itsjinx 0 Report post Posted November 10, 2011 Hello, I can't install adaware at all! I've attached a screenshot of the error. I know that I have a virus because nearly all web pages I visit, I am redirected to a spam page with ads. I have BitDefender 2012 and it finds nothing and I have Trend Micro and it finds nothing and I've tried Kaspersky and it finds nothing! I can only come to the conclusion that it is "adware" and not a "virus" and maybe thats why they can't see it, but the "adware" also opens up invisible iexplorer.exe windows and imitates "clicks" on advertisements - atleast thats what I'm pretty sure its doing... So thats why im trying to use adaware but i can't help! Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted November 10, 2011 Hi itsjinx, Please, to get help with cleaning your computer follow the instructions in the topic [url="http://www.lavasoftsupport.com/index.php?showtopic=30823"]Read This Before You Post![/url] and I will move your topic to the forum [url="http://www.lavasoftsupport.com/index.php?showforum=36"]Help with Stubborn Infections[/url]. Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 10, 2011 the link to that post doesn't help me since I can't install adaware! Also, you moved my post to a forum that no one gets replies too Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted November 10, 2011 Everyone gets replies in this forum, too. Just skip step 1 in the instructions and perform step 2. Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 10, 2011 Hello, Here is content of EXTRAS.TXT: OTL Extras logfile created on: 11/10/2011 4:29:34 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\derek\Documents\Programs 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.98 Gb Total Physical Memory | 4.97 Gb Available Physical Memory | 62.32% Memory free 15.96 Gb Paging File | 12.69 Gb Available in Paging File | 79.51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 586.41 Gb Total Space | 454.08 Gb Free Space | 77.43% Space Free | Partition Type: NTFS Computer Name: DEREK-VAIO | User Name: derek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .bat [@ = batfile] -- Reg Error: Key error. File not found .cmd [@ = cmdfile] -- Reg Error: Key error. File not found .com [@ = comfile] -- Reg Error: Key error. File not found .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l InternetShortcut [print] -- rundll32.exe %SystemRoot%\System32\Mshtml.dll,PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Value error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Value error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "AutoUpdateDisableNotify" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\AT&T\Communication Manager\SwiApiMux.exe" = C:\Program Files (x86)\AT&T\Communication Manager\SwiApiMux.exe:*:Enabled:SwiApiMux "C:\Program Files (x86)\AT&T\Communication Manager\SwiApiMux.exe" = C:\Program Files (x86)\AT&T\Communication Manager\SwiApiMux.exe:*:Enabled:SwiApiMux [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer "{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery MergeModules x64 "{19E74155-1CA2-4807-9BF5-1AAB4F876E1A}" = Motorola Driver Installation "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{26A24AE4-039D-4CA4-87B4-2F86416018FF}" = Java(TM) 6 Update 18 (64-bit) "{2AB9289D-6432-4CC0-8869-A195C3F0CFCC}" = Bitdefender Total Security 2012 "{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4C00EC96-D644-41AD-91D3-A9CE4382C80E}" = Driver Installer "{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VMp MergeModule x64 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support "{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO "{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client "{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64 "{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU "{DA57D9DF-BE05-416A-96E4-2BB4884308E7}" = MSI_SPF_x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 "Bitdefender" = Bitdefender Total Security 2012 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF}" = VAIO Messenger "{03FCC0F4-0999-4D8A-BA8D-CC1CB87FCD9B}" = VAIO Care "{07182027-A63E-4E86-B96F-452EB9D61360}" = VAIO Help and Support "{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8 "{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics "{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU "{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer) "{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files "{1B500D37-E7CF-480B-8054-8A563594EC4E}" = OOBE "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{21D1464A-1C54-451E-B780-3ECB3DF8BD4E}" = VAIO Content Monitoring Settings "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Monitoring Settings "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18 "{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types "{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8 "{2BDD5DFD-9F1F-4754-8BEB-A780D49E8C73}" = Sony Home Network Library "{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver "{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey "{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{44E0DB64-566D-4126-82E6-206B4D76E902}" = VAIO Original Function Settings "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared "{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}" = Brother MFL-Pro Suite MFC-790CW "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files "{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc) "{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects "{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents "{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool "{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update "{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD "{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support "{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari "{61A6631C-46C6-46cc-8320-0B9E86DF3019}_is1" = System Optimizer "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{641DD10E-47E0-4A1D-B858-EF507F948C50}" = VAIO Hardware Diagnostics "{65179FD8-04C0-40A7-87FC-007F2CD5BF1E}" = LogMeIn "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}" = VAIO Media plus Opening Movie "{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer "{6D423AE8-0E7D-4703-8EF7-500C5D36FD7F}" = Sony Home Network Library "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{70991E0A-1108-437E-BA7D-085702C670C0}" = "{70ECEB2C-D16F-41A0-9B96-B17EF2484B8B}" = The News Trader "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2 "{7D556460-6E5A-4C53-BCDD-7A7EAEBC169A}" = VAIO Entertainment Platform "{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Power Management "{808625C0-412D-2343-CA00-9C19A9671101}" = AccuWeather.com Cirrus "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{84FFB317-A08A-4AEE-95EA-7FBA69A3F924}" = VAIO Entertainment Platform "{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder "{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.2 "{98F2FA0E-923A-48C2-8EC7-62BD97E38FC0}" = VAIO Data Restore Tool "{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}" = SmartWi Connection Utility "{9D23818F-BC2F-AE7C-6957-B03056CED5C3}" = Market Samurai "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Settings "{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6 "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6 "{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story) "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB "{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0 "{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{BA4DA261-CB60-4690-B202-44998DFC6986}" = Microsoft SQL Server 2008 Setup Support Files "{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler "{C416CBB4-00BA-4E78-878A-590C5FD4A7A1}" = VAIO Media plus "{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service "{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery "{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3 "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E5EDA1E6-5FDD-4B29-8399-6022B81C3A7C}" = ControlCenter "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU "{EFBA1469-E0DA-4825-96AB-12B2988E9A28}" = Media Gallery "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5 "{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = "7-Zip" = 7-Zip 4.65 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "Application Manager for VAIO" = Application Manager for VAIO "AviSynth" = AviSynth 2.5 "Carbonite Backup" = Carbonite "Cisco Connect" = Cisco Connect "com.AccuWeather.sony.6AF67E59E785A9A644FCA43BED05A7731922EF40.1" = AccuWeather.com Cirrus "FLV Player" = FLV Player 2.0 (build 25) "FreeFixer0.60" = FreeFixer "FrostWire" = FrostWire 4.21.6 "Google Chrome" = Google Chrome "GSA Auto SoftSubmit_is1" = GSA Auto SoftSubmit v6.94 "GTK 2.0" = GTK+ Runtime 2.14.7 rev a (remove only) "HijackThis" = HijackThis 2.0.0 "InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer) "InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc) "InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide "InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 "MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Market Samurai "Microsoft SQL Server 10" = Microsoft SQL Server 2008 "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 "Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU "Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US) "MP3 Rocket" = MP3 Rocket "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "OnlyWire" = OnlyWire "Pidgin" = Pidgin "PromoSoft_is1" = PromoSoft 1.811 "QuoteTracker_is1" = QuoteTracker "Template Phrases for Microsoft Outlook_is1" = Template Phrases for Microsoft Outlook 2.1 "WinLiveSuite_Wave3" = Windows Live Essentials [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FileZilla Client" = FileZilla Client 3.5.0 "Spotify" = Spotify [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 11/9/2011 8:14:08 PM | Computer Name = derek-VAIO | Source = MSSQL$DDNI | ID = 17120 Description = SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems. Error - 11/9/2011 10:50:46 PM | Computer Name = derek-VAIO | Source = Application Error | ID = 1000 Description = Faulting application name: Market Samurai.exe, version: 0.0.0.0, time stamp: 0x4b66b0f3 Faulting module name: WebKit.dll, version: 0.0.0.0, time stamp: 0x4b66b026 Exception code: 0xc0000005 Fault offset: 0x001b70e7 Faulting process id: 0x1638 Faulting application start time: 0x01cc9f5385ceafb7 Faulting application path: C:\Program Files (x86)\Market Samurai\Market Samurai.exe Faulting module path: c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll Report Id: c9a39cf5-0b46-11e1-90cf-f07bcbd01ad5 Error - 11/9/2011 10:52:26 PM | Computer Name = derek-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 512 Description = The Cryptographic Services service failed to initialize the VSS backup "System Writer" object. Details: Could not open the EventSystem service for query. System Error: Element not found. . Error - 11/9/2011 10:52:37 PM | Computer Name = derek-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 257 Description = The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1032. Error - 11/9/2011 10:52:37 PM | Computer Name = derek-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 256 Description = The Cryptographic Services service failed to initialize the Catalog Database. The error was: 5 (0x5) : Access is denied. . Error - 11/9/2011 11:00:14 PM | Computer Name = derek-VAIO | Source = Application Hang | ID = 1002 Description = The program Market Samurai.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 13e4 Start Time: 01cc9f5390c9ab30 Termination Time: 4 Application Path: C:\Program Files (x86)\Market Samurai\Market Samurai.exe Report Id: 17044ecc-0b48-11e1-90cf-f07bcbd01ad5 Error - 11/10/2011 1:31:30 AM | Computer Name = derek-VAIO | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error - 11/10/2011 1:32:05 AM | Computer Name = derek-VAIO | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\program files (x86)\windows live\messenger\wlcsdk.exe". Dependent Assembly UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 11/10/2011 1:32:05 AM | Computer Name = derek-VAIO | Source = SideBySide | ID = 16842787 Description = Activation context generation failed for "c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use sxstrace.exe for detailed diagnosis. Error - 11/10/2011 5:24:16 PM | Computer Name = derek-VAIO | Source = Application Hang | ID = 1002 Description = The program OTL.exe version 3.2.31.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1a50 Start Time: 01cc9feef4b53a66 Termination Time: 6 Application Path: C:\Users\derek\Desktop\OTL.exe Report Id: 4f9451c2-0be2-11e1-90cf-f07bcbd01ad5 [ System Events ] Error - 4/12/2011 5:29:39 PM | Computer Name = derek-VAIO | Source = Service Control Manager | ID = 7031 Description = The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 4/12/2011 5:29:39 PM | Computer Name = derek-VAIO | Source = Service Control Manager | ID = 7031 Description = The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error - 4/12/2011 5:29:39 PM | Computer Name = derek-VAIO | Source = Service Control Manager | ID = 7031 Description = The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 4/12/2011 5:31:39 PM | Computer Name = derek-VAIO | Source = Service Control Manager | ID = 7032 Description = The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: %%1056 Error - 4/14/2011 4:43:20 AM | Computer Name = derek-VAIO | Source = DCOM | ID = 10010 Description = Error - 4/14/2011 8:47:02 PM | Computer Name = derek-VAIO | Source = Service Control Manager | ID = 7023 Description = The Office Software Protection Platform service terminated with the following error: %%5 Error - 4/14/2011 9:10:02 PM | Computer Name = derek-VAIO | Source = Service Control Manager | ID = 7000 Description = The risdpcie service failed to start due to the following error: %%577 Error - 4/14/2011 9:10:07 PM | Computer Name = derek-VAIO | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126 Error - 4/14/2011 9:10:19 PM | Computer Name = derek-VAIO | Source = Service Control Manager | ID = 7000 Description = The risdsnpe service failed to start due to the following error: %%1058 Error - 4/14/2011 9:13:19 PM | Computer Name = derek-VAIO | Source = Service Control Manager | ID = 7024 Description = The SQL Server (DDNI) service terminated with service-specific error %%5. < End of report > HERE IS CONTENT OF OTL.TXT: OTL logfile created on: 11/10/2011 4:29:34 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\derek\Documents\Programs 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.98 Gb Total Physical Memory | 4.97 Gb Available Physical Memory | 62.32% Memory free 15.96 Gb Paging File | 12.69 Gb Available in Paging File | 79.51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 586.41 Gb Total Space | 454.08 Gb Free Space | 77.43% Space Free | Partition Type: NTFS Computer Name: DEREK-VAIO | User Name: derek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\derek\My Documents\Programs\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Bitdefender\Bitdefender 2012\Antispam32\pchooklaunch32.exe (Bitdefender) PRC - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) PRC - C:\Program Files (x86)\Java\jre6\bin\javaw.exe (Sun Microsystems, Inc.) PRC - C:\Windows\SysWOW64\java.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Sony\VAIO Care\VCSpt.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe () PRC - C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe () PRC - C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe () PRC - C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe () PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\Program Files (x86)\Macromedia\Dreamweaver 8\Dreamweaver.exe (Macromedia, Inc.) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Users\derek\AppData\Local\Temp\IntResource.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\caa9d8bca3092573cdbb67c8e81bf0f3\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b867fbc0d573ac5e5fe71143d9caf43b\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\adc8998d96ca331d17cef00b1ef95a5f\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4ea95056046fdf87f06ae807308b627\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2a34e74599686e7383ae90670a994cdf\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\167c8c3817ba1f48fe7396cc56f557e3\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9d054fc9618b81d5703af1662cd11135\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\50c67f851ae3df2d0ab7d86fd1c5c7e0\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11ebcba65c931267301739008a883e60\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ebdaeaeb9f66c9035b5f11431f10cda4\mscorlib.ni.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll () MOD - C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll () MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll () MOD - C:\Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\JSExtensions\DWfile.dll () MOD - C:\Program Files (x86)\Macromedia\Dreamweaver 8\NetIOFTP.dll () MOD - C:\Program Files (x86)\Macromedia\Dreamweaver 8\Workspace.dll () MOD - C:\Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\JSExtensions\MM.dll () MOD - C:\Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\JSExtensions\SWFFile.dll () MOD - C:\Program Files (x86)\Macromedia\Dreamweaver 8\NetIO.dll () MOD - C:\Program Files (x86)\Macromedia\Dreamweaver 8\libcurl.dll () MOD - C:\Program Files (x86)\Macromedia\Dreamweaver 8\CoreTypes.dll () MOD - C:\Program Files (x86)\Macromedia\Dreamweaver 8\libeay32.dll () MOD - C:\Program Files (x86)\Macromedia\Dreamweaver 8\ssleay32.dll () MOD - C:\Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\flash player\FlashPlayerW.dll () [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (Bitdefender) SRV:[b]64bit:[/b] - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe (Carbonite, Inc. (www.carbonite.com)) SRV:[b]64bit:[/b] - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (Bitdefender) SRV:[b]64bit:[/b] - (Update Server) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe (BitDefender) SRV:[b]64bit:[/b] - (SafeBox) -- C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe (BitDefender) SRV:[b]64bit:[/b] - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation) SRV:[b]64bit:[/b] - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV:[b]64bit:[/b] - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV:[b]64bit:[/b] - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV:[b]64bit:[/b] - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe (Sony Corporation) SRV:[b]64bit:[/b] - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV:[b]64bit:[/b] - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\collsvc.exe (Sony of America Corporation) SRV - (LMIMaint) -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe (LogMeIn, Inc.) SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe (LogMeIn, Inc.) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (LogMeIn) -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (LogMeIn, Inc.) SRV - (SMPDiskOptimizer) -- C:\Program Files (x86)\System Optimizer\SMPDefragSrv64.exe (SpeedMyPC.com, (www.speedmypc.com)) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.) DRV:[b]64bit:[/b] - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.) DRV:[b]64bit:[/b] - (bdsandbox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (BitDefender SRL) DRV:[b]64bit:[/b] - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender) DRV:[b]64bit:[/b] - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender) DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:[b]64bit:[/b] - (bdfwfpf) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC) DRV:[b]64bit:[/b] - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender) DRV:[b]64bit:[/b] - (TVICHW32) -- C:\Windows\SysNative\drivers\TVicHW32.sys (EnTech Taiwan) DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:[b]64bit:[/b] - (bdfsfltr) -- C:\Windows\SysNative\drivers\bdfsfltr.sys (BitDefender) DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (BdfNdisf) -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC) DRV:[b]64bit:[/b] - (swmsflt) -- C:\Windows\SysNative\drivers\swmsflt.sys () DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:[b]64bit:[/b] - (LMIRfsDriver) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys (LogMeIn, Inc.) DRV:[b]64bit:[/b] - (lmimirr) -- C:\Windows\SysNative\drivers\lmimirr.sys (LogMeIn, Inc.) DRV:[b]64bit:[/b] - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd) DRV:[b]64bit:[/b] - (smbusp) Intel(R) -- C:\Windows\SysNative\drivers\intelsmb.sys (Intel Corporation) DRV:[b]64bit:[/b] - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC) DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:[b]64bit:[/b] - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:[b]64bit:[/b] - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC) DRV:[b]64bit:[/b] - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:[b]64bit:[/b] - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:[b]64bit:[/b] - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:[b]64bit:[/b] - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:[b]64bit:[/b] - (BDVEDISK) -- C:\Windows\SysNative\drivers\bdvedisk.sys (BitDefender) DRV:[b]64bit:[/b] - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (NMgamingmsFltr) -- C:\Windows\SysNative\drivers\NMgamingms.sys (Primax Ltd) DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:[b]64bit:[/b] - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:[b]64bit:[/b] - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:[b]64bit:[/b] - (SWUMX56) Sierra Wireless USB MUX Driver (UMTS56) -- C:\Windows\SysNative\drivers\swumx56.sys (Sierra Wireless Inc.) DRV:[b]64bit:[/b] - (SWNC8U56) Sierra Wireless MUX NDIS Driver (UMTS56) -- C:\Windows\SysNative\drivers\swnc8u56.sys (Sierra Wireless Inc.) DRV:[b]64bit:[/b] - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo) DRV - (TVICHW32) -- C:\Windows\SysWOW64\drivers\TVicHW32.sys (EnTech Taiwan) DRV - (LMIInfo) -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys (LogMeIn, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 14 52 BF 16 CB B6 EB 4A B8 B9 0D 7B 44 A9 9D D1 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2011/11/07 18:28:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/09 17:28:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/07 18:45:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2011/11/07 18:28:51 | 000,000,000 | ---D | M] [2010/08/23 13:53:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\derek\AppData\Roaming\Mozilla\Extensions [2010/08/23 13:53:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\derek\AppData\Roaming\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a} [2010/07/13 01:05:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\derek\AppData\Roaming\Mozilla\Extensions\[email protected] [2011/09/08 21:19:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\iysioyqt.default\extensions [2010/07/13 00:54:35 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\iysioyqt.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2011/09/09 14:18:20 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\iysioyqt.default\extensions\{8faa99f2-0cd0-4b79-a717-cab1d1a50ba5} [2010/07/13 00:54:35 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\iysioyqt.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2010/07/13 00:54:36 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\iysioyqt.default\extensions\[email protected] [2011/05/15 01:16:34 | 000,000,000 | ---D | M] (whois) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\iysioyqt.default\extensions\[email protected] [2011/11/09 18:01:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\extensions [2011/07/09 23:47:48 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/07/09 23:47:50 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(44) [2011/07/09 23:47:51 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2011/07/09 23:47:51 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2011/11/07 18:46:55 | 000,000,000 | ---D | M] (Page Speed) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97} [2011/07/09 23:47:48 | 000,000,000 | ---D | M] (whois) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\extensions\[email protected] [2011/11/07 18:53:36 | 000,000,000 | ---D | M] (WebRank Toolbar) -- C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\extensions\[email protected] [2011/11/07 18:45:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011/11/09 17:28:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/09/28 19:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011/07/10 18:48:51 | 000,002,280 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml [2011/11/09 17:28:03 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2011/10/11 20:11:36 | 000,000,822 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (no name) - {E33CF602-D945-461A-83F0-819F76A199F8} - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Reg Error: Value error. File not found O4:[b]64bit:[/b] - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender) O4:[b]64bit:[/b] - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O13[b]64bit:[/b] - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6522/mcfscan.cab (McFreeScan Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 64.233.217.5 64.233.217.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB9F53EC-CA10-40D8-B7C0-543D3FA66BF5}: DhcpNameServer = 64.233.217.5 64.233.217.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D726B9D6-BF17-49F0-A998-6B63D7E304A5}: DhcpNameServer = 192.168.1.1 64.233.217.5 64.233.217.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB07B180-9023-4FE7-AF57-C28120030C7B}: DhcpNameServer = 209.183.33.23 209.183.35.23 O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/11/09 17:21:05 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2ac532e8-bd22-11df-898d-544249158cdf}\Shell - "" = AutoRun O33 - MountPoints2\{2ac532e8-bd22-11df-898d-544249158cdf}\Shell\AutoRun\command - "" = D:\StartClickfreeBackup.exe O33 - MountPoints2\{7577400e-8ebe-11df-b832-544249158cdf}\Shell - "" = AutoRun O33 - MountPoints2\{7577400e-8ebe-11df-b832-544249158cdf}\Shell\AutoRun\command - "" = D:\WIN\setup.