Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Services.exe infected with a Backdoor Trojan


  • Please log in to reply
14 replies to this topic

#1 Ryan55

Ryan55

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 06 January 2013 - 10:37 AM

"";"Trojan horse Patched_c.MIS, c:\Windows\System32\services.exe";"Cannot be cleaned
Remove manually"

That was the result of trying to use AVG to clean it up. I also tried using AVG rescue CD but unfortunatly I was not able to heal the file. If I delete or rename it will of course cause my computer to not be able to boot. I've also tried cleaning it up with malwarebytes.

Let me know if there's any other information that I need to provide. Not entirly sure what else to say off the top of my head.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:37 AM

Posted 06 January 2013 - 10:39 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Ryan55

Ryan55
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 06 January 2013 - 03:50 PM

TDSSKiller Report


14:01:34.0282 4540 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:01:34.0641 4540 ============================================================
14:01:34.0641 4540 Current date / time: 2013/01/06 14:01:34.0641
14:01:34.0641 4540 SystemInfo:
14:01:34.0641 4540
14:01:34.0641 4540 OS Version: 6.1.7601 ServicePack: 1.0
14:01:34.0641 4540 Product type: Workstation
14:01:34.0641 4540 ComputerName: JIM-PC
14:01:34.0641 4540 UserName: Jim
14:01:34.0641 4540 Windows directory: C:\Windows
14:01:34.0641 4540 System windows directory: C:\Windows
14:01:34.0641 4540 Running under WOW64
14:01:34.0642 4540 Processor architecture: Intel x64
14:01:34.0642 4540 Number of processors: 4
14:01:34.0642 4540 Page size: 0x1000
14:01:34.0642 4540 Boot type: Normal boot
14:01:34.0642 4540 ============================================================
14:01:36.0071 4540 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:01:36.0089 4540 ============================================================
14:01:36.0089 4540 \Device\Harddisk0\DR0:
14:01:36.0089 4540 MBR partitions:
14:01:36.0089 4540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:01:36.0089 4540 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57513000
14:01:36.0089 4540 ============================================================
14:01:36.0125 4540 C: <-> \Device\Harddisk0\DR0\Partition2
14:01:36.0125 4540 ============================================================
14:01:36.0125 4540 Initialize success
14:01:36.0125 4540 ============================================================
14:01:39.0752 3196 ============================================================
14:01:39.0752 3196 Scan started
14:01:39.0752 3196 Mode: Manual;
14:01:39.0752 3196 ============================================================
14:01:42.0307 3196 ================ Scan system memory ========================
14:01:42.0307 3196 System memory - ok
14:01:42.0308 3196 ================ Scan services =============================
14:01:42.0575 3196 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:01:42.0580 3196 1394ohci - ok
14:01:42.0667 3196 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:01:42.0694 3196 ACPI - ok
14:01:42.0733 3196 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:01:42.0734 3196 AcpiPmi - ok
14:01:42.0803 3196 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:01:42.0805 3196 AdobeARMservice - ok
14:01:42.0922 3196 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:01:42.0924 3196 AdobeFlashPlayerUpdateSvc - ok
14:01:42.0962 3196 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:01:42.0969 3196 adp94xx - ok
14:01:42.0992 3196 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:01:42.0996 3196 adpahci - ok
14:01:43.0002 3196 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:01:43.0007 3196 adpu320 - ok
14:01:43.0070 3196 [ 993F7B0BA5188A0007C085AA10257B8E ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
14:01:43.0076 3196 AdvancedSystemCareService6 - ok
14:01:43.0113 3196 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:01:43.0114 3196 AeLookupSvc - ok
14:01:43.0157 3196 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:01:43.0163 3196 AFD - ok
14:01:43.0197 3196 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:01:43.0198 3196 agp440 - ok
14:01:43.0211 3196 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:01:43.0212 3196 ALG - ok
14:01:43.0240 3196 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:01:43.0241 3196 aliide - ok
14:01:43.0256 3196 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:01:43.0257 3196 amdide - ok
14:01:43.0268 3196 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:01:43.0270 3196 AmdK8 - ok
14:01:43.0281 3196 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:01:43.0283 3196 AmdPPM - ok
14:01:43.0317 3196 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:01:43.0319 3196 amdsata - ok
14:01:43.0324 3196 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:01:43.0327 3196 amdsbs - ok
14:01:43.0345 3196 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:01:43.0347 3196 amdxata - ok
14:01:43.0382 3196 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:01:43.0383 3196 AppID - ok
14:01:43.0401 3196 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:01:43.0402 3196 AppIDSvc - ok
14:01:43.0418 3196 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:01:43.0420 3196 Appinfo - ok
14:01:43.0495 3196 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:01:43.0497 3196 Apple Mobile Device - ok
14:01:43.0520 3196 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:01:43.0522 3196 arc - ok
14:01:43.0540 3196 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:01:43.0542 3196 arcsas - ok
14:01:43.0620 3196 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:01:43.0627 3196 aspnet_state - ok
14:01:43.0655 3196 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:01:43.0656 3196 AsyncMac - ok
14:01:43.0670 3196 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:01:43.0670 3196 atapi - ok
14:01:43.0723 3196 [ 7D89B0C443F6068E5B27AA3B972069FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:01:43.0747 3196 athr - ok
14:01:43.0789 3196 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:01:43.0797 3196 AudioEndpointBuilder - ok
14:01:43.0812 3196 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:01:43.0815 3196 AudioSrv - ok
14:01:43.0927 3196 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
14:01:44.0032 3196 AVGIDSAgent - ok
14:01:44.0087 3196 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:01:44.0090 3196 AVGIDSDriver - ok
14:01:44.0104 3196 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
14:01:44.0105 3196 AVGIDSHA - ok
14:01:44.0135 3196 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
14:01:44.0138 3196 Avgldx64 - ok
14:01:44.0158 3196 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
14:01:44.0161 3196 Avgloga - ok
14:01:44.0177 3196 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
14:01:44.0178 3196 Avgmfx64 - ok
14:01:44.0186 3196 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
14:01:44.0187 3196 Avgrkx64 - ok
14:01:44.0250 3196 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
14:01:44.0259 3196 Avgtdia - ok
14:01:44.0299 3196 [ EFF8B98EA8A7FF52B8A7FD07FED7C6B6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
14:01:44.0300 3196 avgtp - ok
14:01:44.0330 3196 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
14:01:44.0333 3196 avgwd - ok
14:01:44.0364 3196 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:01:44.0366 3196 AxInstSV - ok
14:01:44.0383 3196 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:01:44.0388 3196 b06bdrv - ok
14:01:44.0407 3196 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:01:44.0410 3196 b57nd60a - ok
14:01:44.0449 3196 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:01:44.0451 3196 BDESVC - ok
14:01:44.0455 3196 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:01:44.0457 3196 Beep - ok
14:01:44.0477 3196 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:01:44.0478 3196 blbdrive - ok
14:01:44.0553 3196 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:01:44.0559 3196 Bonjour Service - ok
14:01:44.0594 3196 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:01:44.0596 3196 bowser - ok
14:01:44.0610 3196 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:01:44.0611 3196 BrFiltLo - ok
14:01:44.0626 3196 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:01:44.0627 3196 BrFiltUp - ok
14:01:44.0664 3196 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
14:01:44.0667 3196 Browser - ok
14:01:44.0686 3196 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:01:44.0690 3196 Brserid - ok
14:01:44.0701 3196 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:01:44.0703 3196 BrSerWdm - ok
14:01:44.0717 3196 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:01:44.0719 3196 BrUsbMdm - ok
14:01:44.0725 3196 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:01:44.0726 3196 BrUsbSer - ok
14:01:44.0737 3196 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:01:44.0738 3196 BTHMODEM - ok
14:01:44.0758 3196 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:01:44.0760 3196 bthserv - ok
14:01:44.0784 3196 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:01:44.0785 3196 cdfs - ok
14:01:44.0814 3196 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:01:44.0816 3196 cdrom - ok
14:01:44.0867 3196 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:01:44.0883 3196 CertPropSvc - ok
14:01:44.0902 3196 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:01:44.0903 3196 circlass - ok
14:01:44.0956 3196 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:01:44.0962 3196 CLFS - ok
14:01:45.0027 3196 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:01:45.0029 3196 clr_optimization_v2.0.50727_32 - ok
14:01:45.0076 3196 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:01:45.0079 3196 clr_optimization_v2.0.50727_64 - ok
14:01:45.0125 3196 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:01:45.0128 3196 clr_optimization_v4.0.30319_32 - ok
14:01:45.0145 3196 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:01:45.0149 3196 clr_optimization_v4.0.30319_64 - ok
14:01:45.0169 3196 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:01:45.0170 3196 CmBatt - ok
14:01:45.0198 3196 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:01:45.0199 3196 cmdide - ok
14:01:45.0327 3196 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:01:45.0345 3196 CNG - ok
14:01:45.0362 3196 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:01:45.0363 3196 Compbatt - ok
14:01:45.0391 3196 [ 59D203C3F46F3CA536ECAC0E084CD887 ] CompFilter64 C:\Windows\system32\DRIVERS\lvbflt64.sys
14:01:45.0393 3196 CompFilter64 - ok
14:01:45.0429 3196 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:01:45.0430 3196 CompositeBus - ok
14:01:45.0436 3196 COMSysApp - ok
14:01:45.0454 3196 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:01:45.0456 3196 crcdisk - ok
14:01:45.0497 3196 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:01:45.0500 3196 CryptSvc - ok
14:01:45.0544 3196 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:01:45.0553 3196 DcomLaunch - ok
14:01:45.0591 3196 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:01:45.0596 3196 defragsvc - ok
14:01:45.0626 3196 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
14:01:45.0628 3196 Desura Install Service - ok
14:01:45.0664 3196 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:01:45.0666 3196 DfsC - ok
14:01:45.0682 3196 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:01:45.0686 3196 Dhcp - ok
14:01:45.0697 3196 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:01:45.0698 3196 discache - ok
14:01:45.0709 3196 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:01:45.0710 3196 Disk - ok
14:01:45.0749 3196 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:01:45.0751 3196 Dnscache - ok
14:01:45.0786 3196 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:01:45.0791 3196 dot3svc - ok
14:01:45.0830 3196 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:01:45.0833 3196 DPS - ok
14:01:45.0859 3196 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:01:45.0860 3196 drmkaud - ok
14:01:45.0903 3196 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:01:45.0914 3196 DXGKrnl - ok
14:01:45.0919 3196 EagleX64 - ok
14:01:45.0963 3196 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:01:45.0966 3196 EapHost - ok
14:01:46.0028 3196 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:01:46.0076 3196 ebdrv - ok
14:01:46.0091 3196 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:01:46.0092 3196 EFS - ok
14:01:46.0145 3196 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:01:46.0153 3196 ehRecvr - ok
14:01:46.0186 3196 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:01:46.0188 3196 ehSched - ok
14:01:46.0208 3196 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:01:46.0215 3196 elxstor - ok
14:01:46.0246 3196 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:01:46.0247 3196 ErrDev - ok
14:01:46.0271 3196 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:01:46.0276 3196 EventSystem - ok
14:01:46.0294 3196 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:01:46.0297 3196 exfat - ok
14:01:46.0311 3196 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:01:46.0314 3196 fastfat - ok
14:01:46.0362 3196 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:01:46.0369 3196 Fax - ok
14:01:46.0381 3196 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:01:46.0382 3196 fdc - ok
14:01:46.0394 3196 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:01:46.0395 3196 fdPHost - ok
14:01:46.0405 3196 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:01:46.0407 3196 FDResPub - ok
14:01:46.0417 3196 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:01:46.0419 3196 FileInfo - ok
14:01:46.0430 3196 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:01:46.0431 3196 Filetrace - ok
14:01:46.0448 3196 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:01:46.0459 3196 flpydisk - ok
14:01:46.0535 3196 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:01:46.0540 3196 FltMgr - ok
14:01:46.0589 3196 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:01:46.0611 3196 FontCache - ok
14:01:46.0641 3196 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:01:46.0643 3196 FontCache3.0.0.0 - ok
14:01:46.0660 3196 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:01:46.0661 3196 FsDepends - ok
14:01:46.0695 3196 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:01:46.0696 3196 Fs_Rec - ok
14:01:46.0738 3196 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:01:46.0741 3196 fvevol - ok
14:01:46.0757 3196 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:01:46.0759 3196 gagp30kx - ok
14:01:46.0788 3196 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:01:46.0790 3196 GEARAspiWDM - ok
14:01:46.0818 3196 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:01:46.0828 3196 gpsvc - ok
14:01:46.0891 3196 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:01:46.0894 3196 gupdate - ok
14:01:46.0900 3196 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:01:46.0901 3196 gupdatem - ok
14:01:46.0938 3196 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:01:46.0939 3196 hamachi - ok
14:01:47.0189 3196 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:01:47.0258 3196 Hamachi2Svc - ok
14:01:47.0279 3196 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:01:47.0280 3196 hcw85cir - ok
14:01:47.0319 3196 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:01:47.0323 3196 HdAudAddService - ok
14:01:47.0335 3196 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:01:47.0337 3196 HDAudBus - ok
14:01:47.0370 3196 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:01:47.0371 3196 HECIx64 - ok
14:01:47.0382 3196 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:01:47.0384 3196 HidBatt - ok
14:01:47.0398 3196 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:01:47.0400 3196 HidBth - ok
14:01:47.0439 3196 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:01:47.0441 3196 HidIr - ok
14:01:47.0471 3196 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:01:47.0475 3196 hidserv - ok
14:01:47.0495 3196 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:01:47.0545 3196 HidUsb - ok
14:01:47.0590 3196 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:01:47.0601 3196 hkmsvc - ok
14:01:47.0661 3196 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:01:47.0683 3196 HomeGroupListener - ok
14:01:47.0751 3196 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:01:47.0754 3196 HomeGroupProvider - ok
14:01:47.0770 3196 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:01:47.0771 3196 HpSAMD - ok
14:01:47.0792 3196 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:01:47.0800 3196 HTTP - ok
14:01:47.0816 3196 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:01:47.0817 3196 hwpolicy - ok
14:01:47.0854 3196 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:01:47.0856 3196 i8042prt - ok
14:01:47.0884 3196 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:01:47.0889 3196 iaStorV - ok
14:01:47.0928 3196 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:01:47.0939 3196 idsvc - ok
14:01:48.0162 3196 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:01:48.0333 3196 igfx - ok
14:01:48.0356 3196 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:01:48.0357 3196 iirsp - ok
14:01:48.0422 3196 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:01:48.0432 3196 IKEEXT - ok
14:01:48.0469 3196 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:01:48.0471 3196 intelide - ok
14:01:48.0488 3196 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:01:48.0490 3196 intelppm - ok
14:01:48.0529 3196 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:01:48.0533 3196 IPBusEnum - ok
14:01:48.0552 3196 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:01:48.0554 3196 IpFilterDriver - ok
14:01:48.0575 3196 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:01:48.0577 3196 IPMIDRV - ok
14:01:48.0597 3196 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:01:48.0599 3196 IPNAT - ok
14:01:48.0639 3196 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:01:48.0652 3196 iPod Service - ok
14:01:48.0670 3196 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:01:48.0672 3196 IRENUM - ok
14:01:48.0684 3196 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:01:48.0686 3196 isapnp - ok
14:01:48.0720 3196 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:01:48.0724 3196 iScsiPrt - ok
14:01:48.0760 3196 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
14:01:48.0765 3196 k57nd60a - ok
14:01:48.0779 3196 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:01:48.0780 3196 kbdclass - ok
14:01:48.0789 3196 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:01:48.0790 3196 kbdhid - ok
14:01:48.0800 3196 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:01:48.0801 3196 KeyIso - ok
14:01:48.0834 3196 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:01:48.0836 3196 KSecDD - ok
14:01:48.0870 3196 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:01:48.0872 3196 KSecPkg - ok
14:01:48.0880 3196 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:01:48.0881 3196 ksthunk - ok
14:01:48.0917 3196 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:01:48.0924 3196 KtmRm - ok
14:01:48.0976 3196 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:01:48.0983 3196 LanmanServer - ok
14:01:48.0994 3196 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:01:48.0999 3196 LanmanWorkstation - ok
14:01:49.0017 3196 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:01:49.0019 3196 lltdio - ok
14:01:49.0056 3196 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:01:49.0061 3196 lltdsvc - ok
14:01:49.0080 3196 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:01:49.0083 3196 lmhosts - ok
14:01:49.0100 3196 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:01:49.0102 3196 LSI_FC - ok
14:01:49.0107 3196 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:01:49.0109 3196 LSI_SAS - ok
14:01:49.0114 3196 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:01:49.0115 3196 LSI_SAS2 - ok
14:01:49.0120 3196 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:01:49.0123 3196 LSI_SCSI - ok
14:01:49.0140 3196 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:01:49.0142 3196 luafv - ok
14:01:49.0153 3196 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
14:01:49.0158 3196 LVRS64 - ok
14:01:49.0232 3196 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
14:01:49.0315 3196 LVUVC64 - ok
14:01:49.0361 3196 [ 3D1516114F5B1548864D043177F992A6 ] lxeaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe
14:01:49.0366 3196 lxeaCATSCustConnectService - ok
14:01:49.0370 3196 lxea_device - ok
14:01:49.0410 3196 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
14:01:49.0414 3196 mcdbus - ok
14:01:49.0429 3196 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:01:49.0432 3196 Mcx2Svc - ok
14:01:49.0469 3196 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:01:49.0470 3196 megasas - ok
14:01:49.0476 3196 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:01:49.0480 3196 MegaSR - ok
14:01:49.0496 3196 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:01:49.0498 3196 MMCSS - ok
14:01:49.0515 3196 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:01:49.0517 3196 Modem - ok
14:01:49.0549 3196 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:01:49.0549 3196 monitor - ok
14:01:49.0563 3196 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:01:49.0565 3196 mouclass - ok
14:01:49.0571 3196 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:01:49.0573 3196 mouhid - ok
14:01:49.0604 3196 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:01:49.0606 3196 mountmgr - ok
14:01:49.0651 3196 [ 754DFB3F6339B63312D1A3E642FD4FC9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:01:49.0653 3196 MozillaMaintenance - ok
14:01:49.0690 3196 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:01:49.0693 3196 mpio - ok
14:01:49.0724 3196 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:01:49.0726 3196 mpsdrv - ok
14:01:49.0757 3196 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:01:49.0759 3196 MRxDAV - ok
14:01:49.0793 3196 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:01:49.0795 3196 mrxsmb - ok
14:01:49.0811 3196 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:01:49.0814 3196 mrxsmb10 - ok
14:01:49.0847 3196 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:01:49.0849 3196 mrxsmb20 - ok
14:01:49.0863 3196 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:01:49.0865 3196 msahci - ok
14:01:49.0888 3196 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:01:49.0894 3196 msdsm - ok
14:01:49.0913 3196 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:01:49.0916 3196 MSDTC - ok
14:01:49.0929 3196 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:01:49.0930 3196 Msfs - ok
14:01:49.0944 3196 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:01:49.0945 3196 mshidkmdf - ok
14:01:49.0959 3196 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:01:49.0960 3196 msisadrv - ok
14:01:49.0995 3196 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:01:49.0999 3196 MSiSCSI - ok
14:01:50.0004 3196 msiserver - ok
14:01:50.0018 3196 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:01:50.0019 3196 MSKSSRV - ok
14:01:50.0033 3196 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:01:50.0034 3196 MSPCLOCK - ok
14:01:50.0046 3196 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:01:50.0047 3196 MSPQM - ok
14:01:50.0081 3196 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:01:50.0086 3196 MsRPC - ok
14:01:50.0102 3196 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:01:50.0103 3196 mssmbios - ok
14:01:50.0115 3196 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:01:50.0116 3196 MSTEE - ok
14:01:50.0125 3196 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:01:50.0126 3196 MTConfig - ok
