Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojen Generic31. APJE


  • Please log in to reply
15 replies to this topic

#1 shauna78

shauna78

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 06 February 2013 - 10:29 AM

Hi

I have AVG warning me that I am infected with a Trojen Generic 31.APJE, my laptop was OK last night and I don't recall downloading anything unless it was an automatic download. However I cannot delete it!

I have downloaded & run adaware, junkware removal, RKILL and autoruns and have logs should I post them all here?

Thank you in advance for your help!

Shauna

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:12 AM

Posted 06 February 2013 - 10:36 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log(Do not click on FIXMBR)

Post the log results here.If you get crashes in normal mode,run it in safemode with networking


Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply.Ignore it if there are no detected threats.

#3 shauna78

shauna78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 06 February 2013 - 03:53 PM

16:31:17.0412 8104 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:31:18.0278 8104 ============================================================
16:31:18.0278 8104 Current date / time: 2013/02/06 16:31:18.0278
16:31:18.0278 8104 SystemInfo:
16:31:18.0279 8104
16:31:18.0279 8104 OS Version: 6.1.7601 ServicePack: 1.0
16:31:18.0279 8104 Product type: Workstation
16:31:18.0280 8104 ComputerName: SHAUNA-HP
16:31:18.0280 8104 UserName: Shauna
16:31:18.0280 8104 Windows directory: C:\Windows
16:31:18.0281 8104 System windows directory: C:\Windows
16:31:18.0281 8104 Running under WOW64
16:31:18.0281 8104 Processor architecture: Intel x64
16:31:18.0281 8104 Number of processors: 2
16:31:18.0281 8104 Page size: 0x1000
16:31:18.0281 8104 Boot type: Normal boot
16:31:18.0281 8104 ============================================================
16:31:19.0387 8104 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:31:19.0399 8104 ============================================================
16:31:19.0399 8104 \Device\Harddisk0\DR0:
16:31:19.0400 8104 MBR partitions:
16:31:19.0400 8104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:31:19.0400 8104 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37CB2000
16:31:19.0400 8104 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37D16000, BlocksNum 0x1E80000
16:31:19.0400 8104 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
16:31:19.0400 8104 ============================================================
16:31:19.0448 8104 C: <-> \Device\Harddisk0\DR0\Partition2
16:31:19.0506 8104 D: <-> \Device\Harddisk0\DR0\Partition3
16:31:19.0524 8104 E: <-> \Device\Harddisk0\DR0\Partition4
16:31:19.0525 8104 ============================================================
16:31:19.0525 8104 Initialize success
16:31:19.0526 8104 ============================================================
16:31:44.0306 12176 ============================================================
16:31:44.0306 12176 Scan started
16:31:44.0307 12176 Mode: Manual; TDLFS;
16:31:44.0307 12176 ============================================================
16:31:45.0367 12176 ================ Scan system memory ========================
16:31:45.0368 12176 System memory - ok
16:31:45.0369 12176 ================ Scan services =============================
16:31:45.0676 12176 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:31:45.0685 12176 1394ohci - ok
16:31:45.0736 12176 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:31:45.0747 12176 ACPI - ok
16:31:45.0786 12176 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:31:45.0793 12176 AcpiPmi - ok
16:31:46.0009 12176 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:31:46.0013 12176 AdobeARMservice - ok
16:31:46.0169 12176 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:31:46.0177 12176 AdobeFlashPlayerUpdateSvc - ok
16:31:46.0233 12176 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:31:46.0247 12176 adp94xx - ok
16:31:46.0305 12176 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:31:46.0317 12176 adpahci - ok
16:31:46.0391 12176 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:31:46.0398 12176 adpu320 - ok
16:31:46.0440 12176 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:31:46.0443 12176 AeLookupSvc - ok
16:31:46.0504 12176 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:31:46.0518 12176 AFD - ok
16:31:46.0555 12176 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:31:46.0562 12176 agp440 - ok
16:31:46.0612 12176 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:31:46.0619 12176 ALG - ok
16:31:46.0659 12176 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:31:46.0663 12176 aliide - ok
16:31:46.0681 12176 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:31:46.0685 12176 amdide - ok
16:31:46.0742 12176 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:31:46.0747 12176 AmdK8 - ok
16:31:46.0771 12176 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:31:46.0776 12176 AmdPPM - ok
16:31:46.0836 12176 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:31:46.0842 12176 amdsata - ok
16:31:46.0886 12176 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:31:46.0894 12176 amdsbs - ok
16:31:46.0936 12176 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:31:46.0940 12176 amdxata - ok
16:31:46.0990 12176 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:31:46.0996 12176 AppID - ok
16:31:47.0023 12176 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:31:47.0026 12176 AppIDSvc - ok
16:31:47.0067 12176 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:31:47.0071 12176 Appinfo - ok
16:31:47.0174 12176 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:31:47.0178 12176 Apple Mobile Device - ok
16:31:47.0215 12176 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:31:47.0220 12176 arc - ok
16:31:47.0257 12176 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:31:47.0262 12176 arcsas - ok
16:31:47.0298 12176 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:31:47.0301 12176 AsyncMac - ok
16:31:47.0334 12176 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:31:47.0338 12176 atapi - ok
16:31:47.0397 12176 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:31:47.0414 12176 AudioEndpointBuilder - ok
16:31:47.0434 12176 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:31:47.0447 12176 AudioSrv - ok
16:31:47.0686 12176 [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
16:31:47.0856 12176 AVGIDSAgent - ok
16:31:47.0919 12176 [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:31:47.0925 12176 AVGIDSDriver - ok
16:31:47.0976 12176 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
16:31:47.0980 12176 AVGIDSFilter - ok
16:31:48.0020 12176 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
16:31:48.0024 12176 AVGIDSHA - ok
16:31:48.0091 12176 [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
16:31:48.0100 12176 Avgldx64 - ok
16:31:48.0130 12176 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
16:31:48.0136 12176 Avgmfx64 - ok
16:31:48.0198 12176 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
16:31:48.0202 12176 Avgrkx64 - ok
16:31:48.0246 12176 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
16:31:48.0258 12176 Avgtdia - ok
16:31:48.0288 12176 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:31:48.0294 12176 avgwd - ok
16:31:48.0348 12176 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:31:48.0353 12176 AxInstSV - ok
16:31:48.0398 12176 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:31:48.0412 12176 b06bdrv - ok
16:31:48.0452 12176 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:31:48.0461 12176 b57nd60a - ok
16:31:48.0522 12176 [ 7F46A03C1890D47EF594995DD374C637 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
16:31:48.0528 12176 bcbtums - ok
16:31:48.0687 12176 [ 461E574D7967E895640109A371A912A5 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:31:48.0837 12176 BCM43XX - ok
16:31:48.0870 12176 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:31:48.0875 12176 BDESVC - ok
16:31:48.0906 12176 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:31:48.0911 12176 Beep - ok
16:31:48.0970 12176 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:31:48.0986 12176 BFE - ok
16:31:49.0034 12176 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:31:49.0055 12176 BITS - ok
16:31:49.0086 12176 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:31:49.0091 12176 blbdrive - ok
16:31:49.0181 12176 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:31:49.0193 12176 Bonjour Service - ok
16:31:49.0231 12176 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:31:49.0238 12176 bowser - ok
16:31:49.0269 12176 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:31:49.0274 12176 BrFiltLo - ok
16:31:49.0303 12176 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:31:49.0307 12176 BrFiltUp - ok
16:31:49.0358 12176 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:31:49.0363 12176 Browser - ok
16:31:49.0399 12176 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:31:49.0413 12176 Brserid - ok
16:31:49.0436 12176 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:31:49.0443 12176 BrSerWdm - ok
16:31:49.0471 12176 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:31:49.0475 12176 BrUsbMdm - ok
16:31:49.0511 12176 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:31:49.0515 12176 BrUsbSer - ok
16:31:49.0554 12176 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:31:49.0569 12176 BthEnum - ok
16:31:49.0614 12176 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:31:49.0620 12176 BTHMODEM - ok
16:31:49.0658 12176 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:31:49.0664 12176 BthPan - ok
16:31:49.0714 12176 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
16:31:49.0728 12176 BTHPORT - ok
16:31:49.0756 12176 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:31:49.0761 12176 bthserv - ok
16:31:49.0792 12176 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
16:31:49.0798 12176 BTHUSB - ok
16:31:49.0866 12176 [ 0D9F24D24FE52D16F97E758F36FA54BB ] btwampfl C:\Windows\system32\DRIVERS\btwampfl.sys
16:31:49.0881 12176 btwampfl - ok
16:31:49.0908 12176 [ 1D007889460CEE1BDF1009E054379706 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:31:49.0915 12176 btwaudio - ok
16:31:49.0934 12176 [ 3DF5971BE52709618FD3959033E654F7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
16:31:49.0941 12176 btwavdt - ok
16:31:50.0020 12176 [ EB3C8EB163E437CEAE2B738ED99F35C5 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:31:50.0047 12176 btwdins - ok
16:31:50.0079 12176 [ 41933521A618475644B6E8D8487AF326 ] BTWDPAN C:\Windows\system32\DRIVERS\btwdpan.sys
16:31:50.0084 12176 BTWDPAN - ok
16:31:50.0109 12176 [ B9354F9F111C64F2495B60F1E24CB453 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:31:50.0114 12176 btwl2cap - ok
16:31:50.0151 12176 [ 745D388376D354B806102B78CE1DE611 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:31:50.0154 12176 btwrchid - ok
16:31:50.0191 12176 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:31:50.0197 12176 cdfs - ok
16:31:50.0244 12176 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:31:50.0250 12176 cdrom - ok
16:31:50.0279 12176 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:31:50.0283 12176 CertPropSvc - ok
16:31:50.0325 12176 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:31:50.0329 12176 circlass - ok
16:31:50.0373 12176 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:31:50.0384 12176 CLFS - ok
16:31:50.0467 12176 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:31:50.0491 12176 clr_optimization_v2.0.50727_32 - ok
16:31:50.0571 12176 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:31:50.0577 12176 clr_optimization_v2.0.50727_64 - ok
16:31:50.0670 12176 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:31:50.0675 12176 clr_optimization_v4.0.30319_32 - ok
16:31:50.0758 12176 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:31:50.0763 12176 clr_optimization_v4.0.30319_64 - ok
16:31:50.0802 12176 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
16:31:50.0807 12176 clwvd - ok
16:31:50.0871 12176 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:31:50.0875 12176 CmBatt - ok
16:31:50.0906 12176 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:31:50.0910 12176 cmdide - ok
16:31:50.0976 12176 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:31:50.0997 12176 CNG - ok
16:31:51.0032 12176 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:31:51.0036 12176 Compbatt - ok
16:31:51.0092 12176 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:31:51.0096 12176 CompositeBus - ok
16:31:51.0121 12176 COMSysApp - ok
16:31:51.0146 12176 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:31:51.0150 12176 crcdisk - ok
16:31:51.0208 12176 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:31:51.0217 12176 CryptSvc - ok
16:31:51.0304 12176 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:31:51.0328 12176 DcomLaunch - ok
16:31:51.0369 12176 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:31:51.0378 12176 defragsvc - ok