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/11/09 21:43:15 | 000,000,000 | ---D | C] -- C:\Users\derek\Documents\Programs [2011/11/09 21:42:27 | 000,000,000 | ---D | C] -- C:\Users\derek\Documents\New folder [2011/11/09 18:25:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/11/09 18:25:27 | 000,000,000 | --SD | C] -- C:\ComboFix [2011/11/09 18:19:13 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/11/09 18:18:28 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2011/11/09 18:18:16 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2011/11/09 17:35:38 | 000,000,000 | ---D | C] -- C:\Users\derek\AppData\Roaming\Malwarebytes [2011/11/09 17:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/11/09 17:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/11/09 17:35:23 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/11/09 17:35:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/11/09 17:13:20 | 000,000,000 | ---D | C] -- C:\sh4ldr [2011/11/09 17:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2011/11/09 17:12:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2011/11/08 01:17:18 | 000,543,024 | ---- | C] (Microsoft Corporation) -- C:\Users\derek\Desktop\IE9-Windows7-x64-enu.exe [2011/11/07 19:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite [2011/11/07 18:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2011/11/07 18:31:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2011/11/07 18:28:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2012 [2011/11/07 18:28:52 | 000,000,000 | ---D | C] -- C:\Users\derek\AppData\Roaming\Bitdefender [2011/11/07 18:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender [2011/11/07 18:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender [2011/11/07 18:24:31 | 000,000,000 | ---D | C] -- C:\Users\derek\AppData\Roaming\QuickScan [2011/11/07 18:23:43 | 000,329,800 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys [2011/11/07 18:23:42 | 000,431,176 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdfsfltr.sys [2011/11/07 18:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender [2011/11/07 18:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender [2011/11/07 17:39:34 | 000,000,000 | ---D | C] -- C:\Users\derek\AppData\Local\Trend Micro [2011/11/06 20:15:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011/11/06 19:27:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/11/06 19:27:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011/11/06 19:21:25 | 000,835,656 | ---- | C] (Capital Intellect Inc) -- C:\Windows\SysWow64\WINCTL5.OCX [2011/11/06 19:21:25 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMCTL32.OCX [2011/11/06 19:21:25 | 000,495,689 | ---- | C] (Capital Intellect Inc) -- C:\Windows\SysWow64\WINUTIL6.DLL [2011/11/06 19:21:25 | 000,393,216 | ---- | C] (Capital Intellect Inc) -- C:\Windows\SysWow64\WINLCTL5.DLL [2011/11/06 19:21:24 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CapiCom.dll [2011/11/06 19:21:24 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Richtx32.ocx [2011/11/06 19:21:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XRayMyPC [2011/11/06 19:21:24 | 000,000,000 | ---D | C] -- C:\Windows\McAfee.com [2011/11/06 19:00:44 | 000,013,824 | ---- | C] (Kephyr) -- C:\Windows\SysNative\ffnd.exe [2011/11/06 18:06:25 | 000,000,000 | ---D | C] -- C:\Users\derek\AppData\Roaming\FreeFixer [2011/11/06 18:06:25 | 000,000,000 | ---D | C] -- C:\Users\derek\AppData\Local\FreeFixer [2011/11/06 18:06:23 | 000,000,000 | ---D | C] -- C:\Users\derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer [2011/11/06 18:06:23 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFixer [2011/11/05 12:52:50 | 000,200,976 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys [2011/11/04 18:09:56 | 000,000,000 | ---D | C] -- C:\Users\derek\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1 [2011/11/04 18:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Market Samurai [2011/10/28 21:33:26 | 000,000,000 | ---D | C] -- C:\Users\derek\AppData\Local\APN [2011/10/25 19:34:15 | 000,000,000 | ---D | C] -- C:\Users\derek\Documents\house [2011/10/19 15:42:09 | 000,000,000 | ---D | C] -- C:\Users\derek\AppData\Local\Spotify [2011/10/19 15:42:06 | 000,000,000 | ---D | C] -- C:\Users\derek\AppData\Roaming\Spotify [2011/10/18 17:16:54 | 000,000,000 | ---D | C] -- C:\Users\derek\Documents\Sites To Copy [2011/10/13 14:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [24 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/11/10 15:40:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/11/10 15:40:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/11/09 21:53:44 | 000,022,528 | ---- | M] () -- C:\Users\derek\Documents\unlock ##nospam 5.1.msam [2011/11/09 19:20:47 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/11/09 19:20:46 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/11/09 19:17:35 | 000,876,376 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/11/09 19:17:35 | 000,729,734 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/11/09 19:17:35 | 000,146,710 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/11/09 19:09:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/11/09 19:09:32 | 2133,372,927 | -HS- | M] () -- C:\hiberfil.sys [2011/11/09 17:28:29 | 000,002,048 | ---- | M] () -- C:\Users\derek\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/11/09 17:21:05 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2011/11/08 23:33:16 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml [2011/11/08 23:33:16 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml [2011/11/08 01:17:14 | 000,543,024 | ---- | M] (Microsoft Corporation) -- C:\Users\derek\Desktop\IE9-Windows7-x64-enu.exe [2011/11/07 22:23:02 | 000,000,155 | ---- | M] () -- C:\Windows\SysNative\checkdnsid.xml [2011/11/07 19:11:59 | 000,329,800 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys [2011/11/07 18:37:42 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml [2011/11/07 18:30:48 | 000,243,637 | ---- | M] () -- C:\ProgramData\1320708220.bdinstall.bin [2011/11/07 18:29:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2011/11/07 18:10:37 | 012,021,760 | ---- | M] () -- C:\Users\derek\Desktop\Ad-Aware96Install.msi [2011/11/07 17:38:51 | 000,000,822 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin [2011/11/07 17:38:51 | 000,000,822 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin [2011/11/06 22:39:21 | 000,017,408 | ---- | M] () -- C:\Users\derek\AppData\Local\WebpageIcons.db [2011/11/06 22:34:09 | 014,282,752 | ---- | M] () -- C:\Users\derek\Desktop\itsjinxhtc.mpg [2011/11/06 20:38:06 | 000,001,088 | ---- | M] () -- C:\Users\derek\smsniff.cfg [2011/11/06 20:36:34 | 000,001,209 | ---- | M] () -- C:\Users\derek\Desktop\My Documents.lnk [2011/11/06 19:21:46 | 000,000,512 | ---- | M] () -- C:\Windows\tasks\X-Ray My PC System Scanner.job [2011/11/06 03:00:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\RegInOut Scheduled Scan - derek.job [2011/11/05 17:33:16 | 004,539,626 | ---- | M] () -- C:\Users\derek\AppData\Local\census.cache [2011/11/05 17:24:10 | 000,099,423 | ---- | M] () -- C:\Users\derek\AppData\Local\ars.cache [2011/11/05 12:58:55 | 000,000,036 | ---- | M] () -- C:\Users\derek\AppData\Local\housecall.guid.cache [2011/11/04 18:11:58 | 000,139,100 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat [2011/11/04 18:09:39 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Market Samurai.lnk [2011/11/04 16:51:59 | 000,870,592 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/11/04 14:55:30 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI [2011/10/13 14:13:19 | 000,002,515 | ---- | M] () -- C:\Users\derek\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk [2011/10/11 20:11:36 | 000,000,822 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [24 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/11/09 17:21:05 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2011/11/09 16:25:05 | 000,001,736 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnlyWire.LNK [2011/11/08 01:24:06 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml [2011/11/08 01:24:06 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml [2011/11/07 22:23:01 | 000,000,155 | ---- | C] () -- C:\Windows\SysNative\checkdnsid.xml [2011/11/07 18:45:49 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011/11/07 18:37:42 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml [2011/11/07 18:30:48 | 000,243,637 | ---- | C] () -- C:\ProgramData\1320708220.bdinstall.bin [2011/11/07 18:29:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2011/11/07 18:10:27 | 012,021,760 | ---- | C] () -- C:\Users\derek\Desktop\Ad-Aware96Install.msi [2011/11/06 22:39:21 | 000,017,408 | ---- | C] () -- C:\Users\derek\AppData\Local\WebpageIcons.db [2011/11/06 22:33:55 | 014,282,752 | ---- | C] () -- C:\Users\derek\Desktop\itsjinxhtc.mpg [2011/11/06 20:36:34 | 000,001,209 | ---- | C] () -- C:\Users\derek\Desktop\My Documents.lnk [2011/11/06 19:21:46 | 000,000,512 | ---- | C] () -- C:\Windows\tasks\X-Ray My PC System Scanner.job [2011/11/05 12:58:34 | 004,539,626 | ---- | C] () -- C:\Users\derek\AppData\Local\census.cache [2011/11/05 12:58:24 | 000,099,423 | ---- | C] () -- C:\Users\derek\AppData\Local\ars.cache [2011/11/05 12:52:01 | 000,000,036 | ---- | C] () -- C:\Users\derek\AppData\Local\housecall.guid.cache [2011/11/04 18:11:27 | 000,022,528 | ---- | C] () -- C:\Users\derek\Documents\unlock ##nospam 5.1.msam [2011/11/04 18:09:39 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk [2011/11/04 18:09:39 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Market Samurai.lnk [2011/10/19 15:42:08 | 000,000,903 | ---- | C] () -- C:\Users\derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2011/09/07 18:13:36 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2011/08/24 16:48:14 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011/05/18 00:03:15 | 000,011,778 | -HS- | C] () -- C:\Users\derek\AppData\Local\q06y4ded434kq1vq7n7 [2011/05/18 00:03:15 | 000,011,778 | -HS- | C] () -- C:\ProgramData\q06y4ded434kq1vq7n7 [2011/03/24 17:51:09 | 000,000,600 | ---- | C] () -- C:\Users\derek\AppData\Local\PUTTY.RND [2011/03/04 16:25:54 | 000,139,100 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010/09/10 16:34:16 