14:01:50.0144 3196 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:01:50.0145 3196 Mup - ok
14:01:50.0178 3196 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:01:50.0185 3196 napagent - ok
14:01:50.0226 3196 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:01:50.0229 3196 NativeWifiP - ok
14:01:50.0354 3196 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:01:50.0373 3196 NDIS - ok
14:01:50.0422 3196 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:01:50.0423 3196 NdisCap - ok
14:01:50.0447 3196 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:01:50.0449 3196 NdisTapi - ok
14:01:50.0459 3196 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:01:50.0461 3196 Ndisuio - ok
14:01:50.0479 3196 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:01:50.0482 3196 NdisWan - ok
14:01:50.0500 3196 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:01:50.0502 3196 NDProxy - ok
14:01:50.0519 3196 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:01:50.0520 3196 NetBIOS - ok
14:01:50.0558 3196 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:01:50.0563 3196 NetBT - ok
14:01:50.0574 3196 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:01:50.0576 3196 Netlogon - ok
14:01:50.0617 3196 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:01:50.0622 3196 Netman - ok
14:01:50.0650 3196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:01:50.0652 3196 NetMsmqActivator - ok
14:01:50.0655 3196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:01:50.0656 3196 NetPipeActivator - ok
14:01:50.0679 3196 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:01:50.0684 3196 netprofm - ok
14:01:50.0700 3196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:01:50.0701 3196 NetTcpActivator - ok
14:01:50.0706 3196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:01:50.0707 3196 NetTcpPortSharing - ok
14:01:50.0723 3196 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:01:50.0724 3196 nfrd960 - ok
14:01:50.0766 3196 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:01:50.0771 3196 NlaSvc - ok
14:01:50.0783 3196 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:01:50.0785 3196 Npfs - ok
14:01:50.0788 3196 npggsvc - ok
14:01:50.0824 3196 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:01:50.0826 3196 nsi - ok
14:01:50.0838 3196 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:01:50.0840 3196 nsiproxy - ok
14:01:50.0899 3196 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:01:50.0935 3196 Ntfs - ok
14:01:50.0948 3196 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:01:50.0949 3196 Null - ok
14:01:50.0985 3196 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:01:50.0988 3196 NVHDA - ok
14:01:51.0224 3196 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:01:51.0410 3196 nvlddmkm - ok
14:01:51.0441 3196 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:01:51.0442 3196 nvraid - ok
14:01:51.0453 3196 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:01:51.0455 3196 nvstor - ok
14:01:51.0490 3196 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
14:01:51.0500 3196 NVSvc - ok
14:01:51.0559 3196 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:01:51.0572 3196 nvUpdatusService - ok
14:01:51.0590 3196 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:01:51.0592 3196 nv_agp - ok
14:01:51.0603 3196 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:01:51.0605 3196 ohci1394 - ok
14:01:51.0639 3196 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:01:51.0644 3196 p2pimsvc - ok
14:01:51.0662 3196 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:01:51.0668 3196 p2psvc - ok
14:01:51.0680 3196 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:01:51.0682 3196 Parport - ok
14:01:51.0711 3196 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:01:51.0713 3196 partmgr - ok
14:01:51.0728 3196 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:01:51.0731 3196 PcaSvc - ok
14:01:51.0807 3196 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
14:01:51.0830 3196 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
14:01:51.0852 3196 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:01:51.0856 3196 pci - ok
14:01:51.0889 3196 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:01:51.0895 3196 pciide - ok
14:01:51.0908 3196 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:01:51.0911 3196 pcmcia - ok
14:01:51.0975 3196 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
14:01:51.0977 3196 pcouffin - ok
14:01:51.0997 3196 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:01:52.0001 3196 pcw - ok
14:01:52.0030 3196 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:01:52.0040 3196 PEAUTH - ok
14:01:52.0149 3196 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:01:52.0151 3196 PerfHost - ok
14:01:52.0211 3196 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:01:52.0235 3196 pla - ok
14:01:52.0277 3196 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:01:52.0282 3196 PlugPlay - ok
14:01:52.0310 3196 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:01:52.0320 3196 PNRPAutoReg - ok
14:01:52.0330 3196 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:01:52.0333 3196 PNRPsvc - ok
14:01:52.0366 3196 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:01:52.0372 3196 PolicyAgent - ok
14:01:52.0404 3196 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:01:52.0408 3196 Power - ok
14:01:52.0428 3196 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:01:52.0430 3196 PptpMiniport - ok
14:01:52.0446 3196 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:01:52.0448 3196 Processor - ok
14:01:52.0474 3196 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:01:52.0479 3196 ProfSvc - ok
14:01:52.0491 3196 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:01:52.0493 3196 ProtectedStorage - ok
14:01:52.0525 3196 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:01:52.0527 3196 Psched - ok
14:01:52.0567 3196 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:01:52.0592 3196 ql2300 - ok
14:01:52.0600 3196 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:01:52.0602 3196 ql40xx - ok
14:01:52.0646 3196 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:01:52.0650 3196 QWAVE - ok
14:01:52.0664 3196 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:01:52.0666 3196 QWAVEdrv - ok
14:01:52.0676 3196 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:01:52.0678 3196 RasAcd - ok
14:01:52.0707 3196 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:01:52.0708 3196 RasAgileVpn - ok
14:01:52.0719 3196 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:01:52.0721 3196 RasAuto - ok
14:01:52.0753 3196 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:01:52.0793 3196 Rasl2tp - ok
14:01:52.0858 3196 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:01:52.0872 3196 RasMan - ok
14:01:52.0890 3196 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:01:52.0892 3196 RasPppoe - ok
14:01:52.0906 3196 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:01:52.0908 3196 RasSstp - ok
14:01:52.0919 3196 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:01:52.0924 3196 rdbss - ok
14:01:52.0935 3196 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:01:52.0937 3196 rdpbus - ok
14:01:52.0954 3196 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:01:52.0955 3196 RDPCDD - ok
14:01:52.0961 3196 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:01:52.0963 3196 RDPENCDD - ok
14:01:52.0974 3196 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:01:52.0975 3196 RDPREFMP - ok
14:01:53.0009 3196 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:01:53.0012 3196 RDPWD - ok
14:01:53.0044 3196 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:01:53.0047 3196 rdyboost - ok
14:01:53.0085 3196 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:01:53.0088 3196 RemoteAccess - ok
14:01:53.0127 3196 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:01:53.0132 3196 RemoteRegistry - ok
14:01:53.0149 3196 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:01:53.0152 3196 RpcEptMapper - ok
14:01:53.0180 3196 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:01:53.0182 3196 RpcLocator - ok
14:01:53.0220 3196 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:01:53.0225 3196 RpcSs - ok
14:01:53.0235 3196 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:01:53.0237 3196 rspndr - ok
14:01:53.0241 3196 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:01:53.0243 3196 SamSs - ok
14:01:53.0271 3196 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:01:53.0273 3196 sbp2port - ok
14:01:53.0294 3196 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:01:53.0299 3196 SCardSvr - ok
14:01:53.0338 3196 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:01:53.0339 3196 scfilter - ok
14:01:53.0376 3196 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:01:53.0393 3196 Schedule - ok
14:01:53.0426 3196 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:01:53.0427 3196 SCPolicySvc - ok
14:01:53.0448 3196 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:01:53.0451 3196 SDRSVC - ok
14:01:53.0541 3196 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:01:53.0558 3196 SDScannerService - ok
14:01:53.0618 3196 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:01:53.0637 3196 SDUpdateService - ok
14:01:53.0651 3196 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:01:53.0653 3196 SDWSCService - ok
14:01:53.0676 3196 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:01:53.0677 3196 secdrv - ok
14:01:53.0685 3196 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:01:53.0687 3196 seclogon - ok
14:01:53.0721 3196 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:01:53.0723 3196 SENS - ok
14:01:53.0738 3196 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:01:53.0740 3196 SensrSvc - ok
14:01:53.0757 3196 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:01:53.0758 3196 Serenum - ok
14:01:53.0765 3196 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:01:53.0767 3196 Serial - ok
14:01:53.0779 3196 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:01:53.0781 3196 sermouse - ok
14:01:53.0820 3196 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:01:53.0823 3196 SessionEnv - ok
14:01:53.0854 3196 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:01:53.0855 3196 sffdisk - ok
14:01:53.0866 3196 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:01:53.0867 3196 sffp_mmc - ok
14:01:53.0881 3196 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:01:53.0887 3196 sffp_sd - ok
14:01:53.0899 3196 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:01:53.0905 3196 sfloppy - ok
14:01:53.0950 3196 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:01:53.0955 3196 ShellHWDetection - ok
14:01:53.0964 3196 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:01:53.0966 3196 SiSRaid2 - ok
14:01:53.0969 3196 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:01:53.0971 3196 SiSRaid4 - ok
14:01:54.0005 3196 [ 17EAB7852FF9F15FBAAB4E95EFC0B812 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:01:54.0007 3196 SkypeUpdate - ok
14:01:54.0024 3196 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:01:54.0033 3196 Smb - ok
14:01:54.0069 3196 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:01:54.0071 3196 SNMPTRAP - ok
14:01:54.0087 3196 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:01:54.0088 3196 spldr - ok
14:01:54.0128 3196 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
14:01:54.0135 3196 Spooler - ok
14:01:54.0350 3196 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:01:54.0461 3196 sppsvc - ok
14:01:54.0497 3196 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:01:54.0501 3196 sppuinotify - ok
14:01:54.0547 3196 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:01:54.0553 3196 srv - ok
14:01:54.0579 3196 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:01:54.0585 3196 srv2 - ok
14:01:54.0616 3196 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:01:54.0619 3196 srvnet - ok
14:01:54.0633 3196 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:01:54.0638 3196 SSDPSRV - ok
14:01:54.0649 3196 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:01:54.0652 3196 SstpSvc - ok
14:01:54.0688 3196 Steam Client Service - ok
14:01:54.0750 3196 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:01:54.0755 3196 Stereo Service - ok
14:01:54.0774 3196 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:01:54.0775 3196 stexstor - ok
14:01:54.0818 3196 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:01:54.0826 3196 stisvc - ok
14:01:54.0835 3196 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:01:54.0836 3196 swenum - ok
14:01:54.0870 3196 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:01:54.0877 3196 swprv - ok
14:01:54.0947 3196 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:01:54.0990 3196 SysMain - ok
14:01:55.0025 3196 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:01:55.0028 3196 TabletInputService - ok
14:01:55.0070 3196 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:01:55.0079 3196 TapiSrv - ok
14:01:55.0093 3196 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:01:55.0097 3196 TBS - ok
14:01:55.0155 3196 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:01:55.0190 3196 Tcpip - ok
14:01:55.0218 3196 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:01:55.0227 3196 TCPIP6 - ok
14:01:55.0259 3196 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:01:55.0260 3196 tcpipreg - ok
14:01:55.0293 3196 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:01:55.0294 3196 TDPIPE - ok
14:01:55.0325 3196 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:01:55.0326 3196 TDTCP - ok
14:01:55.0364 3196 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:01:55.0366 3196 tdx - ok
14:01:55.0381 3196 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:01:55.0383 3196 TermDD - ok
14:01:55.0423 3196 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:01:55.0433 3196 TermService - ok
14:01:55.0466 3196 [ FA5BFB71E561D279EDAE7E118435C1C9 ] TfFsMon C:\Windows\system32\drivers\TfFsMon.sys
14:01:55.0468 3196 TfFsMon - ok
14:01:55.0482 3196 [ FA8400D74345EC4BF10E476CA0AAA2DF ] TfNetMon C:\Windows\system32\drivers\TfNetMon.sys
14:01:55.0483 3196 TfNetMon - ok
14:01:55.0498 3196 [ F11AA1A704A4C027E5E8E0F355523834 ] TfSysMon C:\Windows\system32\drivers\TfSysMon.sys
14:01:55.0500 3196 TfSysMon - ok
14:01:55.0508 3196 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:01:55.0511 3196 Themes - ok
14:01:55.0620 3196 [ 0EDEFED13FAA00E9EAFD27788EAA04AF ] Thorn C:\Users\Jim\AppData\Local\THORN\Thorn.exe
14:01:55.0621 3196 Thorn - ok
14:01:55.0654 3196 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:01:55.0656 3196 THREADORDER - ok
14:01:55.0694 3196 ThreatFire - ok
14:01:55.0726 3196 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:01:55.0731 3196 TrkWks - ok
14:01:55.0770 3196 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:01:55.0773 3196 TrustedInstaller - ok
14:01:55.0796 3196 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:01:55.0798 3196 tssecsrv - ok
14:01:55.0829 3196 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:01:55.0832 3196 TsUsbFlt - ok
14:01:55.0861 3196 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:01:55.0862 3196 tunnel - ok
14:01:55.0882 3196 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:01:55.0889 3196 uagp35 - ok
14:01:55.0926 3196 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:01:55.0930 3196 udfs - ok
14:01:55.0956 3196 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:01:55.0958 3196 UI0Detect - ok
14:01:55.0970 3196 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:01:55.0972 3196 uliagpkx - ok
14:01:55.0985 3196 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:01:55.0986 3196 umbus - ok
14:01:55.0996 3196 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:01:55.0998 3196 UmPass - ok
14:01:56.0035 3196 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:01:56.0040 3196 UMVPFSrv - ok
14:01:56.0057 3196 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:01:56.0062 3196 upnphost - ok
14:01:56.0099 3196 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:01:56.0101 3196 usbaudio - ok
14:01:56.0131 3196 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:01:56.0133 3196 usbccgp - ok
14:01:56.0169 3196 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:01:56.0172 3196 usbcir - ok
14:01:56.0203 3196 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:01:56.0212 3196 usbehci - ok
14:01:56.0258 3196 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:01:56.0262 3196 usbhub - ok
14:01:56.0273 3196 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:01:56.0275 3196 usbohci - ok
14:01:56.0284 3196 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:01:56.0285 3196 usbprint - ok
14:01:56.0319 3196 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:01:56.0321 3196 usbscan - ok
14:01:56.0361 3196 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:01:56.0363 3196 USBSTOR - ok
14:01:56.0378 3196 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:01:56.0380 3196 usbuhci - ok
14:01:56.0398 3196 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:01:56.0401 3196 usbvideo - ok
14:01:56.0418 3196 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:01:56.0420 3196 UxSms - ok
14:01:56.0432 3196 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:01:56.0433 3196 VaultSvc - ok
14:01:56.0446 3196 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:01:56.0447 3196 vdrvroot - ok
14:01:56.0482 3196 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:01:56.0498 3196 vds - ok
14:01:56.0518 3196 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:01:56.0519 3196 vga - ok
14:01:56.0530 3196 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:01:56.0531 3196 VgaSave - ok
14:01:56.0568 3196 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:01:56.0571 3196 vhdmp - ok
14:01:56.0584 3196 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:01:56.0585 3196 viaide - ok
14:01:56.0602 3196 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:01:56.0604 3196 volmgr - ok
14:01:56.0622 3196 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:01:56.0627 3196 volmgrx - ok
14:01:56.0643 3196 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:01:56.0648 3196 volsnap - ok
14:01:56.0662 3196 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:01:56.0664 3196 vsmraid - ok
14:01:56.0727 3196 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:01:56.0749 3196 VSS - ok
14:01:56.0855 3196 [ EF11725916A69DFAF82AB26EC219F088 ] vToolbarUpdater13.3.2 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe
14:01:56.0871 3196 vToolbarUpdater13.3.2 - ok
14:01:56.0881 3196 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:01:56.0882 3196 vwifibus - ok
14:01:56.0891 3196 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:01:56.0892 3196 vwififlt - ok
14:01:56.0896 3196 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:01:56.0897 3196 vwifimp - ok
14:01:56.0928 3196 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:01:56.0933 3196 W32Time - ok
14:01:56.0942 3196 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:01:56.0944 3196 WacomPen - ok
14:01:56.0975 3196 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:01:56.0977 3196 WANARP - ok
14:01:56.0980 3196 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:01:56.0981 3196 Wanarpv6 - ok
14:01:57.0042 3196 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:01:57.0067 3196 WatAdminSvc - ok
14:01:57.0123 3196 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:01:57.0154 3196 wbengine - ok
14:01:57.0168 3196 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:01:57.0172 3196 WbioSrvc - ok
14:01:57.0206 3196 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:01:57.0212 3196 wcncsvc - ok
14:01:57.0229 3196 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:01:57.0232 3196 WcsPlugInService - ok
14:01:57.0262 3196 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:01:57.0263 3196 Wd - ok
14:01:57.0292 3196 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:01:57.0300 3196 Wdf01000 - ok
14:01:57.0314 3196 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:01:57.0317 3196 WdiServiceHost - ok
14:01:57.0321 3196 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:01:57.0324 3196 WdiSystemHost - ok
14:01:57.0342 3196 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:01:57.0347 3196 WebClient - ok
14:01:57.0364 3196 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:01:57.0368 3196 Wecsvc - ok
14:01:57.0383 3196 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:01:57.0385 3196 wercplsupport - ok
14:01:57.0402 3196 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:01:57.0405 3196 WerSvc - ok
14:01:57.0424 3196 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:01:57.0426 3196 WfpLwf - ok
14:01:57.0440 3196 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:01:57.0441 3196 WIMMount - ok
14:01:57.0448 3196 WinHttpAutoProxySvc - ok
14:01:57.0507 3196 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:01:57.0511 3196 Winmgmt - ok
14:01:57.0595 3196 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
14:01:57.0597 3196 WinRing0_1_2_0 - ok
14:01:57.0646 3196 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:01:57.0684 3196 WinRM - ok
14:01:57.0725 3196 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:01:57.0726 3196 WinUsb - ok
14:01:57.0762 3196 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:01:57.0773 3196 Wlansvc - ok
14:01:57.0981 3196 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:01:58.0021 3196 wlidsvc - ok
14:01:58.0071 3196 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:01:58.0109 3196 WmiAcpi - ok
14:01:58.0152 3196 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:01:58.0156 3196 wmiApSrv - ok
14:01:58.0160 3196 WMPNetworkSvc - ok
14:01:58.0182 3196 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:01:58.0185 3196 WPCSvc - ok
14:01:58.0219 3196 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:01:58.0223 3196 WPDBusEnum - ok
14:01:58.0234 3196 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:01:58.0236 3196 ws2ifsl - ok
14:01:58.0240 3196 WSearch - ok
14:01:58.0278 3196 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:01:58.0280 3196 WudfPf - ok
14:01:58.0294 3196 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:01:58.0297 3196 WUDFRd - ok
14:01:58.0323 3196 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:01:58.0326 3196 wudfsvc - ok
14:01:58.0332 3196 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:01:58.0337 3196 WwanSvc - ok
14:01:58.0348 3196 ================ Scan global ===============================
14:01:58.0380 3196 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:01:58.0412 3196 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:01:58.0420 3196 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:01:58.0449 3196 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:01:58.0490 3196 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
14:01:58.0498 3196 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
14:01:58.0498 3196 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
14:01:58.0499 3196 ================ Scan MBR ==================================
14:01:58.0512 3196 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:01:58.0693 3196 \Device\Harddisk0\DR0 - ok
14:01:58.0693 3196 ================ Scan VBR ==================================
14:01:58.0697 3196 [ 51A0E01E4475CE0D32B6FFC25FADA20F ] \Device\Harddisk0\DR0\Partition1
14:01:58.0699 3196 \Device\Harddisk0\DR0\Partition1 - ok
14:01:58.0703 3196 [ 6327B4740C6ACB2DF730BEBDA2CB6BD0 ] \Device\Harddisk0\DR0\Partition2
14:01:58.0705 3196 \Device\Harddisk0\DR0\Partition2 - ok
14:01:58.0706 3196 ============================================================
14:01:58.0706 3196 Scan finished
14:01:58.0706 3196 ============================================================
14:01:58.0721 1364 Detected object count: 1
14:01:58.0721 1364 Actual detected object count: 1