16:31:51.0411 12176 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:31:51.0418 12176 DfsC - ok
16:31:51.0476 12176 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:31:51.0498 12176 Dhcp - ok
16:31:51.0533 12176 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:31:51.0537 12176 discache - ok
16:31:51.0589 12176 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:31:51.0594 12176 Disk - ok
16:31:51.0633 12176 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:31:51.0640 12176 Dnscache - ok
16:31:51.0669 12176 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:31:51.0678 12176 dot3svc - ok
16:31:51.0728 12176 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
16:31:51.0741 12176 dot4 - ok
16:31:51.0782 12176 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:31:51.0840 12176 Dot4Print - ok
16:31:51.0869 12176 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
16:31:51.0873 12176 dot4usb - ok
16:31:51.0940 12176 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:31:51.0947 12176 DPS - ok
16:31:52.0045 12176 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:31:52.0048 12176 drmkaud - ok
16:31:52.0106 12176 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:31:52.0129 12176 DXGKrnl - ok
16:31:52.0166 12176 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:31:52.0171 12176 EapHost - ok
16:31:52.0292 12176 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:31:52.0396 12176 ebdrv - ok
16:31:52.0439 12176 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:31:52.0444 12176 EFS - ok
16:31:52.0518 12176 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:31:52.0535 12176 ehRecvr - ok
16:31:52.0564 12176 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:31:52.0573 12176 ehSched - ok
16:31:52.0627 12176 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:31:52.0641 12176 elxstor - ok
16:31:52.0682 12176 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:31:52.0698 12176 ErrDev - ok
16:31:52.0761 12176 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:31:52.0772 12176 EventSystem - ok
16:31:52.0813 12176 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:31:52.0834 12176 exfat - ok
16:31:52.0855 12176 ezSharedSvc - ok
16:31:52.0912 12176 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:31:52.0920 12176 fastfat - ok
16:31:52.0983 12176 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:31:53.0000 12176 Fax - ok
16:31:53.0015 12176 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:31:53.0019 12176 fdc - ok
16:31:53.0051 12176 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:31:53.0054 12176 fdPHost - ok
16:31:53.0075 12176 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:31:53.0081 12176 FDResPub - ok
16:31:53.0121 12176 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:31:53.0125 12176 FileInfo - ok
16:31:53.0143 12176 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:31:53.0151 12176 Filetrace - ok
16:31:53.0167 12176 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:31:53.0171 12176 flpydisk - ok
16:31:53.0205 12176 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:31:53.0215 12176 FltMgr - ok
16:31:53.0276 12176 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:31:53.0322 12176 FontCache - ok
16:31:53.0395 12176 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:31:53.0410 12176 FontCache3.0.0.0 - ok
16:31:53.0433 12176 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:31:53.0438 12176 FsDepends - ok
16:31:53.0488 12176 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:31:53.0499 12176 Fs_Rec - ok
16:31:53.0528 12176 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:31:53.0535 12176 fvevol - ok
16:31:53.0583 12176 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:31:53.0589 12176 gagp30kx - ok
16:31:53.0662 12176 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:31:53.0677 12176 GamesAppService - ok
16:31:53.0731 12176 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:31:53.0735 12176 GEARAspiWDM - ok
16:31:53.0787 12176 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:31:53.0810 12176 gpsvc - ok
16:31:53.0854 12176 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:31:53.0859 12176 hcw85cir - ok
16:31:53.0922 12176 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:31:53.0934 12176 HdAudAddService - ok
16:31:54.0019 12176 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:31:54.0025 12176 HDAudBus - ok
16:31:54.0065 12176 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:31:54.0069 12176 HidBatt - ok
16:31:54.0093 12176 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:31:54.0100 12176 HidBth - ok
16:31:54.0140 12176 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:31:54.0145 12176 HidIr - ok
16:31:54.0185 12176 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:31:54.0191 12176 hidserv - ok
16:31:54.0242 12176 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:31:54.0248 12176 HidUsb - ok
16:31:54.0293 12176 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:31:54.0300 12176 hkmsvc - ok
16:31:54.0327 12176 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:31:54.0336 12176 HomeGroupListener - ok
16:31:54.0364 12176 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:31:54.0385 12176 HomeGroupProvider - ok
16:31:54.0512 12176 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:31:54.0521 12176 HP Support Assistant Service - ok
16:31:54.0585 12176 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:31:54.0604 12176 HPClientSvc - ok
16:31:54.0692 12176 [ 8F123D1FA65ADECEA0244C615EA95DFA ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
16:31:54.0717 12176 hpCMSrv - ok
16:31:54.0829 12176 [ 9BFDA0BC109EB6D16F2CB862BB85E28C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:31:54.0848 12176 HPDrvMntSvc.exe - ok
16:31:54.0974 12176 [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:31:55.0020 12176 hpqwmiex - ok
16:31:55.0049 12176 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:31:55.0055 12176 HpSAMD - ok
16:31:55.0550 12176 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Users\Shauna\AppData\Local\Temp\7zS14A6\hpslpsvc64.dll
16:31:55.0607 12176 HPSLPSVC - ok
16:31:55.0698 12176 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:31:55.0701 12176 HPWMISVC - ok
16:31:55.0768 12176 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:31:55.0786 12176 HTTP - ok
16:31:55.0804 12176 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:31:55.0815 12176 hwpolicy - ok
16:31:55.0885 12176 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:31:55.0893 12176 i8042prt - ok
16:31:55.0945 12176 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:31:55.0955 12176 iaStor - ok
16:31:56.0075 12176 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:31:56.0087 12176 IAStorDataMgrSvc - ok
16:31:56.0146 12176 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:31:56.0157 12176 iaStorV - ok
16:31:56.0354 12176 [ D22D82D74FD1B6C77E7556DBDC3EA9D2 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:31:56.0441 12176 IconMan_R - ok
16:31:56.0509 12176 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:31:56.0531 12176 idsvc - ok
16:31:56.0934 12176 [ 6383899C5F964D71B0F96B81FBE59BB8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:31:57.0265 12176 igfx - ok
16:31:57.0314 12176 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:31:57.0321 12176 iirsp - ok
16:31:57.0382 12176 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:31:57.0404 12176 IKEEXT - ok
16:31:57.0458 12176 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:31:57.0469 12176 IntcDAud - ok
16:31:57.0500 12176 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:31:57.0513 12176 intelide - ok
16:31:57.0563 12176 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:31:57.0571 12176 intelppm - ok
16:31:57.0612 12176 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:31:57.0627 12176 IPBusEnum - ok
16:31:57.0656 12176 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:31:57.0661 12176 IpFilterDriver - ok
16:31:57.0732 12176 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:31:57.0763 12176 iphlpsvc - ok
16:31:57.0789 12176 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:31:57.0794 12176 IPMIDRV - ok
16:31:57.0851 12176 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:31:57.0859 12176 IPNAT - ok
16:31:57.0950 12176 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:31:57.0967 12176 iPod Service - ok
16:31:58.0000 12176 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:31:58.0004 12176 IRENUM - ok
16:31:58.0035 12176 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:31:58.0039 12176 isapnp - ok
16:31:58.0064 12176 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:31:58.0074 12176 iScsiPrt - ok
16:31:58.0113 12176 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:31:58.0117 12176 kbdclass - ok
16:31:58.0160 12176 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:31:58.0179 12176 kbdhid - ok
16:31:58.0216 12176 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:31:58.0223 12176 KeyIso - ok
16:31:58.0264 12176 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:31:58.0269 12176 KSecDD - ok
16:31:58.0300 12176 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:31:58.0309 12176 KSecPkg - ok
16:31:58.0349 12176 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:31:58.0360 12176 ksthunk - ok
16:31:58.0406 12176 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:31:58.0419 12176 KtmRm - ok
16:31:58.0468 12176 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:31:58.0478 12176 LanmanServer - ok
16:31:58.0518 12176 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:31:58.0526 12176 LanmanWorkstation - ok
16:31:58.0559 12176 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:31:58.0564 12176 lltdio - ok
16:31:58.0623 12176 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:31:58.0634 12176 lltdsvc - ok
16:31:58.0661 12176 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:31:58.0666 12176 lmhosts - ok
16:31:58.0722 12176 [ D75C4B4A8FE6D7FD74A7EECDBAEC729F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:31:58.0732 12176 LMS - ok
16:31:58.0774 12176 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:31:58.0780 12176 LSI_FC - ok
16:31:58.0823 12176 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:31:58.0828 12176 LSI_SAS - ok
16:31:58.0876 12176 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:31:58.0881 12176 LSI_SAS2 - ok
16:31:58.0907 12176 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:31:58.0913 12176 LSI_SCSI - ok
16:31:58.0951 12176 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:31:58.0957 12176 luafv - ok
16:31:58.0995 12176 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:31:59.0010 12176 Mcx2Svc - ok
16:31:59.0044 12176 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:31:59.0048 12176 megasas - ok
16:31:59.0107 12176 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:31:59.0119 12176 MegaSR - ok
16:31:59.0153 12176 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:31:59.0161 12176 MEIx64 - ok
16:31:59.0238 12176 Microsoft SharePoint Workspace Audit Service - ok
16:31:59.0291 12176 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:31:59.0308 12176 MMCSS - ok
16:31:59.0332 12176 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:31:59.0336 12176 Modem - ok
16:31:59.0365 12176 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:31:59.0369 12176 monitor - ok
16:31:59.0416 12176 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:31:59.0425 12176 mouclass - ok
16:31:59.0469 12176 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:31:59.0473 12176 mouhid - ok
16:31:59.0497 12176 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:31:59.0501 12176 mountmgr - ok
16:31:59.0527 12176 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:31:59.0533 12176 mpio - ok
16:31:59.0575 12176 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:31:59.0581 12176 mpsdrv - ok
16:31:59.0650 12176 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:31:59.0682 12176 MpsSvc - ok
16:31:59.0709 12176 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:31:59.0715 12176 MRxDAV - ok
16:31:59.0752 12176 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:31:59.0767 12176 mrxsmb - ok
16:31:59.0819 12176 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:31:59.0829 12176 mrxsmb10 - ok
16:31:59.0883 12176 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:31:59.0900 12176 mrxsmb20 - ok
16:31:59.0940 12176 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:31:59.0945 12176 msahci - ok
16:31:59.0967 12176 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:31:59.0975 12176 msdsm - ok
16:31:59.0997 12176 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:32:00.0012 12176 MSDTC - ok
16:32:00.0063 12176 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:32:00.0073 12176 Msfs - ok
16:32:00.0104 12176 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:32:00.0111 12176 mshidkmdf - ok
16:32:00.0135 12176 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:32:00.0138 12176 msisadrv - ok
