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
08:40:37.0677 5264 RimUsb - ok
08:40:37.0761 5264 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
08:40:37.0762 5264 rismxdp - ok
08:40:37.0788 5264 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:40:37.0792 5264 RpcEptMapper - ok
08:40:37.0833 5264 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
08:40:37.0835 5264 RpcLocator - ok
08:40:37.0888 5264 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
08:40:37.0893 5264 RpcSs - ok
08:40:37.0945 5264 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:40:37.0948 5264 rspndr - ok
08:40:37.0966 5264 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
08:40:37.0968 5264 SamSs - ok
08:40:38.0002 5264 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:40:38.0005 5264 sbp2port - ok
08:40:38.0036 5264 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:40:38.0041 5264 SCardSvr - ok
08:40:38.0060 5264 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:40:38.0062 5264 scfilter - ok
08:40:38.0113 5264 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
08:40:38.0146 5264 Schedule - ok
08:40:38.0176 5264 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:40:38.0177 5264 SCPolicySvc - ok
08:40:38.0232 5264 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
08:40:38.0235 5264 sdbus - ok
08:40:38.0263 5264 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:40:38.0267 5264 SDRSVC - ok
08:40:38.0308 5264 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:40:38.0309 5264 secdrv - ok
08:40:38.0339 5264 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
08:40:38.0342 5264 seclogon - ok
08:40:38.0374 5264 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
08:40:38.0377 5264 SENS - ok
08:40:38.0413 5264 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:40:38.0416 5264 SensrSvc - ok
08:40:38.0433 5264 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
08:40:38.0434 5264 Serenum - ok
08:40:38.0468 5264 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
08:40:38.0470 5264 Serial - ok
08:40:38.0481 5264 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:40:38.0483 5264 sermouse - ok
08:40:38.0525 5264 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
08:40:38.0530 5264 SessionEnv - ok
08:40:38.0554 5264 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:40:38.0555 5264 sffdisk - ok
08:40:38.0562 5264 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:40:38.0564 5264 sffp_mmc - ok
08:40:38.0575 5264 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:40:38.0576 5264 sffp_sd - ok
08:40:38.0583 5264 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:40:38.0585 5264 sfloppy - ok
08:40:38.0646 5264 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:40:38.0697 5264 SharedAccess - ok
08:40:38.0817 5264 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:40:38.0852 5264 ShellHWDetection - ok
08:40:38.0861 5264 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
08:40:38.0864 5264 sisagp - ok
08:40:38.0908 5264 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:40:38.0910 5264 SiSRaid2 - ok
08:40:38.0928 5264 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:40:38.0930 5264 SiSRaid4 - ok
08:40:38.0989 5264 [ BF302072DC8374CF4E118FD88AA817A2 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
08:40:38.0991 5264 SmartDefragDriver - ok
08:40:39.0073 5264 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:40:39.0075 5264 Smb - ok
08:40:39.0108 5264 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:40:39.0111 5264 SNMPTRAP - ok
08:40:39.0132 5264 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
08:40:39.0135 5264 spldr - ok
08:40:39.0207 5264 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
08:40:39.0218 5264 Spooler - ok
08:40:39.0391 5264 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
08:40:39.0543 5264 sppsvc - ok
08:40:39.0565 5264 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:40:39.0569 5264 sppuinotify - ok
08:40:39.0630 5264 [ C16D048FAF2978D2121F9F40594A6BDC ] SRTSP C:\Windows\System32\Drivers\NIS\1306020.00A\SRTSP.SYS
08:40:39.0664 5264 SRTSP - ok
08:40:39.0700 5264 [ F0D02C2E25970C9C72A5CD278C17CDB6 ] SRTSPX C:\Windows\system32\drivers\NIS\1306020.00A\SRTSPX.SYS