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-06 14:05:15
-----------------------------
14:05:15.773 OS Version: Windows x64 6.1.7601 Service Pack 1
14:05:15.773 Number of processors: 4 586 0x2505
14:05:15.774 ComputerName: JIM-PC UserName: Jim
14:05:21.467 Initialize success
14:09:13.756 AVAST engine defs: 13010601
14:10:22.847 The log file has been saved successfully to "C:\Users\Jim\Downloads\Desktop\aswMBR.txt"

#4 Ryan55

Ryan55
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 06 January 2013 - 07:22 PM

C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\00000004.@ Win64/Conedex.C trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\00000008.@ Win64/Agent.BA trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\000000cb.@ Win64/Conedex.B trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\80000000.@ Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\80000032.@ probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\80000064.@ a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz2A79.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz34B9.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz58E9.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz5A22.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz5ADF.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz644F.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz6653.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz6663.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz7402.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz76B2.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz76F1.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz91BA.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz931E.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz943D.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz94E6.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trz96DB.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzB7DC.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzB889.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzBE07.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzC3D8.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzC51.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzC83C.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzCE6A.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzCF07.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzDAFB.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzE326.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzEAE.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzED89.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzEEA3.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFCA3.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD0.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD01.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD0A.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD0B.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD0C.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD1.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD15.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD16.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD17.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD18.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD19.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD1C.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD1D.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD1E.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD2.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD20.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD23.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD26.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD27.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD29.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD2A.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD2C.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD2D.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD32.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD3A.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD4.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD40.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD47.tmp a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD48.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD4C.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD4F.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD5.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD50.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD51.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD52.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD54.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD55.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD57.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD58.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD5E.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD6.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD63.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD67.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD68.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD71.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD73.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD76.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD78.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD79.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD7D.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD7E.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD8.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD80.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD81.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD84.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD85.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD89.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD8A.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD91.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD98.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD99.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD9A.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD9B.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD9C.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD9E.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDA.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDA0.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDA2.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDA3.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDA8.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDAA.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDAF.tmp a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDB1.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDB2.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDC3.tmp a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDC4.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDC5.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDCA.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDCB.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDCD.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD3.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD4.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD5.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD6.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD7.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD8.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD9.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDDA.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDDC.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDDE.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE0.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE2.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE3.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE4.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE5.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE7.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE9.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDEB.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDEC.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDEE.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDEF.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDF1.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDF3.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDF4.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDFD.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDFE.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE0.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE00.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE03.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE08.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE0E.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE0F.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE1.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE11.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE15.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE16.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE18.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE19.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE1A.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE1B.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE1C.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE1D.tmp a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE1E.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE2.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE21.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE23.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE24.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE27.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE28.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE29.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE2A.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE2D.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE30.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE32.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE3C.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE3D.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE4.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE42.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE43.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE44.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE45.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE48.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE4A.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE4C.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE4F.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE50.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE53.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE54.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE55.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE58.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE5B.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE5D.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE5F.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE61.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE65.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE76.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE79.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE7C.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE8.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE8B.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE8D.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE8F.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE92.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE94.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE96.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE97.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE99.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE9C.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEA.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEA5.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEA6.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEA8.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEAA.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEAD.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEBA.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEBB.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEBC.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEC.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEC9.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFECB.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFECD.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFECF.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFED3.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFED7.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFED8.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFED9.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEDA.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEDB.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEDC.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEDD.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEE1.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEE2.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEE4.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEE5.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEE6.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEE8.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEE9.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEEA.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEEB.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEEE.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEF0.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEF1.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEF4.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEF5.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEFE.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEFF.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF01.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF05.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF06.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF09.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF0A.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF0B.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF10.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF13.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF14.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF17.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF19.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF1A.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF1B.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF1C.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF1D.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF1F.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF25.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF26.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF30.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF32.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF33.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF35.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF37.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF38.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF3A.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF3C.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF3D.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF3E.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF3F.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF4.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF41.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF42.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF46.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF47.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF53.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF58.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF59.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF5D.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF60.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF67.tmp a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF6B.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF6D.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF74.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF75.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF78.tmp a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF79.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF7A.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF7D.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF7F.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF80.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF85.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF8A.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF8B.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF8E.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF91.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF93.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF98.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF99.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF9B.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF9D.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF9E.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFA0.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFA7.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFAB.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFAE.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFAF.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFB0.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFB3.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFB4.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFB5.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFBD.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFBE.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFBF.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFC1.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFC8.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFCA.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFD0.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFD5.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFD6.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFD7.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFD8.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFDD.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFE0.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFE3.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFE5.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFE6.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFE7.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFE8.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFE9.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFEA.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFEB.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFED.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFF1.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFF3.tmp Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFF4.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFFB.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFFC.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFFE.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Temp\_avast_\unp100434423.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp101797952.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp105228414.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp105793948.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp107331873.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp108724760.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp109247505.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp110027810.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp110078811.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp110262233.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp110282120.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp110517686.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp111710672.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp111810721.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp113948409.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp115350065.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp115876560.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp116047754.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp116059143.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp118139272.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp121044383.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp121569826.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp1245779.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp12539531.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp12702797.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp127915809.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp128209633.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp128704404.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp128995263.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp129283994.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp130300002.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp130399149.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp130774838.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp131223096.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp132019355.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp132562545.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp134635089.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp135372346.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp135446875.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp135765422.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp135996150.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp136765056.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp137568289.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp13929926.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp139427644.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp139471549.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp139598462.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp140944269.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp141351900.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp141736985.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp142457891.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp143053295.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp143250982.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp144926212.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp145237809.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp145486700.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp145545135.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp146729848.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp146811591.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp147535398.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp148538067.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp149115949.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp149144220.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp149762122.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp150230039.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp150575124.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp150741176.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp15075657.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp150833259.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp155500830.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp155659856.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp155742781.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp156792827.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp161128113.tmp Win64/Sirefef.AW trojan unable to clean
C:\Windows\Temp\_avast_\unp162801202.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp165115268.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp167116776.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp167154503.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp168702623.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp168932165.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp168938658.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp169182622.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp170043989.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp171387546.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp171714516.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp172583108.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp174153897.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp174730970.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp174965736.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp175132417.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp175481357.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp176116896.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp178123632.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp180030693.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp18223005.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp182862083.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp18396111.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp183970859.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp185025561.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp186153116.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp192966853.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp193689505.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp194481837.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp196093595.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp1992683.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp202901191.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp203595046.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp203849723.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp206272624.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp206617357.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp210626087.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp210756927.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp212849950.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp213514688.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp214736548.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp215158320.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp215656036.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp216946467.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp217262615.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp219661647.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp220226229.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp221522520.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp221797931.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp222020068.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp222518465.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp224023471.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp224790356.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp225081443.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp226775887.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp228962342.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp229172265.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp230832597.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp231686644.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp233681837.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp233744125.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp235799589.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp23749727.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp237806222.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp238104963.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp240695377.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp242726764.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp2427490.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp25071682.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp251253900.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp251656353.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp252367502.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp252965682.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp253291183.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp253405049.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp254300075.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp255694584.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp256394984.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp256898575.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp257557868.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp258299104.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp258401680.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp258504564.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp259457292.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp259707469.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp259717998.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp259763668.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp260369145.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp261752536.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp261800510.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp26210473.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp262152463.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp262437281.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp263373157.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp264231903.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp265269472.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp266208822.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp2690916.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp27802527.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp27929418.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp33287001.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp3356510.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp3835531.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp40993090.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp48300441.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp50488415.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp5189708.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp52083100.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp54458249.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp56144996.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp58732338.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp58958224.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp58986889.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp61119077.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp63230070.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp63334469.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp63567668.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp6709599.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp67725533.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp68407530.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp74389031.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp7565722.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp7607698.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp7753569.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp80656562.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp83366953.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp84182449.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp8542833.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp86931878.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp86985711.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp90849531.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp91329304.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp93944799.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp95004441.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp95452273.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp95509253.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp95974719.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp96358425.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp96755999.tmp probably a variant of Win32/Sirefef.FD trojan unable to clean
C:\Windows\Temp\_avast_\unp98379000.tmp a variant of Win64/Sirefef.AN trojan unable to clean
C:\Windows\Temp\_avast_\unp99325921.tmp a variant of Win64/Sirefef.AN trojan unable to clean