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010/09/03 16:25:17 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\amd422codec.dll [2010/08/10 17:53:51 | 000,007,609 | ---- | C] () -- C:\Users\derek\AppData\Local\Resmon.ResmonCfg [2010/07/13 13:06:44 | 000,000,255 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2010/07/13 13:06:44 | 000,000,094 | ---- | C] () -- C:\Windows\brpcfx.ini [2010/07/13 13:06:29 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010/07/13 13:06:29 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2010/07/13 13:05:27 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2010/07/13 13:05:26 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2010/07/13 13:05:26 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2010/07/13 00:43:22 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2010/05/02 22:39:05 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll [2010/05/02 21:47:28 | 000,870,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009/04/06 08:26:46 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\DVRConfig.dll [2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI [color=#E56717]========== LOP Check ==========[/color] [2011/09/23 16:29:16 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\.purple [2011/03/07 15:33:12 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\Add-in Express [2011/11/07 18:32:01 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\Bitdefender [2010/10/19 17:51:29 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\ConsumerSoft [2011/02/02 20:49:19 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\CreatePhotoCalendars.D3323E811E67DC9FDD0CB2B1373D231538FEA368.1 [2011/11/04 15:38:58 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\EurekaLog [2011/09/09 23:20:31 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\Fenabe [2011/11/09 21:50:03 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\FileZilla [2011/11/06 19:07:52 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\FreeFixer [2011/10/19 13:21:42 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\FrostWire [2010/11/19 23:07:02 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\GSA Auto SoftSubmit [2011/09/08 23:41:03 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\Haiqyk [2011/11/04 18:09:56 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1 [2011/08/10 16:49:23 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\MP3Rocket [2011/11/07 18:24:31 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\QuickScan [2010/07/13 15:41:00 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\Sierra Wireless [2011/11/04 16:54:03 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\SoftGrid Client [2011/05/11 23:10:27 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\SpeedMyPC [2011/10/20 22:12:10 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\Spotify [2010/10/19 18:04:33 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\Systweak [2010/07/12 23:38:41 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\Template [2010/07/14 15:26:54 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\TP [2010/09/27 11:31:28 | 000,000,000 | ---D | M] -- C:\Users\derek\AppData\Roaming\TuneUp Software [2011/11/06 03:00:00 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\RegInOut Scheduled Scan - derek.job [2011/11/08 00:14:09 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011/11/06 19:21:46 | 000,000,512 | ---- | M] () -- C:\Windows\Tasks\X-Ray My PC System Scanner.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 64 bytes -> C:\Users\derek\Documents\XDVR01-living_room-20100411-003059.avi:TOC.WMV @Alternate Data Stream - 16 bytes -> C:\Windows\WindowsUpdate.log:BDU @Alternate Data Stream - 16 bytes -> C:\Users\derek\Desktop\IE9-Windows7-x64-enu.exe:BDU < End of report > Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted November 10, 2011 Hi, Please, subscribe to this topic and you will receive an email when someone writes a reply. You find a "Follow" button near the top on the right side. You seem to have a lot of knowledge about computers and Windows, but please ask if I write something you don't understand. 1. [2011/05/18 00:03:15 | 000,011,778 | -HS- | C] () -- C:\Users\derek\AppData\Local\q06y4ded434kq1vq7n7 [2011/05/18 00:03:15 | 000,011,778 | -HS- | C] () -- C:\ProgramData\q06y4ded434kq1vq7n7 Those two files should be removed, see http://vil.nai.com/vil/content/v_500877.htm 2. I think you have run ComboFix and TDSSKiller. If that is right, please post their logs: C:\ComboFix.txt or in C:\Qoobox C:\TDSSKiller followed by date and time of execution If MBAM (Malwarebytes Anti-Malware) found something, please post the corresponding log, too. 3. When did this spam page start to appear? Which page is it? 4. Download GMER from the following location and save it to your desktop.: http://www2.gmer.net/download.php It will be randomly named so write down the name so you remember what it is. Disconnect from the Internet. Turn off all programs, including antivirus and similar programs. How? See http://www.bleepingcomputer.com/forums/topic114351.html Start Gmer. It will perform a quick scan. If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system, click NO. Configuration of Gmer: In the right panel, uncheck the following: * IAT/EAT * Files * Drives/Partitions other than C:\ * Show All (don't miss this one) Click the Scan button & wait for it to finish. When finished click on the Save button. Select your desktop as destination folder and in the File name field enter "Gmer.log". Restart computer and make sure your antivirus program is running again. Paste the content of Gmer.log in your post, or attach it if it is a large file. Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 13, 2011 [quote name='CeciliaB' timestamp='1320965070' post='130417'] Hi, Please, subscribe to this topic and you will receive an email when someone writes a reply. You find a "Follow" button near the top on the right side. You seem to have a lot of knowledge about computers and Windows, but please ask if I write something you don't understand. 1. [2011/05/18 00:03:15 | 000,011,778 | -HS- | C] () -- C:\Users\derek\AppData\Local\q06y4ded434kq1vq7n7 [2011/05/18 00:03:15 | 000,011,778 | -HS- | C] () -- C:\ProgramData\q06y4ded434kq1vq7n7 Those two files should be removed, see [url="http://vil.nai.com/vil/content/v_500877.htm"]http://vil.nai.com/v...nt/v_500877.htm[/url] 2. I think you have run ComboFix and TDSSKiller. If that is right, please post their logs: C:\ComboFix.txt or in C:\Qoobox C:\TDSSKiller followed by date and time of execution If MBAM (Malwarebytes Anti-Malware) found something, please post the corresponding log, too. 3. When did this spam page start to appear? Which page is it? 4. Download GMER from the following location and save it to your desktop.: [url="http://www2.gmer.net/download.php"]http://www2.gmer.net/download.php[/url] It will be randomly named so write down the name so you remember what it is. Disconnect from the Internet. Turn off all programs, including antivirus and similar programs. How? See [url="http://www.bleepingcomputer.com/forums/topic114351.html"]http://www.bleepingc...opic114351.html[/url] Start Gmer. It will perform a quick scan. If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system, click NO. Configuration of Gmer: In the right panel, uncheck the following: * IAT/EAT * Files * Drives/Partitions other than C:\ * Show All (don't miss this one) Click the Scan button & wait for it to finish. When finished click on the Save button. Select your desktop as destination folder and in the File name field enter "Gmer.log". Restart computer and make sure your antivirus program is running again. Paste the content of Gmer.log in your post, or attach it if it is a large file. [/quote] 1. done 2. Combofix log is below 3. This started around the first week of november. Whenever I goto google and search anything and then click on any of the results, I am routed to "http://freevegas.us" which then routes me through different websites like: http://search.yellowise.com/deals/?keyword=search+queary&affid=54883&ptr=VP&client_tag=bpo&p_count=10&af=img&sid=f065ce94eb4a75a891f5f5b4ec809e3b&cid=BPO AND http://www.gimmeanswers.org/search/v_q17/results.php?search=search%20query%203g&aff=itcg-20342 4. I will post results in next post. COMBOFIX.TXT: ComboFix 11-11-10.03 - derek 11/11/2011 14:35:06.2.8 - x64 MINIMAL Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8174.7076 [GMT -5:00] Running from: c:\users\derek\Desktop\ComboFix.exe AV: Trend Micro AntiVirus *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro AntiVirus *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . c:\program files (x86)\Mozilla Firefox\searchplugins\search.xml c:\users\derek\AppData\Roaming\Adobe\plugs c:\users\derek\AppData\Roaming\Adobe\shed c:\users\derek\AppData\Roaming\EurekaLog c:\users\derek\g2mdlhlpx.exe . . ((((((((((((((((((((((((( Files Created from 2011-10-11 to 2011-11-11 ))))))))))))))))))))))))))))))) . . 2011-11-11 20:08 . 2011-11-11 20:08 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2011-11-11 20:08 . 2011-11-11 20:08 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-09 23:18 . 