08:40:39.0701 5264 SRTSPX - ok
08:40:39.0758 5264 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:40:39.0764 5264 srv - ok
08:40:39.0791 5264 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:40:39.0797 5264 srv2 - ok
08:40:39.0837 5264 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
08:40:39.0842 5264 SrvHsfHDA - ok
08:40:39.0913 5264 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
08:40:39.0974 5264 SrvHsfV92 - ok
08:40:40.0025 5264 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
08:40:40.0060 5264 SrvHsfWinac - ok
08:40:40.0104 5264 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:40:40.0108 5264 srvnet - ok
08:40:40.0140 5264 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:40:40.0146 5264 SSDPSRV - ok
08:40:40.0170 5264 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:40:40.0174 5264 SstpSvc - ok
08:40:40.0206 5264 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:40:40.0207 5264 stexstor - ok
08:40:40.0265 5264 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
08:40:40.0288 5264 StiSvc - ok
08:40:40.0320 5264 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:40:40.0322 5264 swenum - ok
08:40:40.0397 5264 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
08:40:40.0409 5264 swprv - ok
08:40:40.0495 5264 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\Windows\system32\drivers\NIS\1306020.00A\SYMDS.SYS
08:40:40.0504 5264 SymDS - ok
08:40:40.0559 5264 [ 4E55148A2E044D02245CBCDBB266B98C ] SymEFA C:\Windows\system32\drivers\NIS\1306020.00A\SYMEFA.SYS
08:40:40.0603 5264 SymEFA - ok
08:40:40.0655 5264 [ 555FB450FE6908600310E990738B41D6 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
08:40:40.0658 5264 SymEvent - ok
08:40:40.0678 5264 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\Windows\system32\drivers\NIS\1306020.00A\Ironx86.SYS
08:40:40.0681 5264 SymIRON - ok
08:40:40.0713 5264 [ 3EE215D6FE821E3EDF0F7134D9AE905A ] SymNetS C:\Windows\System32\Drivers\NIS\1306020.00A\SYMNETS.SYS
08:40:40.0718 5264 SymNetS - ok
08:40:40.0786 5264 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
08:40:40.0839 5264 SysMain - ok
08:40:40.0873 5264 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:40:40.0877 5264 TabletInputService - ok
08:40:40.0904 5264 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
08:40:40.0911 5264 TapiSrv - ok
08:40:40.0926 5264 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
08:40:40.0930 5264 TBS - ok
08:40:41.0041 5264 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:40:41.0102 5264 Tcpip - ok
08:40:41.0181 5264 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:40:41.0192 5264 TCPIP6 - ok
08:40:41.0215 5264 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:40:41.0217 5264 tcpipreg - ok
08:40:41.0252 5264 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:40:41.0253 5264 TDPIPE - ok
08:40:41.0278 5264 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:40:41.0280 5264 TDTCP - ok
08:40:41.0302 5264 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:40:41.0304 5264 tdx - ok
08:40:41.0319 5264 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:40:41.0321 5264 TermDD - ok
08:40:41.0431 5264 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
08:40:41.0466 5264 TermService - ok
08:40:41.0493 5264 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
08:40:41.0497 5264 Themes - ok
08:40:41.0507 5264 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
08:40:41.0509 5264 THREADORDER - ok
08:40:41.0528 5264 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
08:40:41.0533 5264 TrkWks - ok
08:40:41.0602 5264 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:40:41.0606 5264 TrustedInstaller - ok
08:40:41.0633 5264 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:40:41.0635 5264 tssecsrv - ok
08:40:41.0663 5264 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:40:41.0665 5264 TsUsbFlt - ok
08:40:41.0701 5264 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
08:40:41.0702 5264 TsUsbGD - ok
08:40:41.0722 5264 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:40:41.0725 5264 tunnel - ok
08:40:41.0741 5264 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:40:41.0743 5264 uagp35 - ok
08:40:41.0779 5264 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:40:41.0784 5264 udfs - ok