16:32:00.0187 12176 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:32:00.0195 12176 MSiSCSI - ok
16:32:00.0204 12176 msiserver - ok
16:32:00.0252 12176 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:32:00.0262 12176 MSKSSRV - ok
16:32:00.0283 12176 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:32:00.0287 12176 MSPCLOCK - ok
16:32:00.0307 12176 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:32:00.0310 12176 MSPQM - ok
16:32:00.0338 12176 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:32:00.0351 12176 MsRPC - ok
16:32:00.0388 12176 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:32:00.0407 12176 mssmbios - ok
16:32:00.0453 12176 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:32:00.0468 12176 MSTEE - ok
16:32:00.0489 12176 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:32:00.0494 12176 MTConfig - ok
16:32:00.0534 12176 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:32:00.0539 12176 Mup - ok
16:32:00.0588 12176 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:32:00.0602 12176 napagent - ok
16:32:00.0697 12176 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:32:00.0709 12176 NativeWifiP - ok
16:32:00.0772 12176 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:32:00.0794 12176 NDIS - ok
16:32:00.0829 12176 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:32:00.0833 12176 NdisCap - ok
16:32:00.0878 12176 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:32:00.0882 12176 NdisTapi - ok
16:32:00.0899 12176 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:32:00.0904 12176 Ndisuio - ok
16:32:00.0919 12176 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:32:00.0926 12176 NdisWan - ok
16:32:00.0951 12176 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:32:00.0956 12176 NDProxy - ok
16:32:00.0983 12176 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:32:00.0988 12176 NetBIOS - ok
16:32:01.0013 12176 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:32:01.0021 12176 NetBT - ok
16:32:01.0039 12176 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:32:01.0043 12176 Netlogon - ok
16:32:01.0101 12176 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:32:01.0113 12176 Netman - ok
16:32:01.0147 12176 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:32:01.0160 12176 netprofm - ok
16:32:01.0209 12176 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:32:01.0215 12176 NetTcpPortSharing - ok
16:32:01.0258 12176 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:32:01.0264 12176 nfrd960 - ok
16:32:01.0325 12176 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:32:01.0350 12176 NlaSvc - ok
16:32:01.0378 12176 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:32:01.0382 12176 Npfs - ok
16:32:01.0418 12176 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:32:01.0432 12176 nsi - ok
16:32:01.0456 12176 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:32:01.0460 12176 nsiproxy - ok
16:32:01.0565 12176 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:32:01.0623 12176 Ntfs - ok
16:32:01.0654 12176 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:32:01.0667 12176 Null - ok
16:32:01.0707 12176 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
16:32:01.0722 12176 NVENETFD - ok
16:32:01.0751 12176 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:32:01.0758 12176 nvraid - ok
16:32:01.0796 12176 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:32:01.0812 12176 nvstor - ok
16:32:01.0842 12176 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:32:01.0849 12176 nv_agp - ok
16:32:01.0875 12176 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:32:01.0880 12176 ohci1394 - ok
16:32:01.0941 12176 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:32:01.0957 12176 ose - ok
16:32:02.0385 12176 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:32:02.0534 12176 osppsvc - ok
16:32:02.0595 12176 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:32:02.0617 12176 p2pimsvc - ok
16:32:02.0659 12176 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:32:02.0681 12176 p2psvc - ok
16:32:02.0709 12176 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:32:02.0718 12176 Parport - ok
16:32:02.0749 12176 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:32:02.0765 12176 partmgr - ok
16:32:02.0804 12176 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:32:02.0813 12176 PcaSvc - ok
16:32:02.0836 12176 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:32:02.0843 12176 pci - ok
16:32:02.0884 12176 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:32:02.0888 12176 pciide - ok
16:32:02.0925 12176 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:32:02.0943 12176 pcmcia - ok
16:32:02.0985 12176 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:32:02.0990 12176 pcw - ok
16:32:03.0021 12176 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:32:03.0038 12176 PEAUTH - ok
16:32:03.0174 12176 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:32:03.0190 12176 PerfHost - ok
16:32:03.0276 12176 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:32:03.0345 12176 pla - ok
16:32:03.0439 12176 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:32:03.0452 12176 PlugPlay - ok
16:32:03.0503 12176 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:32:03.0528 12176 PNRPAutoReg - ok
16:32:03.0561 12176 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:32:03.0571 12176 PNRPsvc - ok
16:32:03.0636 12176 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:32:03.0656 12176 PolicyAgent - ok
16:32:03.0706 12176 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:32:03.0727 12176 Power - ok
16:32:03.0781 12176 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:32:03.0804 12176 PptpMiniport - ok
16:32:03.0879 12176 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:32:03.0892 12176 Processor - ok
16:32:03.0955 12176 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:32:03.0963 12176 ProfSvc - ok
16:32:03.0983 12176 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:32:03.0988 12176 ProtectedStorage - ok
16:32:04.0020 12176 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:32:04.0025 12176 Psched - ok
16:32:04.0113 12176 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:32:04.0170 12176 ql2300 - ok
16:32:04.0202 12176 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:32:04.0228 12176 ql40xx - ok
16:32:04.0272 12176 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:32:04.0281 12176 QWAVE - ok
16:32:04.0319 12176 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:32:04.0324 12176 QWAVEdrv - ok
16:32:04.0548 12176 [ 18550A3A292031F8E26A94311A427ADB ] RapportCerberus_50022 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_50022.sys
16:32:04.0609 12176 RapportCerberus_50022 - ok
16:32:04.0720 12176 [ E3AE78C0F00A5E3792A1A3BCA33B6DF3 ] RapportCerberus_50414 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\50414\RapportCerberus64_50414.sys
16:32:04.0737 12176 RapportCerberus_50414 - ok
16:32:04.0851 12176 [ 1D87BDDD9E808736303110F90FF6A708 ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
16:32:04.0859 12176 RapportEI64 - ok
16:32:04.0994 12176 [ EE86BA861726741F03A786EEC847A0F7 ] RapportIaso c:\programdata\trusteer\rapport\store\exts\rapportms\46125\rapportiaso64.sys
16:32:04.0999 12176 RapportIaso - ok
16:32:05.0085 12176 [ 41AFB2D12F6C9DB9DD246FFF23D1FA63 ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys
16:32:05.0105 12176 RapportKE64 - ok
16:32:05.0195 12176 [ 2DA5E21B3795396BC56AEF9E85638001 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
16:32:05.0214 12176 RapportMgmtService - ok
16:32:05.0318 12176 [ 95BB56510FACEF1D27758ACC5627E406 ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
16:32:05.0352 12176 RapportPG64 - ok
16:32:05.0393 12176 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:32:05.0397 12176 RasAcd - ok
16:32:05.0419 12176 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:32:05.0424 12176 RasAgileVpn - ok
16:32:05.0462 12176 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:32:05.0477 12176 RasAuto - ok
16:32:05.0512 12176 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:32:05.0518 12176 Rasl2tp - ok
16:32:05.0557 12176 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:32:05.0575 12176 RasMan - ok
16:32:05.0612 12176 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:32:05.0618 12176 RasPppoe - ok
16:32:05.0631 12176 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:32:05.0639 12176 RasSstp - ok
16:32:05.0659 12176 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:32:05.0668 12176 rdbss - ok
16:32:05.0695 12176 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:32:05.0713 12176 rdpbus - ok
16:32:05.0761 12176 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:32:05.0776 12176 RDPCDD - ok
16:32:05.0818 12176 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:32:05.0822 12176 RDPENCDD - ok
16:32:05.0854 12176 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:32:05.0872 12176 RDPREFMP - ok
16:32:05.0910 12176 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:32:05.0924 12176 RDPWD - ok
16:32:05.0965 12176 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:32:05.0974 12176 rdyboost - ok
16:32:06.0021 12176 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:32:06.0027 12176 RemoteAccess - ok
16:32:06.0060 12176 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:32:06.0079 12176 RemoteRegistry - ok
16:32:06.0118 12176 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:32:06.0126 12176 RFCOMM - ok
16:32:06.0178 12176 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:32:06.0188 12176 RpcEptMapper - ok
16:32:06.0219 12176 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:32:06.0223 12176 RpcLocator - ok
16:32:06.0259 12176 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:32:06.0272 12176 RpcSs - ok
16:32:06.0311 12176 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
16:32:06.0319 12176 RSPCIESTOR - ok
16:32:06.0375 12176 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:32:06.0389 12176 rspndr - ok
16:32:06.0444 12176 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:32:06.0465 12176 RTL8167 - ok
16:32:06.0484 12176 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:32:06.0490 12176 SamSs - ok
16:32:06.0539 12176 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:32:06.0558 12176 sbp2port - ok
16:32:06.0596 12176 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:32:06.0607 12176 SCardSvr - ok
16:32:06.0644 12176 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:32:06.0657 12176 scfilter - ok
16:32:06.0752 12176 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:32:06.0819 12176 Schedule - ok
16:32:06.0868 12176 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:32:06.0872 12176 SCPolicySvc - ok
16:32:06.0917 12176 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:32:06.0923 12176 sdbus - ok
16:32:06.0991 12176 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:32:07.0000 12176 SDRSVC - ok
16:32:07.0042 12176 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:32:07.0047 12176 secdrv - ok
16:32:07.0072 12176 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:32:07.0097 12176 seclogon - ok
16:32:07.0136 12176 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:32:07.0143 12176 SENS - ok
16:32:07.0200 12176 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:32:07.0217 12176 SensrSvc - ok
16:32:07.0263 12176 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:32:07.0267 12176 Serenum - ok
16:32:07.0299 12176 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:32:07.0304 12176 Serial - ok
16:32:07.0352 12176 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:32:07.0356 12176 sermouse - ok
16:32:07.0455 12176 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:32:07.0472 12176 SessionEnv - ok
16:32:07.0502 12176 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:32:07.0508 12176 sffdisk - ok
16:32:07.0533 12176 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:32:07.0537 12176 sffp_mmc - ok
16:32:07.0557 12176 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:32:07.0561 12176 sffp_sd - ok
16:32:07.0589 12176 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:32:07.0595 12176 sfloppy - ok
16:32:07.0631 12176 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:32:07.0644 12176 SharedAccess - ok
16:32:07.0678 12176 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:32:07.0690 12176 ShellHWDetection - ok
16:32:07.0738 12176 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:32:07.0759 12176 SiSRaid2 - ok
16:32:07.0809 12176 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:32:07.0830 12176 SiSRaid4 - ok
16:32:07.0889 12176 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:32:07.0897 12176 Smb - ok
16:32:07.0976 12176 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:32:07.0996 12176 SNMPTRAP - ok
16:32:08.0033 12176 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:32:08.0037 12176 spldr - ok
16:32:08.0086 12176 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:32:08.0102 12176 Spooler - ok
16:32:08.0324 12176 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:32:08.0426 12176 sppsvc - ok