:S

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:37 AM

Posted 08 January 2013 - 07:53 AM

Run TDSSkiller and select CURE for this entry

14:01:58.0498 3196 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)

Restart the PC,run TDSSkiller again and post the new log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#6 Ryan55

Ryan55
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 08 January 2013 - 07:50 PM

18:46:59.0163 4248 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:46:59.0556 4248 ============================================================
18:46:59.0556 4248 Current date / time: 2013/01/08 18:46:59.0556
18:46:59.0556 4248 SystemInfo:
18:46:59.0556 4248
18:46:59.0556 4248 OS Version: 6.1.7601 ServicePack: 1.0
18:46:59.0556 4248 Product type: Workstation
18:46:59.0556 4248 ComputerName: JIM-PC
18:46:59.0556 4248 UserName: Jim
18:46:59.0556 4248 Windows directory: C:\Windows
18:46:59.0556 4248 System windows directory: C:\Windows
18:46:59.0556 4248 Running under WOW64
18:46:59.0557 4248 Processor architecture: Intel x64
18:46:59.0557 4248 Number of processors: 4
18:46:59.0557 4248 Page size: 0x1000
18:46:59.0557 4248 Boot type: Normal boot
18:46:59.0557 4248 ============================================================
18:47:01.0439 4248 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:47:01.0459 4248 ============================================================
18:47:01.0459 4248 \Device\Harddisk0\DR0:
18:47:01.0461 4248 MBR partitions:
18:47:01.0461 4248 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:47:01.0461 4248 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57513000
18:47:01.0461 4248 ============================================================
18:47:01.0501 4248 C: <-> \Device\Harddisk0\DR0\Partition2
18:47:01.0501 4248 ============================================================
18:47:01.0501 4248 Initialize success
18:47:01.0501 4248 ============================================================
18:47:03.0489 5216 ============================================================
18:47:03.0489 5216 Scan started
18:47:03.0489 5216 Mode: Manual;
18:47:03.0489 5216 ============================================================
18:47:07.0116 5216 ================ Scan system memory ========================
18:47:07.0116 5216 System memory - ok
18:47:07.0117 5216 ================ Scan services =============================
18:47:07.0467 5216 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:47:07.0485 5216 1394ohci - ok
18:47:07.0512 5216 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:47:07.0517 5216 ACPI - ok
18:47:07.0551 5216 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:47:07.0561 5216 AcpiPmi - ok
18:47:07.0696 5216 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:47:07.0717 5216 AdobeARMservice - ok
18:47:07.0907 5216 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:47:07.0910 5216 AdobeFlashPlayerUpdateSvc - ok
18:47:07.0947 5216 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:47:07.0971 5216 adp94xx - ok
18:47:08.0001 5216 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:47:08.0019 5216 adpahci - ok
18:47:08.0027 5216 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:47:08.0043 5216 adpu320 - ok
18:47:08.0097 5216 [ 993F7B0BA5188A0007C085AA10257B8E ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
18:47:08.0106 5216 AdvancedSystemCareService6 - ok
18:47:08.0139 5216 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:47:08.0141 5216 AeLookupSvc - ok
18:47:08.0185 5216 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:47:08.0194 5216 AFD - ok
18:47:08.0206 5216 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:47:08.0220 5216 agp440 - ok
18:47:08.0237 5216 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:47:08.0239 5216 ALG - ok
18:47:08.0250 5216 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:47:08.0259 5216 aliide - ok
18:47:08.0290 5216 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:47:08.0313 5216 amdide - ok
18:47:08.0327 5216 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:47:08.0336 5216 AmdK8 - ok
18:47:08.0348 5216 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:47:08.0358 5216 AmdPPM - ok
18:47:08.0393 5216 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:47:08.0419 5216 amdsata - ok
18:47:08.0425 5216 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:47:08.0437 5216 amdsbs - ok
18:47:08.0463 5216 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:47:08.0464 5216 amdxata - ok
18:47:08.0499 5216 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:47:08.0515 5216 AppID - ok
18:47:08.0543 5216 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:47:08.0544 5216 AppIDSvc - ok
18:47:08.0552 5216 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:47:08.0554 5216 Appinfo - ok
18:47:08.0629 5216 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:47:08.0644 5216 Apple Mobile Device - ok
18:47:08.0670 5216 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:47:08.0683 5216 arc - ok
18:47:08.0699 5216 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:47:08.0709 5216 arcsas - ok
18:47:08.0846 5216 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:47:08.0942 5216 aspnet_state - ok
18:47:08.0972 5216 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:47:08.0973 5216 AsyncMac - ok
18:47:08.0987 5216 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:47:08.0988 5216 atapi - ok
18:47:09.0045 5216 [ 7D89B0C443F6068E5B27AA3B972069FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:47:09.0096 5216 athr - ok
18:47:09.0148 5216 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:47:09.0158 5216 AudioEndpointBuilder - ok
18:47:09.0171 5216 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:47:09.0174 5216 AudioSrv - ok
18:47:09.0316 5216 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
18:47:09.0400 5216 AVGIDSAgent - ok
18:47:09.0446 5216 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
18:47:09.0457 5216 AVGIDSDriver - ok
18:47:09.0489 5216 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
18:47:09.0492 5216 AVGIDSHA - ok
18:47:09.0536 5216 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
18:47:09.0551 5216 Avgldx64 - ok
18:47:09.0583 5216 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
18:47:09.0587 5216 Avgloga - ok
18:47:09.0603 5216 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
18:47:09.0605 5216 Avgmfx64 - ok
18:47:09.0637 5216 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
18:47:09.0638 5216 Avgrkx64 - ok
18:47:09.0676 5216 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
18:47:09.0701 5216 Avgtdia - ok
18:47:09.0741 5216 [ EFF8B98EA8A7FF52B8A7FD07FED7C6B6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
18:47:09.0754 5216 avgtp - ok
18:47:09.0789 5216 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
18:47:09.0792 5216 avgwd - ok
18:47:09.0824 5216 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:47:09.0826 5216 AxInstSV - ok
18:47:09.0843 5216 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:47:09.0859 5216 b06bdrv - ok
18:47:09.0875 5216 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:47:09.0888 5216 b57nd60a - ok
18:47:09.0925 5216 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:47:09.0927 5216 BDESVC - ok
18:47:09.0943 5216 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:47:09.0951 5216 Beep - ok
18:47:09.0961 5216 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:47:09.0969 5216 blbdrive - ok
18:47:10.0062 5216 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:47:10.0070 5216 Bonjour Service - ok
18:47:10.0103 5216 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:47:10.0106 5216 bowser - ok
18:47:10.0119 5216 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:47:10.0129 5216 BrFiltLo - ok
18:47:10.0144 5216 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:47:10.0154 5216 BrFiltUp - ok
18:47:10.0190 5216 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
18:47:10.0193 5216 Browser - ok
18:47:10.0212 5216 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:47:10.0230 5216 Brserid - ok
18:47:10.0252 5216 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:47:10.0261 5216 BrSerWdm - ok
18:47:10.0276 5216 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:47:10.0285 5216 BrUsbMdm - ok
18:47:10.0292 5216 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:47:10.0300 5216 BrUsbSer - ok
18:47:10.0312 5216 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:47:10.0322 5216 BTHMODEM - ok
18:47:10.0342 5216 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:47:10.0344 5216 bthserv - ok
18:47:10.0367 5216 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:47:10.0370 5216 cdfs - ok
18:47:10.0398 5216 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:47:10.0410 5216 cdrom - ok
18:47:10.0443 5216 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:47:10.0445 5216 CertPropSvc - ok
18:47:10.0461 5216 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:47:10.0470 5216 circlass - ok
18:47:10.0506 5216 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:47:10.0510 5216 CLFS - ok
18:47:10.0569 5216 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:47:10.0604 5216 clr_optimization_v2.0.50727_32 - ok
18:47:10.0677 5216 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:47:10.0694 5216 clr_optimization_v2.0.50727_64 - ok
18:47:10.0733 5216 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:47:10.0785 5216 clr_optimization_v4.0.30319_32 - ok
18:47:10.0804 5216 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:47:10.0829 5216 clr_optimization_v4.0.30319_64 - ok
18:47:10.0878 5216 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:47:10.0886 5216 CmBatt - ok
18:47:10.0907 5216 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:47:10.0915 5216 cmdide - ok
18:47:10.0951 5216 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:47:10.0956 5216 CNG - ok
18:47:10.0971 5216 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:47:10.0980 5216 Compbatt - ok
18:47:11.0000 5216 [ 59D203C3F46F3CA536ECAC0E084CD887 ] CompFilter64 C:\Windows\system32\DRIVERS\lvbflt64.sys
18:47:11.0009 5216 CompFilter64 - ok
18:47:11.0038 5216 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:47:11.0047 5216 CompositeBus - ok
18:47:11.0055 5216 COMSysApp - ok
18:47:11.0100 5216 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:47:11.0110 5216 crcdisk - ok
18:47:11.0147 5216 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:47:11.0150 5216 CryptSvc - ok
18:47:11.0194 5216 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:47:11.0228 5216 DcomLaunch - ok
18:47:11.0259 5216 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:47:11.0264 5216 defragsvc - ok
18:47:11.0301 5216 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
18:47:11.0365 5216 Desura Install Service - ok
18:47:11.0414 5216 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:47:11.0418 5216 DfsC - ok
18:47:11.0434 5216 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:47:11.0440 5216 Dhcp - ok
18:47:11.0456 5216 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:47:11.0458 5216 discache - ok
18:47:11.0468 5216 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:47:11.0471 5216 Disk - ok
18:47:11.0527 5216 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:47:11.0548 5216 Dnscache - ok
18:47:11.0579 5216 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:47:11.0584 5216 dot3svc - ok
18:47:11.0623 5216 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:47:11.0626 5216 DPS - ok
18:47:11.0660 5216 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:47:11.0661 5216 drmkaud - ok
18:47:11.0688 5216 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:47:11.0717 5216 DXGKrnl - ok
18:47:11.0722 5216 EagleX64 - ok
18:47:11.0756 5216 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:47:11.0758 5216 EapHost - ok
18:47:11.0817 5216 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:47:11.0865 5216 ebdrv - ok
18:47:11.0900 5216 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:47:11.0902 5216 EFS - ok
18:47:11.0973 5216 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:47:11.0983 5216 ehRecvr - ok
18:47:12.0011 5216 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:47:12.0014 5216 ehSched - ok
18:47:12.0034 5216 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:47:12.0059 5216 elxstor - ok
18:47:12.0088 5216 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:47:12.0098 5216 ErrDev - ok
18:47:12.0139 5216 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:47:12.0145 5216 EventSystem - ok
18:47:12.0161 5216 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:47:12.0174 5216 exfat - ok
18:47:12.0196 5216 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:47:12.0206 5216 fastfat - ok
18:47:12.0246 5216 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:47:12.0258 5216 Fax - ok
18:47:12.0274 5216 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:47:12.0286 5216 fdc - ok
18:47:12.0303 5216 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:47:12.0305 5216 fdPHost - ok
18:47:12.0315 5216 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:47:12.0316 5216 FDResPub - ok
18:47:12.0327 5216 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:47:12.0329 5216 FileInfo - ok
18:47:12.0339 5216 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:47:12.0341 5216 Filetrace - ok
18:47:12.0357 5216 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:47:12.0366 5216 flpydisk - ok
18:47:12.0398 5216 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:47:12.0552 5216 FltMgr - ok
18:47:12.0605 5216 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:47:12.0629 5216 FontCache - ok
18:47:12.0649 5216 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:47:12.0695 5216 FontCache3.0.0.0 - ok
18:47:12.0709 5216 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:47:12.0711 5216 FsDepends - ok
18:47:12.0745 5216 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:47:12.0760 5216 Fs_Rec - ok
18:47:12.0778 5216 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:47:12.0782 5216 fvevol - ok
18:47:12.0798 5216 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:47:12.0808 5216 gagp30kx - ok
18:47:12.0838 5216 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:47:12.0858 5216 GEARAspiWDM - ok
18:47:12.0907 5216 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:47:12.0916 5216 gpsvc - ok
18:47:12.0974 5216 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:47:12.0977 5216 gupdate - ok
18:47:12.0984 5216 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:47:12.0986 5216 gupdatem - ok
18:47:13.0021 5216 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:47:13.0035 5216 hamachi - ok
18:47:13.0166 5216 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:47:13.0210 5216 Hamachi2Svc - ok
18:47:13.0228 5216 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:47:13.0240 5216 hcw85cir - ok
18:47:13.0277 5216 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:47:13.0292 5216 HdAudAddService - ok
18:47:13.0301 5216 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:47:13.0303 5216 HDAudBus - ok
18:47:13.0336 5216 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:47:13.0345 5216 HECIx64 - ok
18:47:13.0357 5216 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:47:13.0366 5216 HidBatt - ok
18:47:13.0381 5216 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:47:13.0391 5216 HidBth - ok
18:47:13.0406 5216 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:47:13.0416 5216 HidIr - ok
18:47:13.0446 5216 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:47:13.0448 5216 hidserv - ok
18:47:13.0469 5216 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:47:13.0482 5216 HidUsb - ok
18:47:13.0523 5216 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:47:13.0526 5216 hkmsvc - ok
18:47:13.0561 5216 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:47:13.0566 5216 HomeGroupListener - ok
18:47:13.0602 5216 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:47:13.0608 5216 HomeGroupProvider - ok
18:47:13.0628 5216 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:47:13.0643 5216 HpSAMD - ok
18:47:13.0668 5216 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:47:13.0680 5216 HTTP - ok
18:47:13.0691 5216 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:47:13.0692 5216 hwpolicy - ok
18:47:13.0720 5216 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:47:13.0731 5216 i8042prt - ok
18:47:13.0754 5216 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:47:13.0768 5216 iaStorV - ok
18:47:13.0819 5216 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:47:13.0877 5216 idsvc - ok
18:47:14.0071 5216 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:47:14.0340 5216 igfx - ok
18:47:14.0372 5216 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:47:14.0381 5216 iirsp - ok
18:47:14.0452 5216 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:47:14.0467 5216 IKEEXT - ok
18:47:14.0486 5216 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:47:14.0497 5216 intelide - ok
18:47:14.0513 5216 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:47:14.0528 5216 intelppm - ok
18:47:14.0587 5216 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:47:14.0608 5216 IPBusEnum - ok
18:47:14.0635 5216 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:47:14.0670 5216 IpFilterDriver - ok
18:47:14.0701 5216 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:47:14.0735 5216 IPMIDRV - ok
18:47:14.0756 5216 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:47:14.0767 5216 IPNAT - ok
18:47:14.0814 5216 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:47:14.0828 5216 iPod Service - ok
18:47:14.0846 5216 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:47:14.0847 5216 IRENUM - ok
18:47:14.0864 5216 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:47:14.0873 5216 isapnp - ok
18:47:14.0887 5216 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:47:14.0900 5216 iScsiPrt - ok
18:47:14.0935 5216 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
18:47:14.0950 5216 k57nd60a - ok
18:47:14.0963 5216 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:47:14.0974 5216 kbdclass - ok
18:47:14.0982 5216 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:47:14.0991 5216 kbdhid - ok
18:47:15.0000 5216 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:47:15.0002 5216 KeyIso - ok
18:47:15.0035 5216 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:47:15.0037 5216 KSecDD - ok
18:47:15.0071 5216 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:47:15.0073 5216 KSecPkg - ok
18:47:15.0080 5216 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:47:15.0090 5216 ksthunk - ok
18:47:15.0126 5216 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:47:15.0142 5216 KtmRm - ok
18:47:15.0193 5216 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:47:15.0200 5216 LanmanServer - ok
18:47:15.0211 5216 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:47:15.0216 5216 LanmanWorkstation - ok
18:47:15.0234 5216 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:47:15.0237 5216 lltdio - ok
18:47:15.0273 5216 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:47:15.0286 5216 lltdsvc - ok
18:47:15.0290 5216 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:47:15.0292 5216 lmhosts - ok
18:47:15.0309 5216 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:47:15.0321 5216 LSI_FC - ok
18:47:15.0326 5216 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:47:15.0342 5216 LSI_SAS - ok
18:47:15.0346 5216 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:47:15.0356 5216 LSI_SAS2 - ok
18:47:15.0360 5216 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:47:15.0369 5216 LSI_SCSI - ok
18:47:15.0382 5216 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:47:15.0384 5216 luafv - ok
18:47:15.0395 5216 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
18:47:15.0409 5216 LVRS64 - ok
18:47:15.0478 5216 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
18:47:15.0629 5216 LVUVC64 - ok
18:47:15.0695 5216 [ 3D1516114F5B1548864D043177F992A6 ] lxeaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe
18:47:15.0702 5216 lxeaCATSCustConnectService - ok
18:47:15.0707 5216 lxea_device - ok
18:47:15.0745 5216 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
18:47:15.0777 5216 mcdbus - ok
18:47:15.0797 5216 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:47:15.0807 5216 Mcx2Svc - ok
18:47:15.0819 5216 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:47:15.0829 5216 megasas - ok
18:47:15.0837 5216 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:47:15.0851 5216 MegaSR - ok
18:47:15.0863 5216 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:47:15.0865 5216 MMCSS - ok
18:47:15.0883 5216 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:47:15.0892 5216 Modem - ok
18:47:15.0924 5216 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:47:15.0926 5216 monitor - ok
18:47:15.0939 5216 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:47:15.0949 5216 mouclass - ok
18:47:15.0955 5216 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:47:15.0962 5216 mouhid - ok
18:47:15.0988 5216 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:47:15.0990 5216 mountmgr - ok
18:47:16.0036 5216 [ 754DFB3F6339B63312D1A3E642FD4FC9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:47:16.0066 5216 MozillaMaintenance - ok
18:47:16.0104 5216 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:47:16.0119 5216 mpio - ok
18:47:16.0133 5216 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:47:16.0146 5216 mpsdrv - ok
18:47:16.0182 5216 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:47:16.0197 5216 MRxDAV - ok
18:47:16.0235 5216 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:47:16.0238 5216 mrxsmb - ok
18:47:16.0254 5216 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:47:16.0260 5216 mrxsmb10 - ok
18:47:16.0289 5216 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:47:16.0293 5216 mrxsmb20 - ok
18:47:16.0306 5216 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:47:16.0318 5216 msahci - ok
18:47:16.0333 5216 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:47:16.0348 5216 msdsm - ok
18:47:16.0364 5216 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:47:16.0377 5216 MSDTC - ok
18:47:16.0396 5216 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:47:16.0398 5216 Msfs - ok
18:47:16.0411 5216 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:47:16.0413 5216 mshidkmdf - ok
18:47:16.0426 5216 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:47:16.0428 5216 msisadrv - ok
18:47:16.0462 5216 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:47:16.0471 5216 MSiSCSI - ok
18:47:16.0475 5216 msiserver - ok
18:47:16.0485 5216 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:47:16.0487 5216 MSKSSRV - ok
18:47:16.0500 5216 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:47:16.0501 5216 MSPCLOCK - ok
18:47:16.0538 5216 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:47:16.0539 5216 MSPQM - ok
18:47:16.0574 5216 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:47:16.0579 5216 MsRPC - ok
18:47:16.0594 5216 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:47:16.0596 5216 mssmbios - ok
18:47:16.0607 5216 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:47:16.0608 5216 MSTEE - ok
18:47:16.0617 5216 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:47:16.0627 5216 MTConfig - ok
18:47:16.0644 5216 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:47:16.0646 5216 Mup - ok
18:47:16.0678 5216 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:47:16.0684 5216 napagent - ok