08:40:41.0830 5264 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:40:41.0833 5264 UI0Detect - ok
08:40:41.0871 5264 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:40:41.0873 5264 uliagpkx - ok
08:40:41.0901 5264 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:40:41.0903 5264 umbus - ok
08:40:41.0937 5264 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
08:40:41.0938 5264 UmPass - ok
08:40:41.0977 5264 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
08:40:41.0984 5264 upnphost - ok
08:40:42.0051 5264 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
08:40:42.0054 5264 USBAAPL - ok
08:40:42.0098 5264 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:40:42.0101 5264 usbccgp - ok
08:40:42.0141 5264 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:40:42.0143 5264 usbcir - ok
08:40:42.0179 5264 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:40:42.0180 5264 usbehci - ok
08:40:42.0225 5264 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:40:42.0230 5264 usbhub - ok
08:40:42.0252 5264 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:40:42.0253 5264 usbohci - ok
08:40:42.0279 5264 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
08:40:42.0280 5264 usbprint - ok
08:40:42.0305 5264 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:40:42.0308 5264 USBSTOR - ok
08:40:42.0333 5264 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:40:42.0335 5264 usbuhci - ok
08:40:42.0372 5264 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
08:40:42.0376 5264 UxSms - ok
08:40:42.0388 5264 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
08:40:42.0389 5264 VaultSvc - ok
08:40:42.0412 5264 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:40:42.0414 5264 vdrvroot - ok
08:40:42.0457 5264 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
08:40:42.0480 5264 vds - ok
08:40:42.0512 5264 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:40:42.0514 5264 vga - ok
08:40:42.0532 5264 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
08:40:42.0534 5264 VgaSave - ok
08:40:42.0562 5264 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:40:42.0565 5264 vhdmp - ok
08:40:42.0579 5264 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
08:40:42.0581 5264 viaagp - ok
08:40:42.0592 5264 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
08:40:42.0594 5264 ViaC7 - ok
08:40:42.0617 5264 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
08:40:42.0619 5264 viaide - ok
08:40:42.0639 5264 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:40:42.0641 5264 volmgr - ok
08:40:42.0669 5264 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:40:42.0675 5264 volmgrx - ok
08:40:42.0734 5264 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:40:42.0739 5264 volsnap - ok
08:40:42.0773 5264 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:40:42.0777 5264 vsmraid - ok
08:40:42.0856 5264 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
08:40:42.0916 5264 VSS - ok
08:40:42.0943 5264 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
08:40:42.0944 5264 vwifibus - ok
08:40:42.0972 5264 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
08:40:42.0981 5264 W32Time - ok
08:40:43.0001 5264 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:40:43.0005 5264 WacomPen - ok
08:40:43.0026 5264 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:40:43.0028 5264 WANARP - ok
08:40:43.0036 5264 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:40:43.0038 5264 Wanarpv6 - ok
08:40:43.0156 5264 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:40:43.0226 5264 WatAdminSvc - ok
08:40:43.0293 5264 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
08:40:43.0365 5264 wbengine - ok
08:40:43.0386 5264 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:40:43.0392 5264 WbioSrvc - ok
08:40:43.0419 5264 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:40:43.0427 5264 wcncsvc - ok
08:40:43.0465 5264 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:40:43.0469 5264 WcsPlugInService - ok
08:40:43.0498 5264 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
08:40:43.0499 5264 Wd - ok
08:40:43.0580 5264 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:40:43.0603 5264 Wdf01000 - ok