16:32:08.0447 12176 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:32:08.0452 12176 sppuinotify - ok
16:32:08.0493 12176 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:32:08.0503 12176 srv - ok
16:32:08.0530 12176 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:32:08.0539 12176 srv2 - ok
16:32:08.0589 12176 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:32:08.0599 12176 SrvHsfHDA - ok
16:32:08.0655 12176 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:32:08.0686 12176 SrvHsfV92 - ok
16:32:08.0722 12176 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:32:08.0739 12176 SrvHsfWinac - ok
16:32:08.0771 12176 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:32:08.0780 12176 srvnet - ok
16:32:08.0825 12176 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:32:08.0833 12176 SSDPSRV - ok
16:32:08.0856 12176 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:32:08.0862 12176 SstpSvc - ok
16:32:08.0939 12176 [ 7BF818B11C1FEDC3E76D233124470A30 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:32:08.0947 12176 STacSV - ok
16:32:08.0965 12176 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:32:08.0968 12176 stexstor - ok
16:32:09.0023 12176 [ EBC1A5E076A9BE314D3D9E8ED19ABB0A ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:32:09.0039 12176 STHDA - ok
16:32:09.0093 12176 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:32:09.0096 12176 StillCam - ok
16:32:09.0142 12176 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:32:09.0157 12176 stisvc - ok
16:32:09.0172 12176 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:32:09.0177 12176 swenum - ok
16:32:09.0222 12176 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:32:09.0234 12176 swprv - ok
16:32:09.0337 12176 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:32:09.0405 12176 SynTP - ok
16:32:09.0489 12176 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:32:09.0552 12176 SysMain - ok
16:32:09.0591 12176 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:32:09.0602 12176 TabletInputService - ok
16:32:09.0628 12176 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:32:09.0641 12176 TapiSrv - ok
16:32:09.0679 12176 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:32:09.0686 12176 TBS - ok
16:32:09.0817 12176 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:32:09.0893 12176 Tcpip - ok
16:32:09.0990 12176 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:32:10.0020 12176 TCPIP6 - ok
16:32:10.0064 12176 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:32:10.0069 12176 tcpipreg - ok
16:32:10.0133 12176 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:32:10.0137 12176 TDPIPE - ok
16:32:10.0183 12176 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:32:10.0187 12176 TDTCP - ok
16:32:10.0229 12176 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:32:10.0235 12176 tdx - ok
16:32:10.0274 12176 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:32:10.0279 12176 TermDD - ok
16:32:10.0323 12176 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:32:10.0393 12176 TermService - ok
16:32:10.0424 12176 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:32:10.0454 12176 Themes - ok
16:32:10.0503 12176 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:32:10.0508 12176 THREADORDER - ok
16:32:10.0567 12176 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:32:10.0585 12176 TrkWks - ok
16:32:10.0644 12176 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:32:10.0653 12176 TrustedInstaller - ok
16:32:10.0697 12176 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:32:10.0712 12176 tssecsrv - ok
16:32:10.0753 12176 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:32:10.0759 12176 TsUsbFlt - ok
16:32:10.0796 12176 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:32:10.0812 12176 TsUsbGD - ok
16:32:10.0864 12176 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:32:10.0879 12176 tunnel - ok
16:32:10.0916 12176 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:32:10.0921 12176 uagp35 - ok
16:32:10.0960 12176 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:32:10.0970 12176 udfs - ok
16:32:11.0027 12176 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:32:11.0034 12176 UI0Detect - ok
16:32:11.0060 12176 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:32:11.0066 12176 uliagpkx - ok
16:32:11.0110 12176 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:32:11.0117 12176 umbus - ok
16:32:11.0150 12176 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:32:11.0154 12176 UmPass - ok
16:32:11.0416 12176 [ 758C2CE427C343F780A205E28555C98D ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:32:11.0503 12176 UNS - ok
16:32:11.0553 12176 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:32:11.0578 12176 upnphost - ok
16:32:11.0619 12176 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:32:11.0663 12176 USBAAPL64 - ok
16:32:11.0709 12176 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:32:11.0725 12176 usbccgp - ok
16:32:11.0769 12176 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:32:11.0775 12176 usbcir - ok
16:32:11.0843 12176 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:32:11.0848 12176 usbehci - ok
16:32:11.0914 12176 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:32:11.0924 12176 usbhub - ok
16:32:11.0962 12176 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:32:11.0968 12176 usbohci - ok
16:32:12.0009 12176 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:32:12.0013 12176 usbprint - ok
16:32:12.0068 12176 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:32:12.0086 12176 usbscan - ok
16:32:12.0136 12176 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:32:12.0153 12176 USBSTOR - ok
16:32:12.0183 12176 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:32:12.0187 12176 usbuhci - ok
16:32:12.0236 12176 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:32:12.0251 12176 usbvideo - ok
16:32:12.0290 12176 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:32:12.0296 12176 UxSms - ok
16:32:12.0328 12176 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:32:12.0333 12176 VaultSvc - ok
16:32:12.0388 12176 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:32:12.0409 12176 vdrvroot - ok
16:32:12.0457 12176 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:32:12.0491 12176 vds - ok
16:32:12.0539 12176 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:32:12.0560 12176 vga - ok
16:32:12.0587 12176 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:32:12.0591 12176 VgaSave - ok
16:32:12.0626 12176 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:32:12.0634 12176 vhdmp - ok
16:32:12.0669 12176 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:32:12.0693 12176 viaide - ok
16:32:12.0729 12176 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:32:12.0738 12176 volmgr - ok
16:32:12.0820 12176 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:32:12.0865 12176 volmgrx - ok
16:32:12.0912 12176 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:32:12.0921 12176 volsnap - ok
16:32:12.0955 12176 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:32:12.0962 12176 vsmraid - ok
16:32:13.0088 12176 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:32:13.0151 12176 VSS - ok
16:32:13.0196 12176 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:32:13.0201 12176 vwifibus - ok
16:32:13.0227 12176 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:32:13.0233 12176 vwififlt - ok
16:32:13.0284 12176 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:32:13.0310 12176 W32Time - ok
16:32:13.0347 12176 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:32:13.0354 12176 WacomPen - ok
16:32:13.0421 12176 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:32:13.0426 12176 WANARP - ok
16:32:13.0440 12176 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:32:13.0445 12176 Wanarpv6 - ok
16:32:13.0533 12176 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:32:13.0593 12176 WatAdminSvc - ok
16:32:13.0703 12176 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:32:13.0768 12176 wbengine - ok
16:32:13.0801 12176 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:32:13.0822 12176 WbioSrvc - ok
16:32:13.0862 12176 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:32:13.0875 12176 wcncsvc - ok
16:32:13.0899 12176 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:32:13.0919 12176 WcsPlugInService - ok
16:32:13.0952 12176 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:32:13.0957 12176 Wd - ok
16:32:14.0012 12176 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:32:14.0032 12176 Wdf01000 - ok
16:32:14.0078 12176 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:32:14.0097 12176 WdiServiceHost - ok
16:32:14.0112 12176 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:32:14.0120 12176 WdiSystemHost - ok
16:32:14.0161 12176 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:32:14.0182 12176 WebClient - ok
16:32:14.0228 12176 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:32:14.0238 12176 Wecsvc - ok
16:32:14.0261 12176 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:32:14.0271 12176 wercplsupport - ok
16:32:14.0312 12176 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:32:14.0329 12176 WerSvc - ok
16:32:14.0381 12176 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:32:14.0385 12176 WfpLwf - ok
16:32:14.0415 12176 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:32:14.0421 12176 WIMMount - ok
16:32:14.0446 12176 WinDefend - ok
16:32:14.0472 12176 WinHttpAutoProxySvc - ok
16:32:14.0574 12176 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:32:14.0598 12176 Winmgmt - ok
16:32:14.0769 12176 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:32:14.0849 12176 WinRM - ok
16:32:14.0930 12176 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:32:14.0935 12176 WinUsb - ok
16:32:15.0015 12176 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:32:15.0044 12176 Wlansvc - ok
16:32:15.0100 12176 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:32:15.0104 12176 wlcrasvc - ok
16:32:15.0391 12176 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:32:15.0470 12176 wlidsvc - ok
16:32:15.0500 12176 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:32:15.0504 12176 WmiAcpi - ok
16:32:15.0587 12176 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:32:15.0611 12176 wmiApSrv - ok
16:32:15.0665 12176 WMPNetworkSvc - ok
16:32:15.0712 12176 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:32:15.0718 12176 WPCSvc - ok
16:32:15.0742 12176 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:32:15.0750 12176 WPDBusEnum - ok
16:32:15.0787 12176 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:32:15.0807 12176 ws2ifsl - ok
16:32:15.0842 12176 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:32:15.0850 12176 wscsvc - ok
16:32:15.0900 12176 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:32:15.0904 12176 WSDPrintDevice - ok
16:32:15.0924 12176 WSearch - ok
16:32:16.0165 12176 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:32:16.0256 12176 wuauserv - ok
16:32:16.0307 12176 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:32:16.0313 12176 WudfPf - ok
16:32:16.0366 12176 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:32:16.0374 12176 WUDFRd - ok
16:32:16.0447 12176 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:32:16.0454 12176 wudfsvc - ok
16:32:16.0498 12176 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
16:32:16.0508 12176 WwanSvc - ok
16:32:16.0593 12176 ================ Scan global ===============================
16:32:16.0613 12176 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:32:16.0660 12176 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:32:16.0691 12176 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:32:16.0735 12176 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:32:16.0761 12176 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:32:16.0775 12176 [Global] - ok
16:32:16.0781 12176 ================ Scan MBR ==================================
16:32:16.0789 12176 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:32:17.0478 12176 \Device\Harddisk0\DR0 - ok
16:32:17.0483 12176 ================ Scan VBR ==================================
16:32:17.0495 12176 [ DE7767CD8148B374122DCC5BD3D564CB ] \Device\Harddisk0\DR0\Partition1
16:32:17.0505 12176 \Device\Harddisk0\DR0\Partition1 - ok
16:32:17.0520 12176 [ 26BAC0DCCB64B1B44228F3897CC2646F ] \Device\Harddisk0\DR0\Partition2
16:32:17.0561 12176 \Device\Harddisk0\DR0\Partition2 - ok
16:32:17.0593 12176 [ D4BB45ECD55DD0AE0335187D9BD38194 ] \Device\Harddisk0\DR0\Partition3
16:32:17.0618 12176 \Device\Harddisk0\DR0\Partition3 - ok
16:32:17.0671 12176 [ 2B018B0BF6305EF1A3E06B0C483C92A0 ] \Device\Harddisk0\DR0\Partition4
16:32:17.0673 12176 \Device\Harddisk0\DR0\Partition4 - ok
16:32:17.0674 12176 ============================================================
16:32:17.0675 12176 Scan finished
16:32:17.0675 12176 ============================================================
16:32:17.0700 9656 Detected object count: 0
16:32:17.0700 9656 Actual detected object count: 0