18:47:16.0701 5216 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:47:16.0705 5216 NativeWifiP - ok
18:47:16.0749 5216 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:47:16.0760 5216 NDIS - ok
18:47:16.0772 5216 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:47:16.0781 5216 NdisCap - ok
18:47:16.0798 5216 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:47:16.0806 5216 NdisTapi - ok
18:47:16.0818 5216 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:47:16.0819 5216 Ndisuio - ok
18:47:16.0829 5216 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:47:16.0838 5216 NdisWan - ok
18:47:16.0867 5216 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:47:16.0875 5216 NDProxy - ok
18:47:16.0886 5216 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:47:16.0888 5216 NetBIOS - ok
18:47:16.0924 5216 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:47:16.0928 5216 NetBT - ok
18:47:16.0942 5216 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:47:16.0943 5216 Netlogon - ok
18:47:16.0984 5216 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:47:16.0990 5216 Netman - ok
18:47:17.0018 5216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:47:17.0197 5216 NetMsmqActivator - ok
18:47:17.0200 5216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:47:17.0201 5216 NetPipeActivator - ok
18:47:17.0249 5216 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:47:17.0258 5216 netprofm - ok
18:47:17.0264 5216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:47:17.0266 5216 NetTcpActivator - ok
18:47:17.0274 5216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:47:17.0276 5216 NetTcpPortSharing - ok
18:47:17.0290 5216 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:47:17.0299 5216 nfrd960 - ok
18:47:17.0333 5216 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:47:17.0338 5216 NlaSvc - ok
18:47:17.0350 5216 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:47:17.0352 5216 Npfs - ok
18:47:17.0355 5216 npggsvc - ok
18:47:17.0366 5216 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:47:17.0368 5216 nsi - ok
18:47:17.0381 5216 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:47:17.0383 5216 nsiproxy - ok
18:47:17.0437 5216 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:47:17.0461 5216 Ntfs - ok
18:47:17.0473 5216 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:47:17.0481 5216 Null - ok
18:47:17.0511 5216 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:47:17.0545 5216 NVHDA - ok
18:47:18.0269 5216 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:47:18.0399 5216 nvlddmkm - ok
18:47:18.0425 5216 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:47:18.0435 5216 nvraid - ok
18:47:18.0453 5216 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:47:18.0464 5216 nvstor - ok
18:47:18.0499 5216 [ A83AC04D672567CAF8BE7A4D73C0B850 ] NVSvc C:\Windows\system32\nvvsvc.exe
18:47:18.0510 5216 NVSvc - ok
18:47:18.0573 5216 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:47:18.0584 5216 nvUpdatusService - ok
18:47:18.0616 5216 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:47:18.0628 5216 nv_agp - ok
18:47:18.0654 5216 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:47:18.0664 5216 ohci1394 - ok
18:47:18.0682 5216 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:47:18.0688 5216 p2pimsvc - ok
18:47:18.0705 5216 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:47:18.0712 5216 p2psvc - ok
18:47:18.0747 5216 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:47:18.0758 5216 Parport - ok
18:47:18.0787 5216 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:47:18.0789 5216 partmgr - ok
18:47:18.0803 5216 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:47:18.0807 5216 PcaSvc - ok
18:47:18.0818 5216 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:47:18.0821 5216 pci - ok
18:47:18.0831 5216 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:47:18.0833 5216 pciide - ok
18:47:18.0840 5216 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:47:18.0853 5216 pcmcia - ok
18:47:18.0925 5216 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
18:47:18.0939 5216 pcouffin - ok
18:47:18.0947 5216 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:47:18.0950 5216 pcw - ok
18:47:18.0970 5216 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:47:18.0979 5216 PEAUTH - ok
18:47:19.0066 5216 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:47:19.0069 5216 PerfHost - ok
18:47:19.0129 5216 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:47:19.0154 5216 pla - ok
18:47:19.0186 5216 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:47:19.0194 5216 PlugPlay - ok
18:47:19.0203 5216 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:47:19.0205 5216 PNRPAutoReg - ok
18:47:19.0213 5216 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:47:19.0216 5216 PNRPsvc - ok
18:47:19.0258 5216 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:47:19.0273 5216 PolicyAgent - ok
18:47:19.0305 5216 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:47:19.0308 5216 Power - ok
18:47:19.0345 5216 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:47:19.0357 5216 PptpMiniport - ok
18:47:19.0372 5216 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:47:19.0382 5216 Processor - ok
18:47:19.0416 5216 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:47:19.0420 5216 ProfSvc - ok
18:47:19.0433 5216 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:47:19.0435 5216 ProtectedStorage - ok
18:47:19.0467 5216 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:47:19.0470 5216 Psched - ok
18:47:19.0507 5216 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:47:19.0538 5216 ql2300 - ok
18:47:19.0557 5216 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:47:19.0568 5216 ql40xx - ok
18:47:19.0596 5216 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:47:19.0601 5216 QWAVE - ok
18:47:19.0615 5216 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:47:19.0617 5216 QWAVEdrv - ok
18:47:19.0627 5216 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:47:19.0635 5216 RasAcd - ok
18:47:19.0666 5216 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:47:19.0675 5216 RasAgileVpn - ok
18:47:19.0703 5216 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:47:19.0706 5216 RasAuto - ok
18:47:19.0746 5216 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:47:19.0760 5216 Rasl2tp - ok
18:47:19.0784 5216 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:47:19.0792 5216 RasMan - ok
18:47:19.0807 5216 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:47:19.0820 5216 RasPppoe - ok
18:47:19.0831 5216 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:47:19.0845 5216 RasSstp - ok
18:47:19.0885 5216 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:47:19.0889 5216 rdbss - ok
18:47:19.0903 5216 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:47:19.0911 5216 rdpbus - ok
18:47:19.0929 5216 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:47:19.0931 5216 RDPCDD - ok
18:47:19.0936 5216 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:47:19.0937 5216 RDPENCDD - ok
18:47:19.0949 5216 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:47:19.0951 5216 RDPREFMP - ok
18:47:19.0984 5216 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:47:19.0998 5216 RDPWD - ok
18:47:20.0028 5216 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:47:20.0032 5216 rdyboost - ok
18:47:20.0069 5216 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:47:20.0072 5216 RemoteAccess - ok
18:47:20.0110 5216 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:47:20.0114 5216 RemoteRegistry - ok
18:47:20.0132 5216 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:47:20.0136 5216 RpcEptMapper - ok
18:47:20.0164 5216 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:47:20.0166 5216 RpcLocator - ok
18:47:20.0204 5216 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:47:20.0212 5216 RpcSs - ok
18:47:20.0227 5216 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:47:20.0230 5216 rspndr - ok
18:47:20.0236 5216 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:47:20.0238 5216 SamSs - ok
18:47:20.0272 5216 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:47:20.0284 5216 sbp2port - ok
18:47:20.0303 5216 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:47:20.0308 5216 SCardSvr - ok
18:47:20.0347 5216 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:47:20.0367 5216 scfilter - ok
18:47:20.0399 5216 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:47:20.0412 5216 Schedule - ok
18:47:20.0443 5216 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:47:20.0443 5216 SCPolicySvc - ok
18:47:20.0456 5216 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:47:20.0459 5216 SDRSVC - ok
18:47:20.0725 5216 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
18:47:20.0745 5216 SDScannerService - ok
18:47:21.0050 5216 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
18:47:21.0071 5216 SDUpdateService - ok
18:47:21.0093 5216 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
18:47:21.0096 5216 SDWSCService - ok
18:47:21.0118 5216 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:47:21.0120 5216 secdrv - ok
18:47:21.0128 5216 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:47:21.0130 5216 seclogon - ok
18:47:21.0163 5216 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:47:21.0166 5216 SENS - ok
18:47:21.0180 5216 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:47:21.0182 5216 SensrSvc - ok
18:47:21.0191 5216 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:47:21.0199 5216 Serenum - ok
18:47:21.0210 5216 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:47:21.0221 5216 Serial - ok
18:47:21.0238 5216 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:47:21.0245 5216 sermouse - ok
18:47:21.0287 5216 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:47:21.0291 5216 SessionEnv - ok
18:47:21.0321 5216 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:47:21.0330 5216 sffdisk - ok
18:47:21.0341 5216 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:47:21.0351 5216 sffp_mmc - ok
18:47:21.0365 5216 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:47:21.0373 5216 sffp_sd - ok
18:47:21.0382 5216 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:47:21.0390 5216 sfloppy - ok
18:47:21.0435 5216 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:47:21.0444 5216 ShellHWDetection - ok
18:47:21.0457 5216 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:47:21.0467 5216 SiSRaid2 - ok
18:47:21.0473 5216 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:47:21.0482 5216 SiSRaid4 - ok
18:47:21.0515 5216 [ 17EAB7852FF9F15FBAAB4E95EFC0B812 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:47:21.0518 5216 SkypeUpdate - ok
18:47:21.0533 5216 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:47:21.0543 5216 Smb - ok
18:47:21.0578 5216 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:47:21.0580 5216 SNMPTRAP - ok
18:47:21.0596 5216 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:47:21.0598 5216 spldr - ok
18:47:21.0648 5216 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
18:47:21.0660 5216 Spooler - ok
18:47:21.0761 5216 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:47:21.0840 5216 sppsvc - ok
18:47:21.0864 5216 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:47:21.0867 5216 sppuinotify - ok
18:47:21.0904 5216 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:47:21.0930 5216 srv - ok
18:47:21.0945 5216 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:47:21.0952 5216 srv2 - ok
18:47:21.0983 5216 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:47:21.0986 5216 srvnet - ok
18:47:21.0999 5216 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:47:22.0003 5216 SSDPSRV - ok
18:47:22.0016 5216 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:47:22.0019 5216 SstpSvc - ok
18:47:22.0055 5216 Steam Client Service - ok
18:47:22.0144 5216 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:47:22.0151 5216 Stereo Service - ok
18:47:22.0166 5216 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:47:22.0179 5216 stexstor - ok
18:47:22.0220 5216 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:47:22.0231 5216 stisvc - ok
18:47:22.0269 5216 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:47:22.0289 5216 swenum - ok
18:47:22.0355 5216 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:47:22.0366 5216 swprv - ok
18:47:22.0427 5216 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:47:22.0462 5216 SysMain - ok
18:47:22.0517 5216 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:47:22.0522 5216 TabletInputService - ok
18:47:22.0562 5216 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:47:22.0569 5216 TapiSrv - ok
18:47:22.0585 5216 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:47:22.0589 5216 TBS - ok
18:47:22.0645 5216 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:47:22.0679 5216 Tcpip - ok
18:47:22.0702 5216 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:47:22.0711 5216 TCPIP6 - ok
18:47:22.0743 5216 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:47:22.0744 5216 tcpipreg - ok
18:47:22.0760 5216 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:47:22.0768 5216 TDPIPE - ok
18:47:22.0800 5216 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:47:22.0808 5216 TDTCP - ok
18:47:22.0839 5216 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:47:22.0853 5216 tdx - ok
18:47:22.0865 5216 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:47:22.0880 5216 TermDD - ok
18:47:22.0925 5216 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:47:22.0939 5216 TermService - ok
18:47:22.0975 5216 [ FA5BFB71E561D279EDAE7E118435C1C9 ] TfFsMon C:\Windows\system32\drivers\TfFsMon.sys
18:47:22.0979 5216 TfFsMon - ok
18:47:22.0991 5216 [ FA8400D74345EC4BF10E476CA0AAA2DF ] TfNetMon C:\Windows\system32\drivers\TfNetMon.sys
18:47:22.0992 5216 TfNetMon - ok
18:47:23.0007 5216 [ F11AA1A704A4C027E5E8E0F355523834 ] TfSysMon C:\Windows\system32\drivers\TfSysMon.sys
18:47:23.0026 5216 TfSysMon - ok
18:47:23.0075 5216 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:47:23.0094 5216 Themes - ok
18:47:23.0385 5216 [ 0EDEFED13FAA00E9EAFD27788EAA04AF ] Thorn C:\Users\Jim\AppData\Local\THORN\Thorn.exe
18:47:23.0466 5216 Thorn - ok
18:47:23.0530 5216 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:47:23.0533 5216 THREADORDER - ok
18:47:23.0716 5216 ThreatFire - ok
18:47:23.0785 5216 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:47:23.0826 5216 TrkWks - ok
18:47:23.0871 5216 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:47:23.0874 5216 TrustedInstaller - ok
18:47:23.0913 5216 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:47:23.0915 5216 tssecsrv - ok
18:47:23.0946 5216 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:47:23.0948 5216 TsUsbFlt - ok
18:47:23.0978 5216 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:47:23.0993 5216 tunnel - ok
18:47:24.0016 5216 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:47:24.0027 5216 uagp35 - ok
18:47:24.0062 5216 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:47:24.0074 5216 udfs - ok
18:47:24.0131 5216 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:47:24.0135 5216 UI0Detect - ok
18:47:24.0154 5216 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:47:24.0168 5216 uliagpkx - ok
18:47:24.0203 5216 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:47:24.0217 5216 umbus - ok
18:47:24.0230 5216 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:47:24.0238 5216 UmPass - ok
18:47:24.0277 5216 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
18:47:24.0283 5216 UMVPFSrv - ok
18:47:24.0300 5216 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:47:24.0309 5216 upnphost - ok
18:47:24.0349 5216 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:47:24.0365 5216 usbaudio - ok
18:47:24.0398 5216 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:47:24.0415 5216 usbccgp - ok
18:47:24.0445 5216 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:47:24.0459 5216 usbcir - ok
18:47:24.0495 5216 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:47:24.0507 5216 usbehci - ok
18:47:24.0550 5216 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:47:24.0567 5216 usbhub - ok
18:47:24.0582 5216 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:47:24.0590 5216 usbohci - ok
18:47:24.0601 5216 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:47:24.0610 5216 usbprint - ok
18:47:24.0645 5216 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:47:24.0671 5216 usbscan - ok
18:47:24.0704 5216 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:47:24.0719 5216 USBSTOR - ok
18:47:24.0737 5216 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:47:24.0746 5216 usbuhci - ok
18:47:24.0766 5216 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:47:24.0778 5216 usbvideo - ok
18:47:24.0793 5216 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:47:24.0796 5216 UxSms - ok
18:47:24.0808 5216 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:47:24.0809 5216 VaultSvc - ok
18:47:24.0838 5216 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:47:24.0840 5216 vdrvroot - ok
18:47:24.0875 5216 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:47:24.0884 5216 vds - ok
18:47:24.0901 5216 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:47:24.0911 5216 vga - ok
18:47:24.0916 5216 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:47:24.0925 5216 VgaSave - ok
18:47:24.0943 5216 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:47:24.0955 5216 vhdmp - ok
18:47:24.0967 5216 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:47:24.0976 5216 viaide - ok
18:47:24.0994 5216 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:47:24.0996 5216 volmgr - ok
18:47:25.0014 5216 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:47:25.0021 5216 volmgrx - ok
18:47:25.0035 5216 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:47:25.0039 5216 volsnap - ok
18:47:25.0054 5216 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:47:25.0066 5216 vsmraid - ok
18:47:25.0117 5216 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:47:25.0140 5216 VSS - ok
18:47:25.0207 5216 [ EF11725916A69DFAF82AB26EC219F088 ] vToolbarUpdater13.3.2 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe
18:47:25.0220 5216 vToolbarUpdater13.3.2 - ok
18:47:25.0231 5216 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:47:25.0243 5216 vwifibus - ok
18:47:25.0250 5216 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:47:25.0259 5216 vwififlt - ok
18:47:25.0263 5216 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:47:25.0264 5216 vwifimp - ok
18:47:25.0295 5216 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:47:25.0300 5216 W32Time - ok
18:47:25.0318 5216 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:47:25.0326 5216 WacomPen - ok
18:47:25.0359 5216 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:47:25.0368 5216 WANARP - ok
18:47:25.0372 5216 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:47:25.0373 5216 Wanarpv6 - ok
18:47:25.0434 5216 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:47:25.0578 5216 WatAdminSvc - ok
18:47:25.0641 5216 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:47:25.0675 5216 wbengine - ok
18:47:25.0703 5216 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:47:25.0709 5216 WbioSrvc - ok
18:47:25.0749 5216 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:47:25.0758 5216 wcncsvc - ok
18:47:25.0780 5216 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:47:25.0784 5216 WcsPlugInService - ok
18:47:25.0795 5216 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:47:25.0808 5216 Wd - ok
18:47:25.0902 5216 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:47:25.0913 5216 Wdf01000 - ok
18:47:25.0965 5216 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:47:25.0968 5216 WdiServiceHost - ok
18:47:25.0973 5216 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:47:25.0976 5216 WdiSystemHost - ok
18:47:25.0993 5216 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:47:25.0997 5216 WebClient - ok
18:47:26.0023 5216 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:47:26.0027 5216 Wecsvc - ok
18:47:26.0042 5216 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:47:26.0044 5216 wercplsupport - ok
18:47:26.0061 5216 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:47:26.0063 5216 WerSvc - ok
18:47:26.0083 5216 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:47:26.0091 5216 WfpLwf - ok
18:47:26.0107 5216 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:47:26.0115 5216 WIMMount - ok
18:47:26.0122 5216 WinHttpAutoProxySvc - ok
18:47:26.0242 5216 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:47:26.0247 5216 Winmgmt - ok
18:47:26.0312 5216 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
18:47:26.0338 5216 WinRing0_1_2_0 - ok
18:47:26.0397 5216 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:47:26.0455 5216 WinRM - ok
18:47:26.0517 5216 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:47:26.0530 5216 WinUsb - ok
18:47:26.0573 5216 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:47:26.0588 5216 Wlansvc - ok
18:47:26.0704 5216 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:47:26.0763 5216 wlidsvc - ok
18:47:26.0796 5216 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:47:26.0806 5216 WmiAcpi - ok
18:47:26.0826 5216 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:47:26.0830 5216 wmiApSrv - ok
18:47:26.0834 5216 WMPNetworkSvc - ok
18:47:26.0857 5216 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:47:26.0860 5216 WPCSvc - ok
18:47:26.0894 5216 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:47:26.0897 5216 WPDBusEnum - ok
18:47:26.0909 5216 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:47:26.0911 5216 ws2ifsl - ok
18:47:26.0915 5216 WSearch - ok
18:47:26.0953 5216 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:47:26.0956 5216 WudfPf - ok
18:47:26.0969 5216 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:47:26.0974 5216 WUDFRd - ok
18:47:26.0990 5216 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:47:26.0993 5216 wudfsvc - ok
18:47:26.0999 5216 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:47:27.0004 5216 WwanSvc - ok
18:47:27.0016 5216 ================ Scan global ===============================
18:47:27.0047 5216 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:47:27.0078 5216 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:47:27.0087 5216 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:47:27.0116 5216 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:47:27.0156 5216 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:47:27.0159 5216 [Global] - ok
18:47:27.0160 5216 ================ Scan MBR ==================================
18:47:27.0179 5216 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:47:27.0356 5216 \Device\Harddisk0\DR0 - ok
18:47:27.0356 5216 ================ Scan VBR ==================================
18:47:27.0360 5216 [ 51A0E01E4475CE0D32B6FFC25FADA20F ] \Device\Harddisk0\DR0\Partition1
18:47:27.0362 5216 \Device\Harddisk0\DR0\Partition1 - ok
18:47:27.0366 5216 [ 6327B4740C6ACB2DF730BEBDA2CB6BD0 ] \Device\Harddisk0\DR0\Partition2
18:47:27.0368 5216 \Device\Harddisk0\DR0\Partition2 - ok
18:47:27.0369 5216 ============================================================
18:47:27.0369 5216 Scan finished
18:47:27.0369 5216 ============================================================
18:47:27.0388 5208 Detected object count: 0
18:47:27.0388 5208 Actual detected object count: 0