08:40:43.0621 5264 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:40:43.0629 5264 WdiServiceHost - ok
08:40:43.0635 5264 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:40:43.0639 5264 WdiSystemHost - ok
08:40:43.0670 5264 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
08:40:43.0676 5264 WebClient - ok
08:40:43.0699 5264 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:40:43.0705 5264 Wecsvc - ok
08:40:43.0729 5264 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:40:43.0733 5264 wercplsupport - ok
08:40:43.0766 5264 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
08:40:43.0770 5264 WerSvc - ok
08:40:43.0808 5264 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:40:43.0809 5264 WfpLwf - ok
08:40:43.0837 5264 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:40:43.0839 5264 WIMMount - ok
08:40:43.0988 5264 [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
08:40:44.0023 5264 winachsf - ok
08:40:44.0110 5264 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
08:40:44.0146 5264 WinDefend - ok
08:40:44.0159 5264 WinHttpAutoProxySvc - ok
08:40:44.0239 5264 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:40:44.0243 5264 Winmgmt - ok
08:40:44.0329 5264 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
08:40:44.0383 5264 WinRM - ok
08:40:44.0459 5264 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:40:44.0502 5264 Wlansvc - ok
08:40:44.0535 5264 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
08:40:44.0537 5264 WmiAcpi - ok
08:40:44.0566 5264 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:40:44.0569 5264 wmiApSrv - ok
08:40:44.0680 5264 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
08:40:44.0725 5264 WMPNetworkSvc - ok
08:40:44.0745 5264 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:40:44.0749 5264 WPCSvc - ok
08:40:44.0770 5264 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:40:44.0775 5264 WPDBusEnum - ok
08:40:44.0809 5264 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:40:44.0810 5264 ws2ifsl - ok
08:40:44.0850 5264 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
08:40:44.0857 5264 wscsvc - ok
08:40:44.0863 5264 WSearch - ok
08:40:44.0992 5264 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
08:40:45.0087 5264 wuauserv - ok
08:40:45.0134 5264 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:40:45.0136 5264 WudfPf - ok
08:40:45.0170 5264 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:40:45.0174 5264 WUDFRd - ok
08:40:45.0227 5264 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:40:45.0231 5264 wudfsvc - ok
08:40:45.0279 5264 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
08:40:45.0286 5264 WwanSvc - ok
08:40:45.0420 5264 [ 74EC37B9EAF9FCA015B933A526825C7A ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
08:40:45.0424 5264 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
08:40:45.0441 5264 ================ Scan global ===============================
08:40:45.0477 5264 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
08:40:45.0518 5264 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
08:40:45.0530 5264 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
08:40:45.0558 5264 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
08:40:45.0603 5264 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
08:40:45.0610 5264 [Global] - ok
08:40:45.0610 5264 ================ Scan MBR ==================================
08:40:45.0627 5264 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:40:46.0213 5264 \Device\Harddisk0\DR0 - ok
08:40:46.0214 5264 ================ Scan VBR ==================================
08:40:46.0219 5264 [ E036362FF4F376BBE2DAD138D906F6E8 ] \Device\Harddisk0\DR0\Partition1
08:40:46.0221 5264 \Device\Harddisk0\DR0\Partition1 - ok
08:40:46.0267 5264 [ 3296784AACDD200D7884DD68DD8D00E5 ] \Device\Harddisk0\DR0\Partition2
08:40:46.0269 5264 \Device\Harddisk0\DR0\Partition2 - ok
08:40:46.0270 5264 ============================================================
08:40:46.0270 5264 Scan finished
08:40:46.0270 5264 ============================================================
08:40:46.0290 2044 Detected object count: 0
08:40:46.0290 2044 Actual detected object count: 0
08:41:00.0122 4944 Deinitialize success