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-06 16:42:14
-----------------------------
16:42:14.492 OS Version: Windows x64 6.1.7601 Service Pack 1
16:42:14.493 Number of processors: 2 586 0x2A07
16:42:14.496 ComputerName: SHAUNA-HP UserName: Shauna
16:42:16.459 Initialize success
17:05:29.856 AVAST engine defs: 13020600
17:26:22.870 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:26:22.875 Disk 0 Vendor: Hitachi_ JE3O Size: 476940MB BusType: 3
17:26:22.895 Disk 0 MBR read successfully
17:26:22.900 Disk 0 MBR scan
17:26:22.923 Disk 0 Windows 7 default MBR code
17:26:22.938 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
17:26:22.966 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 457060 MB offset 409600
17:26:23.018 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15616 MB offset 936468480
17:26:23.051 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4063 MB offset 968450048
17:26:23.133 Disk 0 scanning C:\Windows\system32\drivers
17:26:41.938 Service scanning
17:27:32.673 Modules scanning
17:27:32.691 Disk 0 trace - called modules:
17:27:32.738 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:27:32.751 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004b46060]
17:27:32.763 3 CLASSPNP.SYS[fffff88001db643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049d6050]
17:27:34.563 AVAST engine scan C:\Windows
17:27:38.330 AVAST engine scan C:\Windows\system32
17:37:04.509 AVAST engine scan C:\Windows\system32\drivers
17:37:38.121 AVAST engine scan C:\Users\Shauna
17:44:42.281 Disk 0 MBR has been saved successfully to "C:\Users\Shauna\Desktop\MBR.dat"
17:44:42.317 The log file has been saved successfully to "C:\Users\Shauna\Desktop\aswMBR.txt"