2011-11-09 23:18 -------- d-----w- C:\TDSSKiller_Quarantine 2011-11-09 22:35 . 2011-11-09 22:35 -------- d-----w- c:\users\derek\AppData\Roaming\Malwarebytes 2011-11-09 22:35 . 2011-11-09 22:35 -------- d-----w- c:\programdata\Malwarebytes 2011-11-09 22:35 . 2011-11-09 22:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-11-09 22:35 . 2011-08-31 22:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-09 22:13 . 2011-11-09 22:37 -------- d-----w- C:\sh4ldr 2011-11-09 22:13 . 2011-11-09 22:13 -------- d-----w- c:\program files\Enigma Software Group 2011-11-09 22:12 . 2011-11-09 22:37 -------- d-----w- c:\windows\89A072791DB3485AB1DF584DF86774B9.TMP 2011-11-09 22:12 . 2011-11-09 22:12 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-11-08 04:14 . 2011-11-08 04:14 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\BitDefender 2011-11-08 00:05 . 2011-11-08 00:05 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\QuickScan 2011-11-07 23:45 . 2011-11-09 22:28 134104 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll 2011-11-07 23:45 . 2011-11-09 22:28 89048 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll 2011-11-07 23:45 . 2011-11-09 22:28 801752 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll 2011-11-07 23:45 . 2011-11-09 22:28 478168 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll 2011-11-07 23:45 . 2011-11-09 22:28 1989592 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll 2011-11-07 23:45 . 2011-11-09 22:28 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll 2011-11-07 23:45 . 2011-09-29 00:26 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll 2011-11-07 23:45 . 2011-09-29 00:26 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll 2011-11-07 23:31 . 2011-11-07 23:31 -------- d-----w- c:\programdata\Lavasoft 2011-11-07 23:31 . 2011-11-07 23:31 -------- d-----w- c:\program files (x86)\Lavasoft 2011-11-07 23:30 . 2011-11-07 23:30 243637 ----a-w- c:\programdata\1320708220.bdinstall.bin 2011-11-07 23:28 . 2011-11-07 23:32 -------- d-----w- c:\users\derek\AppData\Roaming\Bitdefender 2011-11-07 23:28 . 2011-11-07 23:30 -------- d-----w- c:\programdata\Bitdefender 2011-11-07 23:24 . 2011-11-07 23:25 -------- d-----w- c:\program files\Bitdefender 2011-11-07 23:24 . 2011-11-07 23:24 -------- d-----w- c:\users\derek\AppData\Roaming\QuickScan 2011-11-07 23:23 . 2011-11-08 00:11 329800 ----a-w- c:\windows\system32\drivers\trufos.sys 2011-11-07 23:23 . 2011-03-24 20:36 431176 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys 2011-11-07 23:23 . 2011-11-07 23:23 -------- d-----w- c:\program files\Common Files\Bitdefender 2011-11-07 23:23 . 2011-11-07 23:23 -------- d-----w- c:\program files (x86)\Common Files\Bitdefender 2011-11-07 22:39 . 2011-11-07 22:39 -------- d-----w- c:\users\derek\AppData\Local\Trend Micro 2011-11-07 00:27 . 2011-11-07 23:45 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-11-07 00:27 . 2011-11-07 23:45 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-11-07 00:21 . 2010-09-01 21:59 835656 ----a-w- c:\windows\SysWow64\WINCTL5.OCX 2011-11-07 00:21 . 2009-04-14 16:50 495689 ----a-w- c:\windows\SysWow64\WINUTIL6.DLL 2011-11-07 00:21 . 2006-03-31 20:36 393216 ----a-w- c:\windows\SysWow64\WINLCTL5.DLL 2011-11-07 00:21 . 2003-09-23 06:00 608448 ----a-w- c:\windows\SysWow64\COMCTL32.OCX 2011-11-07 00:21 . 2011-11-07 00:21 -------- d-----w- c:\windows\McAfee.com 2011-11-07 00:21 . 2011-11-07 00:21 -------- d-----w- c:\program files (x86)\XRayMyPC 2011-11-07 00:21 . 2008-06-02 15:38 212240 ----a-w- c:\windows\SysWow64\Richtx32.ocx 2011-11-07 00:00 . 2010-03-08 10:10 13824 ----a-w- c:\windows\system32\ffnd.exe 2011-11-06 23:06 . 2011-11-07 00:07 -------- d-----w- c:\users\derek\AppData\Roaming\FreeFixer 2011-11-06 23:06 . 2011-11-06 23:06 -------- d-----w- c:\users\derek\AppData\Local\FreeFixer 2011-11-06 23:06 . 2011-11-06 23:06 -------- d-----w- c:\program files\FreeFixer 2011-11-05 17:52 . 2011-06-21 04:09 200976 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys 2011-11-04 23:09 . 2011-11-04 23:09 -------- d-----w- c:\users\derek\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1 2011-11-04 23:09 . 2011-11-04 23:09 -------- d-----w- c:\program files (x86)\Market Samurai 2011-10-29 02:33 . 2011-10-29 02:33 -------- d-----w- c:\users\derek\AppData\Local\APN 2011-10-19 20:42 . 2011-11-04 00:15 -------- d-----w- c:\users\derek\AppData\Local\Spotify 2011-10-19 20:42 . 2011-10-21 03:12 -------- d-----w- c:\users\derek\AppData\Roaming\Spotify . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-07 23:58 . 2011-05-03 00:05 34688 ----a-w- c:\windows\system32\LMIport.dll 2011-10-07 23:58 . 2011-05-03 00:05 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2011-10-07 23:58 . 2011-05-03 00:04 80768 ----a-w- c:\windows\system32\LMIinit.dll 2011-10-01 20:49 . 2011-10-01 20:49 0 ----a-w- c:\windows\SysWow64\sho9564.tmp 2011-09-30 22:40 . 2011-09-30 22:40 0 ----a-w- c:\windows\SysWow64\sho78B0.tmp 2011-09-29 21:09 . 2011-09-29 21:09 79952 ----a-w- c:\windows\system32\drivers\bdsandbox.sys 2011-09-23 21:39 . 2011-05-17 00:38 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-09-16 23:25 . 2011-09-16 23:25 0 ----a-w- c:\windows\SysWow64\sho8A99.tmp 2011-09-09 19:25 . 2011-09-09 19:25 0 ----a-w- c:\windows\SysWow64\shoB3C6.tmp 2011-09-01 16:15 . 2011-09-01 16:15 553280 ----a-w- c:\windows\system32\drivers\avckf.sys 2011-09-01 16:12 . 2011-09-01 16:12 674904 ----a-w- c:\windows\system32\drivers\avc3.sys 2011-08-31 22:43 . 2011-08-31 22:43 0 ----a-w- c:\windows\SysWow64\shoC64B.tmp 2011-08-24 21:10 . 2011-08-24 21:10 0 ----a-w- c:\windows\SysWow64\shoB497.tmp 2011-08-13 22:23 . 2011-08-13 22:23 0 ----a-w- c:\windows\SysWow64\sho95EB.tmp . . ((((((((((((((((((((((((((((( [email protected]_01.55.10 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-14 04:54 . 2011-11-11 02:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-11-11 02:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-11-11 02:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 05:10 . 2011-11-11 02:20 33818 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-05-03 02:44 . 2011-11-11 04:33 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-05-03 02:44 . 2011-11-10 22:20 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-11-11 04:33 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-07-13 23:19 . 2011-11-11 01:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-07-13 23:19 . 2011-11-11 02:18 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-07-13 23:19 . 2011-11-11 02:18 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2010-07-13 23:19 . 2011-11-11 01:05 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2010-07-13 23:19 . 2011-11-11 01:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-07-13 23:19 . 2011-11-11 02:18 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-07-12 23:17 . 2011-11-11 04:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-07-12 23:17 . 2011-11-10 22:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-07-12 23:17 . 2011-11-11 04:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-07-12 23:17 . 2011-11-10 22:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-07-12 23:20 . 2011-11-11 02:20 5736 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1620454023-599415270-3658004543-1004_UserData.bin - 2009-07-14 02:36 . 2011-11-11 01:09 729484 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-11-11 19:28 729484 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2011-11-11 01:09 146492 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2011-11-11 19:28 146492 c:\windows\system32\perfc009.dat + 2011-11-03 17:08 . 2011-11-03 17:08 15544320 c:\windows\Installer\16b463.msi . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green] @="{95A27763-F62A-4114-9072-E81D87DE3B68}" [HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}] 2011-10-21 01:03 991888 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial] @="{E300CD91-100F-4E67-9AF3-1384A6124015}" [HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}] 2011-10-21 01:03 991888 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow] @="{5E529433-B50E-4bef-A63B-16A6B71B071A}" [HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}] 2011-10-21 01:03 991888 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 19979400] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2010-01-20 82944] "Carbonite Backup"="c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe" [2011-10-21 1063056] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ OnlyWire.LNK - c:\program files (x86)\OnlyWire\OnlyWireWindows.exe [2011-9-20 44456] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" "ControlCenter3"=c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun . R0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x] R0 szkg5;szkg5;c:\windows\SySWOW64\DRIVERS\szkg64.sys [x] R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-03-01 89680] R1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-08-10 102992] R1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336] R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-10-07 375176] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2010-09-17 