#8 shorti3232

shorti3232
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:31 PM

Posted 03 December 2012 - 12:27 PM

ASW-
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-03 09:00:59
-----------------------------
09:00:59.006 OS Version: Windows 6.1.7601 Service Pack 1
09:00:59.006 Number of processors: 2 586 0xE08
09:00:59.006 ComputerName: HOME-PC UserName: Home
09:00:59.396 Initialize success
09:01:09.552 AVAST engine defs: 12120300
09:01:18.771 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:01:18.787 Disk 0 Vendor: FUJITSU_MHV2080BH 00850028 Size: 74881MB BusType: 3
09:01:18.802 Disk 0 MBR read successfully
09:01:18.818 Disk 0 MBR scan
09:01:18.834 Disk 0 Windows 7 default MBR code
09:01:18.834 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:01:18.849 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 74779 MB offset 206848
09:01:18.865 Disk 0 scanning sectors +153354240
09:01:18.958 Disk 0 scanning C:\Windows\system32\drivers
09:01:35.198 Service scanning
09:02:02.280 Modules scanning
09:02:13.761 Disk 0 trace - called modules:
09:02:13.793 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
09:02:13.808 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85341030]
09:02:13.808 3 CLASSPNP.SYS[8a97c59e] -> nt!IofCallDriver -> [0x84e7e490]
09:02:13.824 5 ACPI.sys[8a29d3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84e82610]
09:02:14.463 AVAST engine scan C:\Windows
09:02:19.190 AVAST engine scan C:\Windows\system32
09:06:50.677 AVAST engine scan C:\Windows\system32\drivers
09:07:14.561 AVAST engine scan C:\Users\Home
09:22:20.314 AVAST engine scan C:\ProgramData
09:23:00.344 Scan finished successfully
09:23:18.768 Disk 0 MBR has been saved successfully to "C:\Users\Home\Desktop\MBR.dat"
09:23:18.783 The log file has been saved successfully to "C:\Users\Home\Desktop\aswMBR.txt"

#9 shorti3232

shorti3232
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:31 PM

Posted 03 December 2012 - 01:20 PM

ESET-
There is no option to open List of Found Threats.
But it says there are no infected files.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:31 PM

Posted 03 December 2012 - 11:58 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#11 shorti3232

shorti3232
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:31 PM

Posted 05 December 2012 - 11:10 AM

Tip: click inside this box to load the editorMalwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.05.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Home :: HOME-PC [administrator]

12/5/2012 7:29:14 AM
mbam-log-2012-12-05 (07-29-14).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 270293
Time elapsed: 39 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 15
HKCR\CLSID\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044504458} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055505558} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0005058.BHO.1 (PUP.215Apps) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\CLSID\{22222222-2222-2222-2222-220022502258} (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0005058.Sandbox.1 (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0005058.Sandbox (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shopping Sidekick (PUP.215Apps) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nllafhekklanfkimibokomlmidmcmaoi (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\Software\InstalledBrowserExtensions\215 Apps|5058 (PUP.CrossFire.SA) -> Data: Shopping Sidekick -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shopping Sidekick|Publisher (PUP.CrossRider.SSK) -> Data: 215 Apps -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (Hijack.StartMenuInternet) -> Bad: ("C:\Users\Home\AppData\Local\ull.exe" -a "iexplore.exe") Good: (iexplore.exe) -> Quarantined and repaired successfully.

Folders Detected: 1
C:\Program Files\Shopping Sidekick (PUP.CrossRider.SSK) -> Delete on reboot.

Files Detected: 16
C:\Program Files\Shopping Sidekick\Shopping Sidekick.dll (PUP.215Apps) -> Delete on reboot.
C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EM2X950U\Shopping-Sidekick[1] (PUP.215Apps) -> Quarantined and deleted successfully.
C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VXH5FDMX\Setup[1].exe (PUP.BundleInstaller.OI) -> Quarantined and deleted successfully.
C:\Program Files\Shopping Sidekick\Shopping Sidekick-bg.exe (PUP.215Apps) -> Delete on reboot.
C:\Program Files\Shopping Sidekick\Shopping Sidekick.exe (PUP.215Apps) -> Quarantined and deleted successfully.
C:\Program Files\Shopping Sidekick\Uninstall.exe (PUP.215Apps) -> Quarantined and deleted successfully.
C:\Users\Home\firefox.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\Home\iexplore.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Home\igfxtray.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Home\rundll32.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Program Files\Shopping Sidekick\Shopping SidekickInstaller.log (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Program Files\Shopping Sidekick\ButtonUtil.dll (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Program Files\Shopping Sidekick\Shopping Sidekick.ico (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Program Files\Shopping Sidekick\Shopping Sidekick.ini (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Users\Home\Local Settings\Application Data\Shopping Sidekick\Chrome\Shopping Sidekick.crx (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Users\Home\AppData\Local\Shopping Sidekick\Chrome\Shopping Sidekick.crx (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.