C:\$Recycle.Bin\S-1-5-21-3059098159-1537013638-3568097220-1000\$RN5LFIJ.exe a variant of Win32/Adware.iBryte.D application

#4 shauna78

shauna78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 06 February 2013 - 03:56 PM

Think I've copied them all correctly!

Thank you :)

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:12 AM

Posted 06 February 2013 - 11:29 PM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop. If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download. You can also right click on the link and select Save Link As
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the Posted Image icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply

===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well

===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply

===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:

  • In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.

===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwVleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

Edited by narenxp, 07 February 2013 - 03:43 AM.


#6 shauna78

shauna78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 07 February 2013 - 06:06 PM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.02.07.11
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Shauna :: SHAUNA-HP [administrator]
 
Protection: Disabled
 
07/02/2013 22:52:55
mbam-log-2013-02-07 (22-52-55).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 261145
Time elapsed: 8 minute(s), 30 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 4
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#7 shauna78

shauna78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 07 February 2013 - 06:08 PM

MiniToolBox by Farbar  Version:10-01-2013
Ran by Shauna (administrator) on 07-02-2013 at 23:07:42
Running from "C:\Users\Shauna\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Personal Area Network = Local Area Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set subinterface interface=?$ subinterface=ethernet_9 mtu=1477
set subinterface interface=?$ subinterface=ethernet_10 mtu=1477
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Shauna-HP
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Personal Area Network
   Physical Address. . . . . . . . . : 60-D8-19-E1-BC-E8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi Adapter
   Physical Address. . . . . . . . . : E4-D5-3D-77-FE-89
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ec2c:9d9a:395b:b437%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.16(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 07 February 2013 22:43:41
   Lease Expires . . . . . . . . . . : 08 February 2013 22:43:44
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 333763901
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-0E-73-47-EC-9A-74-4A-D4-11
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : EC-9A-74-4A-D4-11
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.Home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{2DD6BBC8-FBDF-4A09-A7FD-DC431794C287}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:8fd:2ebb:3f57:ffef(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::8fd:2ebb:3f57:ffef%17(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2a00:1450:4009:803::100e
      173.194.34.110
      173.194.34.96
      173.194.34.97
      173.194.34.98
      173.194.34.99
      173.194.34.100
      173.194.34.101
      173.194.34.102
      173.194.34.103
      173.194.34.104
      173.194.34.105
 
 
Pinging google.com [173.194.34.110] with 32 bytes of data:
Reply from 173.194.34.110: bytes=32 time=74ms TTL=57
Reply from 173.194.34.110: bytes=32 time=52ms TTL=57
 
Ping statistics for 173.194.34.110:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 52ms, Maximum = 74ms, Average = 63ms
Server:  UnKnown
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=278ms TTL=50
Reply from 98.138.253.109: bytes=32 time=300ms TTL=50
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 278ms, Maximum = 300ms, Average = 289ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...60 d8 19 e1 bc e8 ......Bluetooth Personal Area Network
 13...e4 d5 3d 77 fe 89 ......Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi Adapter
 11...ec 9a 74 4a d4 11 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.16     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.16    286
     192.168.0.16  255.255.255.255         On-link      192.168.0.16    286
    192.168.0.255  255.255.255.255         On-link      192.168.0.16    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.16    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.16    286
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 17     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 17     58 2001::/32                On-link
 17    306 2001:0:5ef5:79fd:8fd:2ebb:3f57:ffef/128
                                    On-link
 13    286 fe80::/64                On-link
 17    306 fe80::/64                On-link
 17    306 fe80::8fd:2ebb:3f57:ffef/128
                                    On-link
 13    286 fe80::ec2c:9d9a:395b:b437/128
                                    On-link
  1    306 ff00::/8                 On-link
 17    306 ff00::/8                 On-link
 13    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/07/2013 10:44:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/07/2013 10:35:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/07/2013 01:28:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8424
 
Error: (02/07/2013 01:28:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8424
 
Error: (02/07/2013 01:28:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/07/2013 01:28:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7348
 
Error: (02/07/2013 01:28:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7348
 
Error: (02/07/2013 01:28:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/07/2013 01:28:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6271
 
Error: (02/07/2013 01:28:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6271
 
 
System errors:
=============
Error: (02/07/2013 10:44:49 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (02/07/2013 10:11:20 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
 
Microsoft Office Sessions:
=========================
Error: (02/07/2013 10:44:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/07/2013 10:35:46 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Shauna\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/07/2013 01:28:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8424
 
Error: (02/07/2013 01:28:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8424
 
Error: (02/07/2013 01:28:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/07/2013 01:28:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7348
 
Error: (02/07/2013 01:28:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7348
 
Error: (02/07/2013 01:28:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/07/2013 01:28:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6271
 
Error: (02/07/2013 01:28:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6271
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Reader X (10.1.5) MUI (Version: 10.1.5)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.2639)
AVG 2012 (Version: 12.1.2238)
AVG 2012 (Version: 2012.1.2238)
Bejeweled 3 (Version: 2.2.0.97)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.97)
BlueVoda Website Builder 12.5 (Version: 12.5)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.97)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.100.82.86)
Broadcom Bluetooth Software (Version: 6.5.0.1300)
Broadcom InConcert Maestro (Version: 1.0.1.1300)
Browser Manager
BrowserCompanion
Cake Mania (Version: 2.2.0.95)
Chronicles of Albian (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Cradle of Rome 2 (Version: 2.2.0.95)
CyberLink YouCam (Version: 3.5.1.4119)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
eFax Messenger (Version: 4.4.1.528)
ESET Online Scanner v3
ESU for Microsoft Windows 7 SP1 (Version: 2.1.1)
Evernote v. 4.2.3 (Version: 4.2.3.22)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.97)
Final Drive: Nitro (Version: 2.2.0.95)
Google Chrome (Version: 24.0.1312.57)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Connection Manager (Version: 4.1.23.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Deskjet 3050A J611 series Basic Device Software (Version: 25.0.571.0)
HP Deskjet 3050A J611 series Help (Version: 140.0.2.2)
HP Deskjet 3050A J611 series Product Improvement Study (Version: 25.0.571.0)
HP Documentation (Version: 1.1.1.0)
HP Games (Version: 1.0.2.5)
HP Launch Box (Version: 1.1.5)
HP On Screen Display (Version: 1.3.5)
HP Photo Creations (Version: 1.0.0.5192)
HP Power Manager (Version: 1.4.8)
HP Product Detection (Version: 11.14.0001)
HP Quick Launch (Version: 2.7.2)
HP QuickWeb (Version: 3.1.0.9742)
HP Setup (Version: 8.7.4751.3798)
HP Setup Manager (Version: 1.1.13476.3753)
HP Software Framework (Version: 4.6.10.1)
HP Support Assistant (Version: 7.0.39.15)
HP Update (Version: 5.003.000.004)
iCloud (Version: 2.1.1.3)
IDT Audio (Version: 1.0.6365.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2372)
Intel® Rapid Storage Technology (Version: 10.5.0.1026)
iTunes (Version: 11.0.1.12)
J2SE Runtime Environment 5.0 Update 2 (Version: 1.5.0.20)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Jewel Quest: The Sleepless Star - Collector's Edition (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Magic Desktop (Version: 3.0)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MusicStation (Version: 2.0.5.71)
Mystery of Mortlake Mansion (Version: 2.2.0.97)
Namco All-Stars: PAC-MAN (Version: 2.2.0.95)
Penguins! (Version: 2.2.0.95)
PHOTOfunSTUDIO 6.0 (Version: 6.00.135)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
QuickTime (Version: 7.73.80.64)
Rapport (Version: 3.5.1201.94)
Rapport (Version: 3.5.1208.18)
Realtek Ethernet Controller Driver (Version: 7.48.823.2011)
Realtek PCIE Card Reader (Version: 6.1.7600.77)
Recovery Manager (Version: 2.0.0)
Slingo Supreme (Version: 2.2.0.97)
Synaptics TouchPad Driver (Version: 15.3.11.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands (Version: 2.2.0.97)
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WildTangent Games App (HP Games) (Version: 4.0.5.36)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Zuma Deluxe (Version: 2.2.0.95)
 
========================= Devices: ================================
 
Name: Deskjet 3050A J611 series
Description: Deskjet 3050A J611 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 51%
Total physical RAM: 4043.86 MB
Available physical RAM: 1980.16 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 5487.11 MB
Total Virtual: 4095.88 MB
Available Virtual: 3956.92 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:446.35 GB) (Free:375.73 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:15.25 GB) (Free:1.69 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\SHAUNA-HP
 
Administrator            Carmel                   Guest                    
Shauna                   
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
11-01-2013 20:56:00 HPSF Applying updates
11-01-2013 21:18:50 Removed HP Quick Launch
11-01-2013 21:19:45 Installed HP Quick Launch
12-01-2013 17:47:01 Installed Rapport
30-01-2013 18:14:16 Installed Rapport
 
**** End of log ****


#8 shauna78

shauna78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 07 February 2013 - 06:12 PM

Farbar Service Scanner Version: 30-01-2013
Ran by Shauna (administrator) on 07-02-2013 at 23:11:27
Running from "C:\Users\Shauna\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#9 shauna78

shauna78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 07 February 2013 - 06:13 PM

# AdwCleaner v2.111 - Logfile created 02/07/2013 at 23:13:18
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Shauna - SHAUNA-HP
# Boot Mode : Normal
# Running from : C:\Users\Shauna\Desktop\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
File Found : C:\Users\Shauna\AppData\Local\Temp\Uninstall.exe
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\Users\Carmel\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Shauna\AppData\Local\Temp\avg@toolbar
 
***** [Registry] *****
 
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\8288d9b46fe510
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Wow6432Node\8288d9b46fe510
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Key Found : HKU\S-1-5-21-3059098159-1537013638-3568097220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16457
 
[OK] Registry is clean.
 