15928] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] R2 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392] R2 regi;regi;c:\windows\system32\drivers\regi.sys [x] R2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [x] R2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x] R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-03 483688] R2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2011-10-20 62512] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x] R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x] R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [x] R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 NMgamingmsFltr;USB Optical Mouse;c:\windows\system32\drivers\NMgamingms.sys [x] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x] R3 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-12-23 168448] R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-03 209768] R3 SWNC8U56;Sierra Wireless MUX NDIS Driver (UMTS56);c:\windows\system32\DRIVERS\swnc8u56.sys [x] R3 SWUMX56;Sierra Wireless USB MUX Driver (UMTS56);c:\windows\system32\DRIVERS\swumx56.sys [x] R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-15 466736] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x] R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-03 135664] R4 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-03 135664] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128] R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] R4 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2011-09-13 74336] R4 SMPDiskOptimizer;SMPDiskOptimizer;c:\program files (x86)\System Optimizer\SMPDefragSrv64.exe [2010-10-19 275456] R4 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-02-24 108400] R4 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-02-24 422768] R4 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-02-24 67952] R4 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-02-08 302448] R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936] R4 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-01-20 574320] R4 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-03-18 852336] R4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-20 529776] R4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-02-20 386416] R4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-20 115568] R4 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-06-09 1223024] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x] S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}] 2009-07-14 01:14 301568 ----a-w- c:\windows\System32\cmd.exe . Contents of the 'Scheduled Tasks' folder . 2011-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-03 03:05] . 2011-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-03 03:05] . 2011-11-07 c:\windows\Tasks\X-Ray My PC System Scanner.job - c:\program files (x86)\XRayMyPC\XRayMyPCSystemScanner\Xraymypc.exe [2011-11-07 19:48] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green] @="{95A27763-F62A-4114-9072-E81D87DE3B68}" [HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}] 2011-10-21 00:56 1256592 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial] @="{E300CD91-100F-4E67-9AF3-1384A6124015}" [HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}] 2011-10-21 00:56 1256592 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow] @="{5E529433-B50E-4bef-A63B-16A6B71B071A}" [HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}] 2011-10-21 00:56 1256592 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1] @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}" [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}] 2011-09-13 16:23 260760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2] @="{342DAA0B-D796-460D-8566-901E08A1CCAD}" [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}] 2011-09-13 16:23 260760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3] @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}" [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}] 2011-09-13 16:23 260760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4] @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}" [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}] 2011-09-13 16:23 260760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-25 10060320] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-22 16397416] "LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2010-09-17 57928] "BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2011-11-08 1029640] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mStart Page = about:blank mLocal Page = c:\windows\SYSTEM32\blank.htm TCP: DhcpNameServer = 192.168.1.254 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll FF - ProfilePath - c:\users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search= FF - prefs.js: browser.search.selectedEngine - Search The Web FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q= FF - prefs.js: network.proxy.http - 208.85.23.112 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.type - 0 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ------- File Associations ------- . JSEFile=NOTEPAD.EXE %1 . - - - - ORPHANS REMOVED - - - - . SafeBoot-Lavasoft Ad-Aware Service AddRemove-HijackThis - c:\users\derek\Documents\HijackThis.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet003\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\"" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2447568~31bf3856ad364e35~amd64~~6.1.1.0] @DACL=(02 0000) "ApplicabilityState"=dword:00000070 "CurrentState"=dword:00000000 . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB947821~31bf3856ad364e35~amd64~~6.1.8.0] @DACL=(02 0000) "ApplicabilityState"=dword:00000070 "CurrentState"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-11-11 15:33:04 ComboFix-quarantined-files.txt 2011-11-11 20:32 . Pre-Run: 486,741,102,592 bytes free Post-Run: 486,417,502,208 bytes free . - - End Of File - - 37C4EBBC368F05B98B0CDB118AD7F23F Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 13, 2011 HERE IS GMER.LOG: GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2011-11-12 20:35:49 Windows 6.1.7600 Running: sp61ghle.exe ---- Services - GMER 1.0.15 ---- Service .NET CLR Data Service .NET CLR Networking Service .NET CLR Networking 4.0.0.0 Service .NET Data Provider for Oracle Service .NET Data Provider for SqlServer Service .NET Memory Cache 4.0 Service .NETFramework Service system32\drivers\1394ohci.sys (1394 OpenHCI Driver/Microsoft Corporation) [MANUAL] 1394ohci Service C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Connect Service/ArcSoft Inc.) [DISABLED] ACDaemon Service system32\drivers\ACPI.sys (ACPI Driver for NT/Microsoft Corporation) [BOOT] ACPI Service system32\drivers\acpipmi.sys (ACPI Power Metering Driver/Microsoft Corporation) [MANUAL] AcpiPmi Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (System Level Service Utility/Adobe Systems) [MANUAL] Adobe LM Service Service system32\drivers\adp94xx.sys (Adaptec Windows SAS/SATA Storport Driver/Adaptec, Inc.) [MANUAL] adp94xx Service system32\drivers\adpahci.sys (Adaptec Windows SATA Storport Driver/Adaptec, Inc.) [MANUAL] adpahci Service system32\drivers\adpu320.sys (Adaptec StorPort Ultra320 SCSI Driver (X64)/Adaptec, Inc.) [MANUAL] adpu320 Service adsi Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] AeLookupSvc Service system32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD Service system32\drivers\agp440.sys (440 NT AGP Filter/Microsoft Corporation) [MANUAL] agp440 Service C:\Windows\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG Service system32\drivers\aliide.sys (ALi mini IDE Driver/Acer Laboratories Inc.) [MANUAL] aliide Service system32\drivers\amdide.sys (AMD IDE Driver/Microsoft Corporation) [MANUAL] amdide Service system32\drivers\amdk8.sys (Processor Device Driver/Microsoft Corporation) [MANUAL] AmdK8 Service system32\drivers\amdppm.sys (Processor Device Driver/Microsoft Corporation) [MANUAL] AmdPPM Service system32\drivers\amdsata.sys (AHCI 1.2 Device Driver/Advanced Micro Devices) [MANUAL] amdsata Service system32\drivers\amdsbs.sys (AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform/AMD Technologies Inc.) [MANUAL] amdsbs Service system32\drivers\amdxata.sys (Storage Filter Driver/Advanced Micro Devices) [BOOT] amdxata Service system32\drivers\Apfiltr.sys (Alps Touch Pad Driver/Alps Electric Co., Ltd.) [MANUAL] ApfiltrService Service system32\drivers\appid.sys (AppID Driver/Microsoft Corporation) [MANUAL] AppID Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] AppIDSvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Appinfo Service C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (MobileDeviceService/Apple Inc.) [DISABLED] Apple Mobile Device Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) AppMgmt Service system32\drivers\arc.sys (Adaptec RAID Storport Driver/Adaptec, Inc.) [MANUAL] arc Service system32\drivers\arcsas.sys (Adaptec SAS RAID WS03 Driver/Adaptec, Inc.) [MANUAL] arcsas Service system32\DRIVERS\ArcSoftKsUFilter.sys (For X64/ArcSoft, Inc.) [MANUAL] ArcSoftKsUFilter Service ASP.NET Service ASP.NET_4.0.30319 Service C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (Microsoft ASP.NET State Server/Microsoft Corporation) [MANUAL] aspnet_state Service system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac Service system32\drivers\atapi.sys (ATAPI IDE Miniport Driver/Microsoft Corporation) [MANUAL] atapi Service system32\DRIVERS\athrx.sys (Atheros Extensible Wireless LAN device driver/Atheros Communications, Inc.) [MANUAL] athr Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] AudioEndpointBuilder Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] AudioSrv Service system32\DRIVERS\avc3.sys (Active Virus Control filter driver/BitDefender) [BOOT] avc3 Service system32\DRIVERS\avchv.sys (BitDefender AntiVirus Active Virus Control Hypervisor driver/BitDefender) [MANUAL] avchv Service system32\DRIVERS\avckf.sys (Active Virus Control Kernel Filtering driver/BitDefender) [MANUAL] avckf Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] AxInstSV Service system32\drivers\bxvbda.sys (Broadcom NetXtreme II GigE VBD/Broadcom Corporation) [MANUAL] b06bdrv Service system32\DRIVERS\b57nd60a.sys (Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver./Broadcom Corporation) [MANUAL] b57nd60a Service (Battery Class Driver/Microsoft Corporation) BattC Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] BDESVC Service C:\??