(end)

#12 shorti3232

shorti3232
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:31 PM

Posted 05 December 2012 - 11:17 AM

Tip: click inside this box to load the editorMiniToolBox by Farbar Version: 25-11-2012
Ran by Home (administrator) on 05-12-2012 at 08:16:32
Running from "C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EM2X950U"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Home-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-16-41-4B-7F-30
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-13-02-1B-AB-09
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::693a:9926:9e76:3a17%12(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, December 05, 2012 8:12:43 AM
Lease Expires . . . . . . . . . . : Thursday, December 06, 2012 8:12:43 AM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 218108674
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-F9-09-50-00-15-C5-0D-05-53
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller
Physical Address. . . . . . . . . : 00-15-C5-0D-05-53
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{69457B5D-A5BA-4C67-B564-9549F6BEF8EE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2c1e:3d30:9ea1:7257(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c1e:3d30:9ea1:7257%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{D5894271-108D-4DB7-8CD0-0C38E6EDCAC0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 2001:4860:4001:801::1006
74.125.224.66
74.125.224.67
74.125.224.70
74.125.224.72
74.125.224.73
74.125.224.78
74.125.224.69
74.125.224.65
74.125.224.64
74.125.224.71
74.125.224.68


Pinging google.com [74.125.224.128] with 32 bytes of data:
Reply from 74.125.224.128: bytes=32 time=30ms TTL=53
Reply from 74.125.224.128: bytes=32 time=29ms TTL=53

Ping statistics for 74.125.224.128:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 30ms, Average = 29ms
Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=97ms TTL=46
Reply from 98.138.253.109: bytes=32 time=101ms TTL=46

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 97ms, Maximum = 101ms, Average = 99ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...00 16 41 4b 7f 30 ......Bluetooth Device (Personal Area Network)
12...00 13 02 1b ab 09 ......Intel® PRO/Wireless 3945ABG Network Connection
11...00 15 c5 0d 05 53 ......Broadcom 440x 10/100 Integrated Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.8 25
10.0.0.0 255.255.255.0 On-link 10.0.0.8 281
10.0.0.8 255.255.255.255 On-link 10.0.0.8 281
10.0.0.255 255.255.255.255 On-link 10.0.0.8 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.8 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.8 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:2c1e:3d30:9ea1:7257/128
On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::2c1e:3d30:9ea1:7257/128
On-link
12 281 fe80::693a:9926:9e76:3a17/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/05/2012 08:14:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2012 00:17:53 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15569

Error: (12/05/2012 00:17:53 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15569

Error: (12/05/2012 00:17:53 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/05/2012 00:16:51 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 8.0.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8a4

Start Time: 01cdd2ac7d42cdeb

Termination Time: 250

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 17f53d98-3eb4-11e2-9284-0016414b7f30

Error: (12/04/2012 07:22:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17932, time stamp: 0x503275ba
Exception code: 0xe06d7363
Fault offset: 0x0000d3cf
Faulting process id: 0xf10
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (12/04/2012 04:33:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: mshtml.dll, version: 8.0.7601.17940, time stamp: 0x5037b0d7
Exception code: 0xc0000005
Fault offset: 0x00214f60
Faulting process id: 0x594
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (12/04/2012 10:14:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2012 05:09:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2012 04:02:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/05/2012 08:12:27 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (12/05/2012 06:18:00 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (12/04/2012 10:13:05 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (12/03/2012 05:22:30 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{69457B5D-A5BA-4C67-B564-9549F6BEF8EE}.
The backup browser is stopping.