-\\ Google Chrome v24.0.1312.57
 
File : C:\Users\Shauna\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
Found [l.13] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://www.claro-search.com/?affID=114734&tt=261112_clro_4812_6&babsrc=HP_ss&mntrId=c4f00c9a00000000000060d819e1bce8" ]
Found [l.2464] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://www.claro-search.com/?affID=114734&tt=261112_clro_4812_6&babsrc=HP_ss&mntrId=c4f00c9a00000000000060d819e1bce8" ]
 
*************************
 
AdwCleaner[R1].txt - [8265 octets] - [06/02/2013 13:21:07]
AdwCleaner[R2].txt - [4626 octets] - [07/02/2013 23:13:18]
 
########## EOF - C:\AdwCleaner[R2].txt - [4686 octets] ##########


#10 shauna78

shauna78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 07 February 2013 - 06:34 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows 7 Home Premium x64
Ran by Shauna on 07/02/2013 at 23:15:26.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\bprotectordefaultscope 
 
 
 
~~~ Registry Keys
 
Failed to delete: [Registry Key] hkey_current_user\software\datamngr
Failed to delete: [Registry Key] hkey_local_machine\software\datamngr
Failed to delete: [Registry Key] hkey_current_user\software\datamngr_toolbar
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\windows\currentversion\ext\bprotectsettings
Failed to delete: [Registry Key] hkey_local_machine\software\wow6432node\datamngr
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Failed to delete: [Folder] "C:\ProgramData\browser manager"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/02/2013 at 23:34:03.66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#11 shauna78

shauna78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 07 February 2013 - 06:36 PM

Rkill 2.4.6 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/07/2013 11:35:36 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Windows\SysWOW64\ezSharedSvcHost.exe (PID: 1740) [SFI]
 
1 proccess terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 02/07/2013 11:36:04 PM
Execution time: 0 hours(s), 0 minute(s), and 27 seconds(s)


#12 shauna78

shauna78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 07 February 2013 - 06:40 PM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"    ""    ""    ""
+ "rdpclip"    ""    ""    "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "HotKeysCmds"    "hkcmd Module"    "Intel Corporation"    "c:\windows\system32\hkcmd.exe"
+ "IgfxTray"    "igfxTray Module"    "Intel Corporation"    "c:\windows\system32\igfxtray.exe"
+ "Persistence"    "persistence Module"    "Intel Corporation"    "c:\windows\system32\igfxpers.exe"
+ "SetDefault"    "SetDefault"    "Hewlett-Packard Development Company, L.P."    "c:\program files\hewlett-packard\hp launchbox\setdefault.exe"
+ "SynTPEnh"    "Synaptics TouchPad Enhancements"    "Synaptics Incorporated"    "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp"    "IDT PC Audio"    "IDT, Inc."    "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher"    "Adobe Acrobat SpeedLauncher"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\reader 10.0\reader\reader_sl.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_TRAY"    "AVG Tray Monitor"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgtray.exe"
+ "BCSSync"    "Microsoft Office 2010 component"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "Easybits Recovery"    ""    "EasyBits Software AS"    "c:\program files (x86)\easybits for kids\ezrecover.exe"
+ "HP Quick Launch"    "HP Message Service"    "Hewlett-Packard Development Company, L.P."    "c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe"
+ "HP Software Update"    "hpwuSchd Application"    "Hewlett-Packard"    "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "HPConnectionManager"    "HPCMDelayStart Application"    "Hewlett-Packard Development Company L.P."    "c:\program files (x86)\hewlett-packard\hp connection manager\hpcmdelaystart.exe"
+ "HPOSD"    "HP On Screen Display"    "Hewlett-Packard Development Company, L.P."    "c:\program files (x86)\hewlett-packard\hp on screen display\hposd.exe"
+ "HPQuickWebProxy"    "HP QuickWeb Utilities"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp quickweb\hpqwutils.exe"
+ "IAStorIcon"    "IAStorIcon"    "Intel Corporation"    "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files (x86)\itunes\ituneshelper.exe"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files (x86)\quicktime\qttask.exe"
+ "ROC_ROC_JULY_P1"    ""    ""    "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce"    ""    ""    ""
+ "Malwarebytes Anti-Malware"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\desktop\mbamgui.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "Bluetooth.lnk"    "Bluetooth Tray Application"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\bttray.exe"
+ "PHOTOfunSTUDIO 6.0.lnk"    "AutoStartService"    "Panasonic Corporation"    "c:\program files (x86)\common files\panasonic\photofunstudio autostart\autostartupservice.exe"
"C:\Users\Shauna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "eFax 4.4.lnk"    "eFax Messenger - Tray"    "j2 Global Communications, Inc."    "c:\program files (x86)\efax messenger 4.4\j2gtray.exe"
+ "Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk"    "Print Driver Status Business Logic"    "Hewlett-Packard Co."    "c:\program files\hp\hp deskjet 3050a j611 series\bin\hpstatusbl.dll"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "ApplePhotoStreams"    "ApplePhotoStreams.exe"    "Apple Inc."    "c:\program files (x86)\common files\apple\internet services\applephotostreams.exe"
+ "eFax 4.4"    "eFax Messenger - DLL Command Utility"    "j2 Global Communications, Inc."    "c:\program files (x86)\efax messenger 4.4\j2gdllcmd.exe"
+ "Facebook Update"    "Facebook Installer"    "Facebook Inc."    "c:\users\shauna\appdata\local\facebook\update\facebookupdate.exe"
+ "Google Update"    "Google Installer"    "Google Inc."    "c:\users\shauna\appdata\local\google\update\googleupdate.exe"
+ "HP Deskjet 3050A J611 series (NET)"    "ScanToPCActivationApp"    "Hewlett-Packard Co."    "c:\program files\hp\hp deskjet 3050a j611 series\bin\scantopcactivationapp.exe"
+ "iCloudServices"    "iCloud"    "Apple Inc."    "c:\program files (x86)\common files\apple\internet services\icloudservices.exe"
+ "MobileDocuments"    ""    ""    "File not found: C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "linkscanner"    "Safe Search pluggable protocol"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgppa.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""
+ "Groove GFS Stub Execution Hook"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""
+ "EasyBits Security Shield Hook - prevents launching insecure programs by kids"    "EasyBits Security Shield component"    "EasyBits Software Corp."    "c:\windows\syswow64\ezupbhook.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "PhotoStreamsExt"    ""    ""    "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "HotShellExt_40"    "eFax Messenger - Shell Extension"    "j2 Global Communications, Inc."    "c:\program files (x86)\efax messenger 4.4\j2gshell.dll"
+ "PhotoStreamsExt"    "ShellStreams.dll"    "Apple Inc."    "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\desktop\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers"    ""    ""    ""
+ "Monitor"    "BTNCopy Module"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui"    "igfxpph Module"    "Intel Corporation"    "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\desktop\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "AVG Do Not Track"    "AVG Do Not Track for IE"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "AVG Safe Search"    "Safe Search for Internet Explorer"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgssiea.dll"
+ "Groove GFS Browser Helper"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Do Not Track"    "AVG Do Not Track for IE"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
+ "AVG Safe Search"    "Safe Search for Internet Explorer"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgssie.dll"
+ "Groove GFS Browser Helper"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "HP Network Check Helper"    "HP Network Check IE Plug-in"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\hpnetworkcheckplugin.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "AVG Do Not Track"    "AVG Do Not Track for IE"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "OneNote Lin&ked Notes"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..."    ""    ""    "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Evernote 4"    ""    ""    "File not found: C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204"
+ "AVG Do Not Track"    "AVG Do Not Track for IE"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
+ "HP Network Check"    "NCLauncherFromIE"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\nclauncherfromie.exe"
+ "OneNote Lin&ked Notes"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..."    ""    ""    "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
+ "SmartPrint"    "HP Smart Print Setup"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\smartprint\smartprintsetup.exe"
"Task Scheduler"    ""    ""    ""
+ "\Adobe Flash Player Updater"    "Adobe® Flash® Player Update Service 11.5 r502"    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate"    "Apple Software Update"    "Apple Inc."    "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-3059098159-1537013638-3568097220-1000Core"    "Facebook Installer"    "Facebook Inc."    "c:\users\shauna\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-3059098159-1537013638-3568097220-1000UA"    "Facebook Installer"    "Facebook Inc."    "c:\users\shauna\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-3059098159-1537013638-3568097220-1003Core"    "Facebook Installer"    "Facebook Inc."    "c:\users\carmel\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-3059098159-1537013638-3568097220-1003UA"    "Facebook Installer"    "Facebook Inc."    "c:\users\carmel\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3059098159-1537013638-3568097220-1000Core"    "Google Installer"    "Google Inc."    "c:\users\shauna\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3059098159-1537013638-3568097220-1000UA"    "Google Installer"    "Google Inc."    "c:\users\shauna\appdata\local\google\update\googleupdate.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start"    "HP Support Assistant"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Health Analysis"    "HP Support Assistant"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\Update Check"    "HPSFUpdater"    "Hewlett-Packard Company"    "c:\programdata\hewlett-packard\hp support framework\resources\updater7\hpsfupdater.exe"
+ "\HP Photo Creations Messager"    ""    ""    "c:\programdata\hp photo creations\messagecheck.exe"
+ "\HPCeeScheduleForShauna"    "HP Ceement"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\HPCeeScheduleForSHAUNA-HP$"    "HP Ceement"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\HPCustParticipation HP Deskjet 3050A J611 series"    "HP Customer Participation."    "Hewlett-Packard Co."    "c:\program files\hp\hp deskjet 3050a j611 series\bin\hpcustpartic.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"