#7 Ryan55

Ryan55
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 09 January 2013 - 07:57 AM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.05.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jim :: JIM-PC [administrator]

1/8/2013 6:49:04 PM
mbam-log-2013-01-08 (18-49-04).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 613223
Time elapsed: 2 hour(s), 34 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> No action taken.

Files Detected: 278
C:\Program Files (x86)\Uninstall Information\ib_uninst_514\uninstall.exe (PUP.BundleInstaller.IB) -> No action taken.
C:\Program Files (x86)\Uninstall Information\ib_uninst_566\uninstall.exe (PUP.BundleInstaller.IB) -> No action taken.
C:\Program Files (x86)\Uninstall Information\ib_uninst_569\uninstall.exe (PUP.BundleInstaller.IB) -> No action taken.
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> No action taken.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0000.dta (Trojan.0access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0001.dta (Trojan.Zaccess) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0007.dta (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0008.dta (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0010.dta (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0012.dta (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0014.dta (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0017.dta (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0018.dta (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0020.dta (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0025.dta (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0026.dta (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0027.dta (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0028.dta (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0029.dta (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0030.dta (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0031.dta (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.01.2013_14.01.34\zasubsys0000\zafs0000\tsk0036.dta (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD2A.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD2C.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD2D.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD3A.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD40.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD47.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD48.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD5.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD50.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD51.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD55.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD58.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD6.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD67.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD71.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD73.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD78.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD80.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD85.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD91.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD98.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD9B.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD9C.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFD9E.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDA.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDA2.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDA3.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDAA.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDAF.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDB1.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDC3.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDC5.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDCA.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD3.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD4.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD7.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDD8.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDDA.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDDC.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE0.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE3.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE7.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDE9.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDEE.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDEF.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDF3.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDF4.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDFD.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFDFE.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE00.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE03.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE0E.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE16.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE18.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE19.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE1B.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE1D.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE2.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE21.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE24.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE27.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE28.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE29.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE2D.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE30.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE32.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE3C.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE4.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE42.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE4A.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE55.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE58.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE5B.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE5D.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE5F.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE76.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE7C.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE8D.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE92.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE94.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE96.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFE97.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEA5.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEA6.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEBB.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFECB.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFECD.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFECF.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFED3.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFED9.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEDA.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEDB.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEDD.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEE4.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEE8.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEE9.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEEE.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEF0.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEF4.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEF5.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFEFF.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF01.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF06.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF13.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF19.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF1A.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF1B.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF1F.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF26.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF30.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF32.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF37.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF3C.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF3D.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF3E.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF46.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF60.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF67.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF74.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF75.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF78.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF79.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF7A.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF7D.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF80.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF8A.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF8B.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF8E.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF93.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF98.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFF9D.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFA0.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFAF.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFB0.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFB3.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFB4.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFB5.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFBD.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFC8.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFD6.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFD7.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFE0.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFE3.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFE6.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFE8.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFEB.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFED.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFF4.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{b4a47f27-f245-57a0-0da4-aeb99c56c623}\U\trzFFFB.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp101797952.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp105793948.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp107331873.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp109247505.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp110078811.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp110262233.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp110517686.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp115350065.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp1245779.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp12539531.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp12702797.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp128209633.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp128995263.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp129283994.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp130300002.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp130399149.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp130774838.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp132019355.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp132562545.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp135446875.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp135765422.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp136765056.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp137568289.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp140944269.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp141351900.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp141736985.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp143053295.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp143250982.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp145237809.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp145486700.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp147535398.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp148538067.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp150230039.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp150741176.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp155500830.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp155659856.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp156792827.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp162801202.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp167116776.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp168702623.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp168932165.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp170043989.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp171387546.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp171714516.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp174153897.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp174730970.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp174965736.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp182862083.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp183970859.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp192966853.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp203595046.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp203849723.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp210626087.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp210756927.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp215158320.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp219661647.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp220226229.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp221797931.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp222020068.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp222518465.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp224790356.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp225081443.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp226775887.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp228962342.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp229172265.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp231686644.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp233681837.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp242726764.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp252367502.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp252965682.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp253405049.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp256394984.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp257557868.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp258299104.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp258401680.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp258504564.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp259457292.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp259717998.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp259763668.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp260369145.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp261752536.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp261800510.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp26210473.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp262152463.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp262437281.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp263373157.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp264231903.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp265269472.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp2690916.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp33287001.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp3356510.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp3835531.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp50488415.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp56144996.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp58986889.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp61119077.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp63230070.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp74389031.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp7607698.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp84182449.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp8542833.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp90849531.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp95004441.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp95452273.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp95509253.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp95974719.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\_avast_\unp96755999.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.