Error: (12/03/2012 05:07:08 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (12/03/2012 04:00:47 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (12/03/2012 03:58:00 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (12/03/2012 03:28:51 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:55:59 PM on ?12/?3/?2012 was unexpected.

Error: (12/03/2012 03:28:18 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (12/03/2012 02:18:10 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.2.2.28595)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.1.102.63)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.16)
Conexant HDA D110 MDC V.92 Modem
CyberLink PowerDVD 10 (Version: 10.0.3715.54)
ESET Online Scanner v3
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
iTunes (Version: 10.6.3.25)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
Norton Internet Security (Version: 19.1.0.28)
Norton Internet Security (Version: 19.6.2.10)
Picasa 3 (Version: 3.8)
PokerStars.net
PricePeep (Version: 2.1.355.0)
Skype™ 6.0 (Version: 6.0.126)
Smart Defrag 2 (Version: 2.3)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.0 (Version: 2.0.0)
Wajam (Version: 1.50)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 3062.44 MB
Available physical RAM: 1881.78 MB
Total Pagefile: 6123.17 MB
Available Pagefile: 4939.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1925.61 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:73.03 GB) (Free:48.31 GB) NTFS

========================= Users: ========================================

User accounts for \\HOME-PC

Administrator Guest Home

========================= Restore Points ==================================

27-11-2012 19:18:27 Windows Update
29-11-2012 20:15:26 Windows Update
03-12-2012 21:57:57 Installed LG Android Driver
03-12-2012 22:37:18 Removed LG Android Driver

**** End of log ****

#13 shorti3232

shorti3232
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:31 PM

Posted 05 December 2012 - 11:18 AM

Tip: click inside this box to load the editorFarbar Service Scanner Version: 04-12-2012
Ran by Home (administrator) on 05-12-2012 at 08:18:04
Running from "C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VXH5FDMX"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-11-15 01:00] - [2012-10-03 08:58] - 1293680 ____A (Microsoft Corporation) E23A56F843E2AEBBB209D0ACCA73C640

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#14 shorti3232

shorti3232
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:31 PM

Posted 05 December 2012 - 11:21 AM

# AdwCleaner v2.011 - Logfile created 12/05/2012 at 08:19:10
# Updated 02/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Home - HOME-PC
# Boot Mode : Normal
# Running from : C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MXZV4LP8\2-adwcleaner[1].exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : WajamUpdater

***** [Files / Folders] *****

File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\wrp7ob3h.default\extensions\pricepeep@getpricepeep.com.xpi
Folder Deleted : C:\Program Files\PricePeep
Folder Deleted : C:\Program Files\Wajam
Folder Deleted : C:\Users\Home\AppData\Local\Wajam
Folder Deleted : C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PricePeep
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005058.BHO
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\Software\Wajam

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\wrp7ob3h.default\prefs.js

C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\wrp7ob3h.default\user.js ... Deleted !