+ "\MirageAgent"    "YouCam Mirage"    "CyberLink"    "c:\program files (x86)\cyberlink\youcam\ycmmirage.exe"
+ "\RunAsStdUser Task"    ""    ""    "File not found: C:\Users\Shauna\AppData\Local\shamrockspringSA\bin\1.0.18.0\ShamrockSpringSA.exe"
+ "\ServicePlan"    "ESAdvRemIntegrator"    ""    "c:\program files (x86)\hewlett-packard\hp setup\remengine.exe"
+ "\SidebarExecute"    "Windows Desktop Gadgets"    "Microsoft Corporation"    "c:\program files\windows sidebar\sidebar.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent"    "Provides Identity Protection Against Cyber Crime."    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgidsagent.exe"
+ "avgwd"    "AVG Watchdog Service"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgwdsvc.exe"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"
+ "btwdins"    "Handles installation and removal of Bluetooth devices."    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "ezSharedSvc"    "Provides licensing, security and parental control services for EasyBits applications. If this service is stopped or disabled, these applications will not function properly."    "EasyBits Software AS"    "c:\windows\syswow64\ezsharedsvchost.exe"
+ "GamesAppService"    "WT Games App Services"    "WildTangent, Inc."    "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "HP Support Assistant Service"    "HP Support Assistant Service"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPClientSvc"    "HP Client Services"    "Hewlett-Packard Company"    "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
+ "hpCMSrv"    "Manages all HP embedded network connectivities."    "Hewlett-Packard Development Company L.P."    "c:\program files (x86)\hewlett-packard\hp connection manager\hpcmsrv.exe"
+ "HPDrvMntSvc.exe"    "HP Quick Synchronization Service"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex"    "HP Software Framework WMI Service"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "HPSLPSVC"    "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable"    "Hewlett-Packard Co."    "c:\users\shauna\appdata\local\temp\7zs14a6\hpslpsvc64.dll"
+ "HPWMISVC"    "HP Quick Launch WMI Service"    "Hewlett-Packard Development Company, L.P."    "c:\program files (x86)\hewlett-packard\hp quick launch\hpwmisvc.exe"
+ "IAStorDataMgrSvc"    "Provides storage event notification and manages communication between the storage driver and user space applications."    "Intel Corporation"    "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "IconMan_R"    "Realtek Card Reader Icon Tool."    "Realsil Microelectronics Inc."    "c:\program files (x86)\realtek\realtek pcie card reader\riconman.exe"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "LMS"    "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces."    "Intel Corporation"    "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "Microsoft SharePoint Workspace Audit Service"    "Microsoft SharePoint Workspace"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc"    "Office Software Protection Platform Service (unlocalized description)"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RapportMgmtService"    "Central Rapport Management and Monitoring Service"    "Trusteer Ltd."    "c:\program files (x86)\trusteer\rapport\bin\rapportmgmtservice.exe"
+ "STacSV"    "Manages audio jack configurations."    "IDT, Inc."    "c:\program files\idt\wdm\stacsv64.exe"
+ "UNS"    "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device."    "Intel Corporation"    "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend"    "Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc"    "Enables Windows Live ID authentication."    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "AVGIDSDriver"    "AVG Technologies IDS Application Activity Monitor Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSFilter"    "AVG Technologies IDS Application Activity Monitor Filter Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsfiltera.sys"
+ "AVGIDSHA"    "AVG Technologies IDS Application Activity Monitor Helper Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64"    "AVG AVI Loader Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgmfx64"    "AVG Resident Shield Minifilter Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64"    "AVG Anti-Rootkit Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia"    "AVG Network connection watcher"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgtdia.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"
+ "bcbtums"    "Broadcom Bluetooth Firmware Download Filter"    "Broadcom Corporation."    "c:\windows\system32\drivers\bcbtums.sys"
+ "BCM43XX"    "Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "btwampfl"    "btwampfl Bluetooth filter driver"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwampfl.sys"
+ "btwaudio"    "Bluetooth Audio Device"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt"    "Broadcom Bluetooth AVDT Service"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwavdt.sys"
+ "BTWDPAN"    "Bluetooth Personal Area Network"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwdpan.sys"
+ "btwl2cap"    "Broadcom Bluetooth L2CAP Service"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid"    "Bluetooth Remote Control HID Minidriver"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwrchid.sys"
+ "clwvd"    "CyberLink WebCam Virtual Driver"    "CyberLink Corporation"    "c:\windows\system32\drivers\clwvd.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor"    "Intel Rapid Storage Technology driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "igfx"    "Intel Graphics Kernel Mode Driver"    "Intel Corporation"    "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "IntcDAud"    "Intel® Display Audio Driver"    "Intel® Corporation"    "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64"    "Intel® Management Engine Interface"    "Intel Corporation"    "c:\windows\system32\drivers\hecix64.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "NVENETFD"    "NVIDIA MCP Networking Function Driver."    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvm62x64.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "RapportCerberus_50414"    ""    ""    "c:\programdata\trusteer\rapport\store\exts\rapportcerberus\50414\rapportcerberus64_50414.sys"
+ "RapportEI64"    "RapportEI"    "Trusteer Ltd."    "c:\program files (x86)\trusteer\rapport\bin\x64\rapportei64.sys"
+ "RapportIaso"    "RapportIaso"    "Trusteer Ltd."    "c:\programdata\trusteer\rapport\store\exts\rapportms\46125\rapportiaso64.sys"
+ "RapportKE64"    "RapportKE"    "Trusteer Ltd."    "c:\windows\system32\drivers\rapportke64.sys"
+ "RapportPG64"    "RapportPG64"    "Trusteer Ltd."    "c:\program files (x86)\trusteer\rapport\bin\x64\rapportpg64.sys"
+ "RSPCIESTOR"    "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtspstor.sys"
+ "RTL8167"    "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                "    "Realtek                                            "    "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfHDA"    "HSF_HWAZL WDM driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac"    "HSF_CNXT driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA"    "IDT PC Audio"    "IDT, Inc."    "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP"    "Synaptics Touchpad Driver"    "Synaptics Incorporated"    "c:\windows\system32\drivers\syntp.sys"
+ "USBAAPL64"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance"    ""    ""    ""
+ "{BB0C7D26-4C31-421d-9552-F8C14B8097AE}"    "LUMIX RAW Codec"    "Panasonic Corporation"    "c:\program files (x86)\common files\panasonic\rawcodec\panarawcodec.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance"    ""    ""    ""
+ "LUMIX RawDecoder Class"    "LUMIX RAW Codec"    "Panasonic Corporation"    "c:\program files (x86)\common files\panasonic\rawcodec\panarawcodec.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute"    ""    ""    ""
+ "C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart"    "AVG Resident Shield Service"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2012\avgrsa.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""
+ "BtwCredentialProvider"    "BtwCP DLL"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "BtwProximityCredentialProvider"    "BtwProximityCP DLL"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwproximitycp.dll"
+ "WLIDCredentialProvider"    "Microsoft® Windows Live ID Credential Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "igfxcui"    "igfxdev Module"    "Intel Corporation"    "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
+ "HP a011 Status Monitor"    "Print Status Language Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpinkstsa011lm.dll"
+ "HP Discovery Port Monitor (HP Deskjet 3050A J611 series)"    "HP Discovery Port Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpdiscopma011.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages"    ""    ""    ""
+ "C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll"    "BtwProximityCP DLL"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwproximitycp.dll"


#13 shauna78

shauna78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 07 February 2013 - 06:42 PM

Think that's everything! 

 

Thank you again for your help! thumbup2.gif



#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:12 AM

Posted 07 February 2013 - 06:49 PM

Launch Adware cleaner and select DELETE

 

Post the new log

 

Current issues?


Edited by narenxp, 07 February 2013 - 06:50 PM.


#15 shauna78

shauna78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 08 February 2013 - 05:49 AM

Log below... i've had no more notifications of the Trojen - so think it's gone! Thank goodness and thank you for your help and knowledge!! :) 
 
 
# AdwCleaner v2.111 - Logfile created 02/08/2013 at 10:41:21
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Shauna - SHAUNA-HP
# Boot Mode : Normal
# Running from : C:\Users\Shauna\Desktop\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
File Deleted : C:\Users\Shauna\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\Users\Carmel\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Shauna\AppData\Local\Temp\avg@toolbar
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\8288d9b46fe510
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Wow6432Node\8288d9b46fe510
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Value Deleted : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16457
 
[OK] Registry is clean.
 
-\\ Google Chrome v24.0.1312.57
 
File : C:\Users\Shauna\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
Deleted [l.13] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://www.claro-search.com/?aff[...]
Deleted [l.2469] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://www.claro-search.com/?affID=[...]
 
*************************
 
AdwCleaner[R1].txt - [8265 octets] - [06/02/2013 13:21:07]
AdwCleaner[R2].txt - [4741 octets] - [07/02/2013 23:13:18]
AdwCleaner[S1].txt - [4048 octets] - [08/02/2013 10:41:21]
 
########## EOF - C:\AdwCleaner[S1].txt - [4108 octets] ##########





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users