(end)

#8 Ryan55

Ryan55
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 09 January 2013 - 08:00 AM

MiniToolBox by Farbar Version:08-01-2013
Ran by Jim (administrator) on 09-01-2013 at 06:59:24
Running from "C:\Users\Jim\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

DW1525 (802.11n) WLAN PCIe Card = Wireless Network Connection (Connected)
Hamachi Network Interface = Local Area Connection 2 (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection 2" nexthop=25.0.0.1 publish=Yes
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jim-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 5A-AC-4C-06-E3-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1525 (802.11n) WLAN PCIe Card
Physical Address. . . . . . . . . : 5C-AC-4C-06-E3-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::38a2:219:e97a:8be1%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.14(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, January 08, 2013 10:59:41 PM
Lease Expires . . . . . . . . . . : Wednesday, January 16, 2013 6:54:18 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 308063308
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-BF-58-B4-84-2B-2B-A5-91-B4
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : 00332.geek.local
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 84-2B-2B-A5-91-B4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-19-6F-02-61
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2620:9b::196f:261(Preferred)
Link-local IPv6 Address . . . . . : fe80::a902:8b49:37f8:6b59%16(Preferred)
IPv4 Address. . . . . . . . . . . : 25.111.2.97(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : Tuesday, January 08, 2013 10:59:35 PM
Lease Expires . . . . . . . . . . : Wednesday, January 08, 2014 11:01:41 PM
Default Gateway . . . . . . . . . : 2620:9b::1900:1
25.0.0.1
DHCP Server . . . . . . . . . . . : 25.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 494565797
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-BF-58-B4-84-2B-2B-A5-91-B4
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{1FAD16CC-537D-4353-B030-FC22F90EAEEF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: www
Address: 192.168.0.1

Name: google.com
Addresses: 2001:4860:4002:800::1001
74.125.227.4
74.125.227.5
74.125.227.6
74.125.227.7
74.125.227.8
74.125.227.9
74.125.227.14
74.125.227.0
74.125.227.1
74.125.227.2
74.125.227.3


Pinging google.com [74.125.227.6] with 32 bytes of data:
Reply from 74.125.227.6: bytes=32 time=11ms TTL=57
Reply from 74.125.227.6: bytes=32 time=12ms TTL=57

Ping statistics for 74.125.227.6:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 12ms, Average = 11ms
Server: www
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Request timed out.
Reply from 98.139.183.24: bytes=32 time=770ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 770ms, Maximum = 770ms, Average = 770ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...5a ac 4c 06 e3 9a ......Microsoft Virtual WiFi Miniport Adapter
11...5c ac 4c 06 e3 9a ......DW1525 (802.11n) WLAN PCIe Card
10...84 2b 2b a5 91 b4 ......Broadcom NetLink ™ Gigabit Ethernet
16...7a 79 19 6f 02 61 ......Hamachi Network Interface
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 25.0.0.1 25.111.2.97 9256
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.14 25
25.0.0.0 255.0.0.0 On-link 25.111.2.97 9256
25.111.2.97 255.255.255.255 On-link 25.111.2.97 9256
25.255.255.255 255.255.255.255 On-link 25.111.2.97 9256
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.14 281
192.168.0.14 255.255.255.255 On-link 192.168.0.14 281
192.168.0.255 255.255.255.255 On-link 192.168.0.14 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 25.111.2.97 9256
224.0.0.0 240.0.0.0 On-link 192.168.0.14 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 25.111.2.97 9256
255.255.255.255 255.255.255.255 On-link 192.168.0.14 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 25.0.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 9020 ::/0 2620:9b::1900:1
1 306 ::1/128 On-link
16 276 2620:9b::/96 On-link
16 276 2620:9b::196f:261/128 On-link
16 276 fe80::/64 On-link
11 281 fe80::/64 On-link
11 281 fe80::38a2:219:e97a:8be1/128
On-link
16 276 fe80::a902:8b49:37f8:6b59/128
On-link
1 306 ff00::/8 On-link
16 276 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
0 9000 ::/0 2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File not found] ()
Catalog9 02 mswsock.dll [File not found] ()
Catalog9 03 mswsock.dll [File not found] ()
Catalog9 04 mswsock.dll [File not found] ()
Catalog9 05 mswsock.dll [File not found] ()
Catalog9 06 mswsock.dll [File not found] ()
Catalog9 07 mswsock.dll [File not found] ()
Catalog9 08 mswsock.dll [File not found] ()
Catalog9 09 mswsock.dll [File not found] ()
Catalog9 10 mswsock.dll [File not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/09/2013 01:46:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/08/2013 10:22:11 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/08/2013 10:22:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/08/2013 10:22:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/08/2013 10:19:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/08/2013 04:11:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: PlanetSide2.exe, version: 0.0.0.0, time stamp: 0x50eb8dd7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7fffffff
Faulting process id: 0x1150
Faulting application start time: 0xPlanetSide2.exe0
Faulting application path: PlanetSide2.exe1
Faulting module path: PlanetSide2.exe2
Report Id: PlanetSide2.exe3

Error: (01/08/2013 03:16:32 PM) (Source: Application Hang) (User: )
Description: The program PlanetSide2.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 90c

Start Time: 01cdeddbf330d638

Termination Time: 562

Application Path: C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe

Report Id:

Error: (01/08/2013 02:08:20 PM) (Source: Application Hang) (User: )
Description: The program PlanetSide2.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1378

Start Time: 01cdeddaa076e8b9

Termination Time: 362

Application Path: C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe

Report Id:

Error: (01/07/2013 02:20:44 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program PlanetSide2.exe because of this error.

Program: PlanetSide2.exe
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00000000
Disk type: 0

Error: (01/07/2013 02:20:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: PlanetSide2.exe, version: 0.0.0.0, time stamp: 0x50d2d8a1
Faulting module name: PlanetSide2.exe, version: 0.0.0.0, time stamp: 0x50d2d8a1
Exception code: 0xc0000096
Fault offset: 0x00050044
Faulting process id: 0x4d4
Faulting application start time: 0xPlanetSide2.exe0
Faulting application path: PlanetSide2.exe1
Faulting module path: PlanetSide2.exe2
Report Id: PlanetSide2.exe3


System errors:
=============
Error: (01/09/2013 05:58:44 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (01/09/2013 05:58:44 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (01/09/2013 05:58:44 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (01/09/2013 05:58:44 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (01/09/2013 04:35:50 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (01/09/2013 04:35:50 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (01/09/2013 04:35:49 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (01/09/2013 04:35:49 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (01/09/2013 03:12:02 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/09/2013 02:15:22 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (01/09/2013 01:46:35 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/08/2013 10:22:11 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Jim\downloads\esetsmartinstaller_enu.exe

Error: (01/08/2013 10:22:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Jim\downloads\esetsmartinstaller_enu.exe

Error: (01/08/2013 10:22:05 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Jim\downloads\esetsmartinstaller_enu.exe

Error: (01/08/2013 10:19:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/08/2013 04:11:26 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.050eb8dd7unknown0.0.0.000000000c00000057fffffff115001cdede907716b59C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exeunknown57aa6cb2-59e0-11e2-a39a-842b2ba591b4

Error: (01/08/2013 03:16:32 PM) (Source: Application Hang)(User: )
Description: PlanetSide2.exe0.0.0.090c01cdeddbf330d638562C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe

Error: (01/08/2013 02:08:20 PM) (Source: Application Hang)(User: )
Description: PlanetSide2.exe0.0.0.0137801cdeddaa076e8b9362C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe

Error: (01/07/2013 02:20:44 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe000000000

Error: (01/07/2013 02:20:44 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.050d2d8a1PlanetSide2.exe0.0.0.050d2d8a1c0000096000500444d401cded0d123ca577C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exeC:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exeb66be0e8-5907-11e2-b6bf-842b2ba591b4


=========================== Installed Programs ============================

'Full Speed' Internet Booster + Performance Tests (Version: 3.6)
µTorrent (Version: 3.2.3.28705)
µTorrent (Version: 3.3.0.28583)
Ableton Live 8 (Version: 8.0.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advanced SystemCare 6 (Version: 6.0)
Advanced Tactical Center™ 1.1 (Version: 1.1.0.0)
Age of Empires Online (Version: 1.0.0000.129)
Anti-phishing Domain Advisor (Version: 1.1.0.1)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
applicationupdater
AVG 2013 (Version: 13.0.2637)
AVG 2013 (Version: 13.0.2805)
AVG 2013 (Version: 2013.0.2805)
Batman: Arkham City GOTY
Battlefield 3™ (Version: 1.5.0.0)
Battlefield: Bad Company 2
Battlelog Web Plugins (Version: 2.1.2)
BF3 Colour Tweaker (Version: 1.2)
Blacklight Retribution
Blacklight Retribution (Version: 1.00.9500)
Bonjour (Version: 3.0.0.10)
Broadcom NetXtreme-I Netlink Driver and Management Installer (Version: 12.54.02)
CameraHelperMsi (Version: 13.31.1038.0)
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
CCleaner (Version: 3.25)
Counter-Strike: Global Offensive Beta
Counter-Strike: Source
CutePDF Writer 3.0
Dell Support Center (Version: 3.2.6032.102)
Desura (Version: 100.53)
Desura: Stellar Impact (Version: Full)
Dota 2
DragonNest
Driver Fusion (Version: 1.2.0)
Dual-Core Optimizer (Version: 1.1.4.0169)
DVDFab 8.0.5.0 (18/11/2010)
DW 1525 Driver Installation (Version: 8.0)
End of Nations Beta (Version: 1.0.0.0)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
ESN Sonar (Version: 0.70.4)
Fallout Mod Manager 0.13.21
Fallout: New Vegas
Far Cry
Far Cry® 3
Foxit Reader (Version: 5.3.1.606)
Game Booster 3 (Version: 3.4)
gamelauncher-code4344-beta
gamelauncher-ps2-live
Google Chrome (Version: 23.0.1271.97)
Google Update Helper (Version: 1.3.21.123)
Graboid Video 3.05 (Version: 3.05)
Hawken
Imperial Civil War 2.0
iTunes (Version: 10.6.3.25)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 31 (Version: 6.0.310)
Killing Floor
Kingdoms of Amalur: Reckoning - Demo (Version: 1.0.0.0)
League of Legends (Version: 1.3)
Left 4 Dead 2
Lexmark S300-S400 Series
Logitech Webcam Software (Version: 2.30)
LogMeIn Hamachi (Version: 2.1.0.294)
LWS Facebook (Version: 13.31.1038.0)
LWS Gallery (Version: 13.31.1038.0)
LWS Help_main (Version: 13.31.1044.0)
LWS Launcher (Version: 13.31.1038.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.31.1038.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mass Effect™ 3 Demo (Version: 1.0.0.0)
MechWarrior Online (Version: 1.2.0.0)
Medal of Honor™ Warfighter (Version: 1.0.0.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 18.0 (x86 en-US) (Version: 18.0)
Mozilla Maintenance Service (Version: 18.0)
Need For Speed™ World (Version: 1.0.0.857)
Nexon Game Manager
Nexus Mod Manager (Version: 0.20.0)
Notepad++ (Version: 6.1)
NVIDIA 3D Vision Controller Driver 310.90 (Version: 310.90)
NVIDIA 3D Vision Driver 310.90 (Version: 310.90)
NVIDIA Control Panel 310.90 (Version: 310.90)
NVIDIA Graphics Driver 310.90 (Version: 310.90)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1090)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Origin (Version: 8.5.0.4550)
Pando Media Booster (Version: 2.6.0.7)
PlanetSide 2 (Version: 1.0.3.181)
PlanetSide 2 Beta
Plants vs. Zombies: Game of the Year
QGNA (Version: 1.0.111.17186)
QuickTime (Version: 7.72.80.56)
RaidCall (Version: 6.1.0-1.0.627.52)
REACTOR (Version: 1.00.0000)
Saints Row: The Third
Sid Meier's Civilization V
Sins of a Solar Empire: Rebellion
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.8 (Version: 5.8.154)
Source SDK Base 2007
Speccy (Version: 1.15)
Spybot - Search & Destroy (Version: 2.0.12)
Star Trek Online
Star Wars: Empire at War Gold
Star Wars: The Old Republic (Version: 1.00)
Steam (Version: 1.0.0.0)
Supreme Commander 2
Team Fortress 2
TeamSpeak 3 Client (Version: 3.0.9.2)
The Elder Scrolls V: Skyrim
ThreatFire
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Uplay (Version: 2.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Ventrilo Client (Version: 3.0.8)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 1.1.11 (Version: 1.1.11)
Warhammer 40,000 Space Marine
Warhammer® 40,000™: Dawn of War® II
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™
Warhammer® 40,000™: Dawn of War® II – Retribution™
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
World of Tanks v.0.7.1
World of Tanks v.0.7.4_CT
Xfire
Yontoo 1.10.02 (Version: 1.10.02)

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 6007.12 MB
Available physical RAM: 4398.34 MB
Total Pagefile: 12012.43 MB
Available Pagefile: 10040.61 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.16 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:698.54 GB) (Free:260.6 GB) NTFS

========================= Users: ========================================

User accounts for \\JIM-PC

Administrator Guest Jim
UpdatusUser

========================= Restore Points ==================================


**** End of log ****

#9 Ryan55

Ryan55
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 09 January 2013 - 08:01 AM

Farbar Service Scanner Version: 05-01-2013
Ran by Jim (administrator) on 09-01-2013 at 07:01:02
Running from "C:\Users\Jim\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to retrieve start type of iphlpsvc. The value does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to retrieve ImagePath of iphlpsvc. The value does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 Ryan55

Ryan55
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 09 January 2013 - 08:13 AM

# AdwCleaner v2.105 - Logfile created 01/09/2013 at 07:08:56
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Jim - JIM-PC
# Boot Mode : Normal
# Running from : C:\Users\Jim\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\AVG Secure Search
Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\bprotector_prefs.js
File Deleted : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\searchplugins\bProtect.xml
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Jim\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Jim\AppData\Local\Conduit
Folder Deleted : C:\Users\Jim\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Jim\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Folder Deleted : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\CT3220468
Folder Deleted : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\CT3227983
Folder Deleted : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\CT3247201
Folder Deleted : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\extensions\{1930e38a-deef-4cf4-9bfb-9c4ea3689a9d}
Folder Deleted : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\extensions\{72cabc40-64b2-46ed-8648-26d831761150}
Folder Deleted : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Folder Deleted : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\Smartbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\bProtector
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16447

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3220468 --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0 (en-US)

File : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\prefs.js

C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\kepxvprf.default\user.js ... Deleted !

Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.FirstTime", "true");
Deleted : user_pref("CT3220468.FirstTimeFF3", "true");
Deleted : user_pref("CT3220468.RevertSettingsEnabled", true);
Deleted : user_pref("CT3220468.UserID", "UN72623298849599904");
Deleted : user_pref("CT3220468.autoDisableScopes", 14);
Deleted : user_pref("CT3220468.defaultSearch", "true");
Deleted : user_pref("CT3220468.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3220468.fixPageNotFoundError", "true");
Deleted : user_pref("CT3220468.fixUrls", true);
Deleted : user_pref("CT3220468.installType", "xpe");
Deleted : user_pref("CT3220468.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3220468.migrateAppsAndComponents", true);
Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Anewaddon%3Fid%3Davg%4[...]
Deleted : user_pref("CT3220468.openThankYouPage", "true");
Deleted : user_pref("CT3220468.openUninstallPage", "false");
Deleted : user_pref("CT3220468.revertSettingsEnabled", "false");
Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1357413501826");
Deleted : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1357413499342");
Deleted : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1357413501668");
Deleted : user_pref("CT3220468.settingsINI", true);
Deleted : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Deleted : user_pref("CT3220468.smartbar.Uninstall", "0");
Deleted : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Deleted : user_pref("CT3220468.startPage", "true");
Deleted : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("CT3227983.1000082.isDisplayHidden", "true");
Deleted : user_pref("CT3227983.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3227983.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3227983.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3227983.FirstTime", "true");
Deleted : user_pref("CT3227983.FirstTimeFF3", "true");
Deleted : user_pref("CT3227983.LoginRevertSettingsEnabled", false);
Deleted : user_pref("CT3227983.RevertSettingsEnabled", false);
Deleted : user_pref("CT3227983.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]
Deleted : user_pref("CT3227983.UserID", "UN00413636201095324");
Deleted : user_pref("CT3227983.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3227983.autoDisableScopes", -1);
Deleted : user_pref("CT3227983.bDay_InstallDate", "OS04");
Deleted : user_pref("CT3227983.bDay_InstallFromToolbar", "eWVz");
Deleted : user_pref("CT3227983.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT3227983.defaultSearch", "true");
Deleted : user_pref("CT3227983.embeddedsData", "[{\"appId\":\"129837883863670482\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3227983.enableAlerts", "always");
Deleted : user_pref("CT3227983.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3227983.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3227983.fixPageNotFoundError", "true");
Deleted : user_pref("CT3227983.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3227983.fixUrls", true);
Deleted : user_pref("CT3227983.installId", "installbrain");
Deleted : user_pref("CT3227983.installType", "ConduitNSISIntegration");
Deleted : user_pref("CT3227983.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3227983.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3227983.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3227983.isNewTabEnabled", true);
Deleted : user_pref("CT3227983.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3227983.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3227983.keyword", true);
Deleted : user_pref("CT3227983.migrateAppsAndComponents", true);
Deleted : user_pref("CT3227983.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Deleted : user_pref("CT3227983.openThankYouPage", "false");
Deleted : user_pref("CT3227983.openUninstallPage", "true");
Deleted : user_pref("CT3227983.search.searchAppId", "129837883863670482");
Deleted : user_pref("CT3227983.search.searchCount", "0");
Deleted : user_pref("CT3227983.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3227983.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3227983.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3227983.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3227983.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3227983.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3227983.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3227983.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3227983.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1347171584732");
Deleted : user_pref("CT3227983.serviceLayer_services_appsMetadata_lastUpdate", "1347171584136");
Deleted : user_pref("CT3227983.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1347171585757");
Deleted : user_pref("CT3227983.serviceLayer_services_login_10.13.1.89_lastUpdate", "1350225468964");
Deleted : user_pref("CT3227983.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1347171585803");
Deleted : user_pref("CT3227983.serviceLayer_services_searchAPI_lastUpdate", "1347171583027");
Deleted : user_pref("CT3227983.serviceLayer_services_serviceMap_lastUpdate", "1350158511285");
Deleted : user_pref("CT3227983.serviceLayer_services_toolbarContextMenu_lastUpdate", "1347171585700");
Deleted : user_pref("CT3227983.serviceLayer_services_toolbarSettings_lastUpdate", "1350225468613");
Deleted : user_pref("CT3227983.serviceLayer_services_translation_lastUpdate", "1350158514613");
Deleted : user_pref("CT3227983.settingsINI", true);
Deleted : user_pref("CT3227983.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3227983.smartbar.CTID", "CT3227983");
Deleted : user_pref("CT3227983.smartbar.Uninstall", "0");
Deleted : user_pref("CT3227983.smartbar.homepage", true);
Deleted : user_pref("CT3227983.smartbar.isHidden", true);
Deleted : user_pref("CT3227983.smartbar.toolbarName", "appbario9 ");
Deleted : user_pref("CT3227983.startPage", "userChanged");
Deleted : user_pref("CT3227983.toolbarBornServerTime", "9-9-2012");
Deleted : user_pref("CT3227983.toolbarCurrentServerTime", "14-10-2012");
Deleted : user_pref("CT3227983_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("CT3247201.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3247201.FirstTime", "true");
Deleted : user_pref("CT3247201.FirstTimeFF3", "true");
Deleted : user_pref("CT3247201.RevertSettingsEnabled", true);
Deleted : user_pref("CT3247201.UserID", "UN22882443380149164");
Deleted : user_pref("CT3247201.autoDisableScopes", -1);
Deleted : user_pref("CT3247201.embeddedsData", "[{\"appId\":\"10000002\",\"apiPermissions\":{\"crossDomainAjax[...]
Deleted : user_pref("CT3247201.fixUrls", true);
Deleted : user_pref("CT3247201.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3247201.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3247201.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3247201.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3247201.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3247201.migrateAppsAndComponents", true);
Deleted : user_pref("CT3247201.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Anewaddon%3Fid%3Davg%4[...]
Deleted : user_pref("CT3247201.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3247201.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3247201.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3247201.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3247201.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3247201.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357413501118");
Deleted : user_pref("CT3247201.serviceLayer_services_appsMetadata_lastUpdate", "1357413500826");
Deleted : user_pref("CT3247201.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357413503541");
Deleted : user_pref("CT3247201.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357413503534");
Deleted : user_pref("CT3247201.serviceLayer_services_searchAPI_lastUpdate", "1357413499363");
Deleted : user_pref("CT3247201.serviceLayer_services_serviceMap_lastUpdate", "1357413498492");
Deleted : user_pref("CT3247201.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357413503538");
Deleted : user_pref("CT3247201.serviceLayer_services_toolbarSettings_lastUpdate", "1357413499161");
Deleted : user_pref("CT3247201.serviceLayer_services_translation_lastUpdate", "1357413502191");
Deleted : user_pref("CT3247201.settingsINI", true);
Deleted : user_pref("CT3247201.smartbar.CTID", "CT3247201");
Deleted : user_pref("CT3247201.smartbar.Uninstall", "0");
Deleted : user_pref("CT3247201.smartbar.toolbarName", "InternetHelper1.5 ");
Deleted : user_pref("CT3247201_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3227983");
Deleted : user_pref("browser.search.defaultenginename", "appbario9 Customized Web Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&Sea[...]
Deleted : user_pref("browser.search.order.1", "appbario9 Customized Web Search");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112463&tt=220512_53all");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "94a1b89b0000000000005cac4c06e39a");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "94a1b89b0000000000005cac4c06e39a");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15483");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.176:26:11");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227983&SearchSource=2&q=[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [23424 octets] - [09/01/2013 07:08:56]

########## EOF - C:\AdwCleaner[S1].txt - [23485 octets] ##########

#11 Ryan55

Ryan55
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 09 January 2013 - 11:03 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Windows 7 Home Premium x64
Ran by Jim on Wed 01/09/2013 at 7:13:47.14
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{7473b6bd-4691-4744-a82b-7854eb3d70b6}



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.1049.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.1049.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Jim\AppData\Roaming\mozilla\firefox\profiles\kepxvprf.default\prefs.js

user_pref("extensions.crossrider.bic", "139a9abe00bd45483c1df3f2a29ae7a0");
user_pref("extentions.y2layers.defaultEnableAppsList", "ezLooker,buzzdock,YontooNewOffers");
user_pref("extentions.y2layers.installId", "a2114fc9-d9a7-4905-9fb2-788e32edbdbd");
Emptied folder: C:\Users\Jim\AppData\Roaming\mozilla\firefox\profiles\kepxvprf.default\minidumps [240 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/09/2013 at 7:44:05.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#12 Ryan55

Ryan55
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 09 January 2013 - 11:10 AM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "amd_dc_opt" "AMD Dual-Core Optimizer" "AMD" "c:\program files (x86)\amd\dual-core optimizer\amd_dc_opt.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgui.exe"
+ "SDTray" "Spybot - Search & Destroy tray access" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdtray.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "ThreatFire" "PC Tools ThreatFire Tray App" "PC Tools" "c:\program files (x86)\threatfire\tftray.exe"
+ "vProt" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Advanced SystemCare" "ASCExtMenu Module" "" "c:\program files (x86)\iobit\advanced systemcare 6\ascextmenu_64.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "Notepad++64" "ShellHandler for Notepad++ (64 bit)" "" "c:\program files (x86)\notepad++\nppshell_04.dll"
+ "SDECon32" "Windows Explorer context menu integration" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdecon64.dll"
+ "SDECon64" "Windows Explorer context menu integration" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdecon64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "SDECon32" "Windows Explorer context menu integration" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdecon32.dll"
+ "SDECon64" "Windows Explorer context menu integration" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdecon32.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "GB3ContextMenu" "Game Booster v3 Context Menu" "IObit" "c:\program files (x86)\iobit\game booster 3\gbv3contextmenu.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Advanced SystemCare" "ASCExtMenu Module" "" "c:\program files (x86)\iobit\advanced systemcare 6\ascextmenu_64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "NvCplDesktopContext" "NVIDIA Display Shell Extension" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "SDECon32" "Windows Explorer context menu integration" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdecon64.dll"
+ "SDECon64" "Windows Explorer context menu integration" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdecon64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "SDECon32" "Windows Explorer context menu integration" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdecon32.dll"
+ "SDECon64" "Windows Explorer context menu integration" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdecon32.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Spybot-S&D IE Protection" "Blocks URLs that could install spyware, malware etc." "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Spybot - Search && Destroy Configuration" "Blocks URLs that could install spyware, malware etc." "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\Game_Booster_AutoUpdate" "Helps you update Game Booster to latest version." "IObit" "c:\program files (x86)\iobit\game booster 3\autoupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-43994927-2801798098-1555099715-1000Core" "Google Installer" "Google Inc." "c:\users\jim\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-43994927-2801798098-1555099715-1000UA" "Google Installer" "Google Inc." "c:\users\jim\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-43994927-2801798098-1555099715-1000" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-43994927-2801798098-1555099715-1000" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" "Pro-active browser protection" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdimmunize.exe"
+ "\Safer-Networking\Spybot - Search and Destroy\Scan the system" "Malware Scanner" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdscan.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
+ "\{348AAAB5-FAB8-4F33-A324-ACDBB8BC0627}" "" "" "File not found: C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\main\iw4m (1).exe"
+ "\{DF80D877-E052-4C2B-A952-232CB2BC7860}" "" "" "File not found: C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\main\iw4m.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AdvancedSystemCareService6" "Advanced SystemCare Service" "IObit" "c:\program files (x86)\iobit\advanced systemcare 6\ascservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "Desura Install Service" "Desura" "Desura Pty Ltd" "c:\program files (x86)\common files\desura\desura_service.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "Hamachi2Svc" "Hamachi Client Tunneling Engine" "LogMeIn Inc." "c:\program files (x86)\logmein hamachi\hamachi-2.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "lxea_device" "Printer Communication System" " " "c:\windows\system32\lxeacoms.exe"
+ "lxeaCATSCustConnectService" "Lexmark Connect Service Executable" "Lexmark International, Inc." "c:\windows\system32\spool\drivers\x64\3\lxeaserv.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "npggsvc" "nProtect GameGuard Service" "INCA Internet Co., Ltd." "c:\windows\syswow64\gamemon.des"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "SDScannerService" "Offers malware scanning services to Spybot-S&D modules." "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe"
+ "SDUpdateService" "Downloads Spybot updates and installs them." "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdupdsvc.exe"
+ "SDWSCService" "Integrates Spybot into the Windows Security Center." "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy 2\sdwscsvc.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "Thorn" "Служба помощника провайдера безопасности аккаунта обеспечивает мониторинг соблюдения политик безопасности мастер аккаунта пользователя и игровых акканутов пользователей сети GameNet" "GGS" "c:\users\jim\appdata\local\thorn\thorn.exe"
+ "ThreatFire" "The ThreatFire engine responsible for monitoring your system for viruses, spyware, and other malware. Turning this service off makes your machine vulnerable to such attacks." "PC Tools" "c:\program files (x86)\threatfire\tfservice.exe"
+ "UMVPFSrv" "UMVPF is a user mode Logitech driver" "Logitech Inc." "c:\program files (x86)\common files\logishrd\lvmvfm\umvpfsrv.exe"
+ "vToolbarUpdater13.3.2" "ToolbarU Application" "" "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\13.3.2\toolbarupdater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CompFilter64" "Logitech USB Video Class Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvbflt64.sys"
+ "EagleX64" "" "" "File not found: C:\Windows\system32\drivers\EagleX64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hamachi" "Hamachi Virtual Network Interface Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\hamachi.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LVRS64" "Logitech Kernel Audio Improvement Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvrs64.sys"
+ "LVUVC64" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows\system32\drivers\lvuvc64.sys"
+ "mcdbus" "MagicISO SCSI Host Controller" "MagicISO, Inc." "c:\windows\system32\drivers\mcdbus.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 310.90 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "pcouffin" "low level access layer for CD/DVD/BD devices" "VSO Software" "c:\windows\system32\drivers\pcouffin.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "TfFsMon" "ThreatFire Filesystem Monitor" "PC Tools" "c:\windows\system32\drivers\tffsmon.sys"
+ "TfNetMon" "ThreatFire Network Monitor" "PC Tools" "c:\windows\system32\drivers\tfnetmon.sys"
+ "TfSysMon" "ThreatFire System Monitor" "PC Tools" "c:\windows\system32\drivers\tfsysmon.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WinRing0_1_2_0" "WinRing0" "OpenLibSys.org" "c:\program files (x86)\iobit\game booster 3\driver\winring0x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\system32\frapsv64.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcod64.dll"
+ "VIDC.XFR1" "Xfire Video Codec" "" "c:\windows\system32\xfcodec64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\syswow64\frapsvid.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\syswow64\lvcodec2.dll"
+ "VIDC.XFR1" "Xfire Video Codec" "" "c:\windows\syswow64\xfcodec.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "CutePDF Writer Monitor" "" "" "c:\windows\system32\cpwmon64.dll"
+ "S300-S400 Series Port" "Printer Communication System" " " "c:\windows\system32\lxealmpm.dll"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:37 AM

Posted 10 January 2013 - 12:47 AM

Run malwarebytes again and post the clean log.

You missed the RKILL log.

#14 Ryan55

Ryan55
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 11 January 2013 - 01:45 AM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/11/2013 12:44:34 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Jim\Downloads\Desktop\rkill\rkill-01-11-2013-12-44-39.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/11/2013 12:45:00 AM
Execution time: 0 hours(s), 0 minute(s), and 25 seconds(s)

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:37 AM

Posted 11 January 2013 - 01:52 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users