Deleted : user_pref("extensions.crossriderapp5058.5058.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp5058.5058.InstallationTime", 1354578967);
Deleted : user_pref("extensions.crossriderapp5058.5058.InstallationUserSettings.searchUserConifrmation", false[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp5058.5058.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp5058.5058.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp5058.5058.active", true);
Deleted : user_pref("extensions.crossriderapp5058.5058.addressbar", "");
Deleted : user_pref("extensions.crossriderapp5058.5058.addressbarenhanced", "");
Deleted : user_pref("extensions.crossriderapp5058.5058.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.backgroundver", 7);
Deleted : user_pref("extensions.crossriderapp5058.5058.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp5058.5058.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp5058.5058.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie.InstallationTime.value", "1354578967");
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_aoi.value", "1354578967");
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_blocklist.expiration", "Wed Dec 05 2012 08:[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_country_code.expiration", "Mon Dec 10 2012 [...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_country_code.value", "%22US%22");
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_crr.value", "1354724045");
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_parent_zoneid.value", "%2274052%22");
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_pc_20120828.value", "1354583326977");
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_product_id.value", "%221269%22");
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_zoneid.value", "%22114830%22");
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.cookie.dbtest.value", "1354583316649");
Deleted : user_pref("extensions.crossriderapp5058.5058.description", "Shopping Sidekick");
Deleted : user_pref("extensions.crossriderapp5058.5058.domain", "");
Deleted : user_pref("extensions.crossriderapp5058.5058.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp5058.5058.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp5058.5058.group", 0);
Deleted : user_pref("extensions.crossriderapp5058.5058.homepage", "");
Deleted : user_pref("extensions.crossriderapp5058.5058.iframe", false);
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_appVer.value", "41");
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_lastVersion.value", "0");
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_nextCheck.expiration", "Wed Dec 05[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.SoftwareDetected.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp5058.5058.name", "Shopping Sidekick");
Deleted : user_pref("extensions.crossriderapp5058.5058.newtab", "");
Deleted : user_pref("extensions.crossriderapp5058.5058.opensearch", "");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1.ver", 3);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000014.ver", 7);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000015.name", "GPL Background (BG)");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000015.ver", 4);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_16.code", "if((typeof isBackground===\"u[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_16.ver", 4);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_21.ver", 3);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_22.ver", 2);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_28.ver", 2);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_4.ver", 3);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins_lists.plugins_0", "17,14,16,47,1000015");
Deleted : user_pref("extensions.crossriderapp5058.5058.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp5058.5058.pluginsversion", 16);
Deleted : user_pref("extensions.crossriderapp5058.5058.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp5058.5058.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp5058.5058.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp5058.5058.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp5058.5058.thankyou", "");
Deleted : user_pref("extensions.crossriderapp5058.5058.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp5058.5058.ver", 41);
Deleted : user_pref("extensions.crossriderapp5058.adsOldValue", -1);
Deleted : user_pref("extensions.crossriderapp5058.apps", "5058");
Deleted : user_pref("extensions.crossriderapp5058.bic", "13b6374de2183d7b5404c51c4d56e07a");
Deleted : user_pref("extensions.crossriderapp5058.cid", 5058);
Deleted : user_pref("extensions.crossriderapp5058.firstrun", false);
Deleted : user_pref("extensions.crossriderapp5058.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp5058.installationdate", 1354583302);
Deleted : user_pref("extensions.crossriderapp5058.lastcheck", 22578707);
Deleted : user_pref("extensions.crossriderapp5058.lastcheckitem", 22578734);
Deleted : user_pref("extensions.crossriderapp5058.modetype", "production");
Deleted : user_pref("extensions.crossriderapp5058.reportInstall", true);
Deleted : user_pref("extensions.enabledAddons", "crossriderapp5058@crossrider.com:0.86.41,{972ce4c6-7e08-4474-[...]

*************************

AdwCleaner[S1].txt - [16325 octets] - [05/12/2012 08:19:10]

########## EOF - C:\AdwCleaner[S1].txt - [16386 octets] ##########

#15 shorti3232

shorti3232
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:31 PM

Posted 05 December 2012 - 11:28 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.8.5 (12.05.2012:1)
OS: Windows 7 Home Premium x86
Ran by Home on Wed 12/05/2012 at 8:22:49.88
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\wrp7ob3h.default\extensions\crossriderapp5058@crossrider.com
Successfully deleted the following from C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\wrp7ob3h.default\prefs.js

user_pref("extensions.crossrider.bic", "13b6374de2183d7b5404c51c4d56e07a");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/05/2012 at 8:25:20.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thats all of it, Thank you for the help :) anything else i need to do?

Edited by shorti3232, 05 December 2012 - 11:28 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users