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [SYSTEM] BdfNdisf Service system32\DRIVERS\bdfsfltr.sys (BitDefender AntiVirus FS filter driver/BitDefender) [BOOT] bdfsfltr Service C:\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [SYSTEM] bdfwfpf Service C:\Windows\system32\drivers\bdsandbox.sys (BitDefender SandBox Filter Driver/BitDefender SRL) [MANUAL] bdsandbox Service system32\DRIVERS\bdvedisk.sys (FileVault Disk Driver/BitDefender) [SYSTEM] BDVEDISK Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] BFE Service BHDrvx64 Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] BITS Service system32\drivers\blbdrive.sys (BLB Drive Driver/Microsoft Corporation) [SYSTEM] blbdrive Service system32\DRIVERS\bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation) [MANUAL] bowser Service system32\drivers\BrFiltLo.sys (Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltLo Service system32\drivers\BrFiltUp.sys (Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltUp Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Browser Service System32\Drivers\Brserid.sys (Brotehr Serial I/F Driver (WDM)/Brother Industries Ltd.) [MANUAL] Brserid Service System32\Drivers\BrSerWdm.sys (Brother Serial driver (WDM version)/Brother Industries Ltd.) [MANUAL] BrSerWdm Service System32\Drivers\BrUsbMdm.sys (Brother USB MDM Driver /Brother Industries Ltd.) [MANUAL] BrUsbMdm Service System32\Drivers\BrUsbSer.sys (Brother USB Serial Driver/Brother Industries Ltd.) [MANUAL] BrUsbSer Service system32\DRIVERS\BthEnum.sys (Bluetooth Bus Extender/Microsoft Corporation) [MANUAL] BthEnum Service system32\drivers\bthmodem.sys (Bluetooth Communications Driver/Microsoft Corporation) [MANUAL] BTHMODEM Service system32\DRIVERS\bthpan.sys (Bluetooth Personal Area Networking/Microsoft Corporation) [MANUAL] BthPan Service System32\Drivers\BTHport.sys (Bluetooth Bus Driver/Microsoft Corporation) [MANUAL] BTHPORT Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] bthserv Service System32\Drivers\BTHUSB.sys (Bluetooth Miniport Driver/Microsoft Corporation) [MANUAL] BTHUSB Service system32\drivers\btwampfl.sys [MANUAL] btwampfl Service system32\drivers\btwaudio.sys [MANUAL] btwaudio Service system32\DRIVERS\btwavdt.sys [MANUAL] btwavdt Service system32\DRIVERS\btwl2cap.sys [MANUAL] btwl2cap Service system32\DRIVERS\btwrchid.sys [MANUAL] btwrchid Service C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe (Carbonite Secure Backup Engine/Carbonite, Inc. (www.carbonite.com)) [AUTO] CarboniteService Service C:\ComboFix\catchme.sys [MANUAL] catchme Service system32\DRIVERS\cdfs.sys (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] cdfs Service system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] cdrom Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] CertPropSvc Service system32\drivers\circlass.sys (Consumer IR Class Driver for eHome/Microsoft Corporation) [MANUAL] circlass Service System32\CLFS.sys (Common Log File System Driver/Microsoft Corporation) [BOOT] CLFS Service C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [DISABLED] clr_optimization_v2.0.50727_32 Service C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [DISABLED] clr_optimization_v2.0.50727_64 Service C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [AUTO] clr_optimization_v4.0.30319_32 Service C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [AUTO] clr_optimization_v4.0.30319_64 Service system32\drivers\CmBatt.sys (Control Method Battery Driver/Microsoft Corporation) [MANUAL] CmBatt Service system32\drivers\cmdide.sys (CMD PCI IDE Bus Driver/CMD Technology, Inc.) [MANUAL] cmdide Service System32\Drivers\cng.sys (Kernel Cryptography, Next Generation/Microsoft Corporation) [BOOT] CNG Service system32\drivers\compbatt.sys (Composite Battery Driver/Microsoft Corporation) [BOOT] Compbatt Service system32\drivers\CompositeBus.sys (Multi-Transport Composite Bus Enumerator/Microsoft Corporation) [MANUAL] CompositeBus Service C:\Windows\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp Service system32\drivers\crcdisk.sys (Disk Block Verification Filter Driver/Microsoft Corporation) [DISABLED] crcdisk Service crypt32 Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] CryptSvc Service C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Office Client Virtualization Service /Microsoft Corporation) [AUTO] cvhsvc Service DCLocator Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] DcomLaunch Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] defragsvc Service System32\Drivers\dfsc.sys (DFS Namespace Client Driver/Microsoft Corporation) [SYSTEM] DfsC Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Dhcp Service System32\drivers\discache.sys (System Indexer/Cache Driver/Microsoft Corporation) [SYSTEM] discache Service system32\drivers\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Dnscache Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] dot3svc Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] DPS Service system32\drivers\drmkaud.sys (Microsoft Trusted Audio Drivers/Microsoft Corporation) [MANUAL] drmkaud Service System32\drivers\dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) [MANUAL] DXGKrnl Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] EapHost Service system32\drivers\evbda.sys (Broadcom NetXtreme II 10 GigE VBD/Broadcom Corporation) [MANUAL] ebdrv Service C:\Windows\System32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] EFS Service C:\Windows\ehome\ehRecvr.exe (Windows Media Center Receiver Service/Microsoft Corporation) [MANUAL] ehRecvr Service C:\Windows\ehome\ehsched.exe (Windows Media Center Scheduler Service/Microsoft Corporation) [MANUAL] ehSched Service system32\drivers\elxstor.sys (Storport Miniport Driver for LightPulse HBAs/Emulex) [MANUAL] elxstor Service system32\drivers\errdev.sys (Error Device Driver/Microsoft Corporation) [MANUAL] ErrDev Service ESENT Service C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [MANUAL] esgiguard Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] eventlog Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] EventSystem Service (Microsoft Extended FAT File System/Microsoft Corporation) [MANUAL] exfat Service (Fast FAT File System Driver/Microsoft Corporation) [MANUAL] fastfat Service C:\Windows\system32\fxssvc.exe (Fax Service/Microsoft Corporation) [MANUAL] Fax Service system32\drivers\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) [MANUAL] fdc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] fdPHost Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] FDResPub Service system32\drivers\fileinfo.sys (FileInfo Filter Driver/Microsoft Corporation) [BOOT] FileInfo Service system32\drivers\filetrace.sys (File Trace Filter Driver/Microsoft Corporation) [MANUAL] Filetrace Service system32\drivers\flpydisk.sys (Floppy Driver/Microsoft Corporation) [MANUAL] flpydisk Service system32\drivers\fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] FontCache Service C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (PresentationFontCache.exe/Microsoft Corporation) [MANUAL] FontCache3.0.0.0 Service System32\drivers\FsDepends.sys (File System Dependency Manager Mini Filter Driver/Microsoft Corporation) [MANUAL] FsDepends Service (File System Recognizer Driver/Microsoft Corporation) [BOOT] Fs_Rec Service System32\DRIVERS\fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) [BOOT] fvevol Service system32\drivers\gagp30kx.sys (MS Generic AGPv3.0 Filter for K8/9 Processor Platforms/Microsoft Corporation) [MANUAL] gagp30kx Service system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) [MANUAL] GEARAspiWDM Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] gpsvc Service C:\Program [DISABLED] gupdate Service C:\Program [DISABLED] gupdatem Service C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [DISABLED] gusvc Service system32\drivers\hcw85cir.sys (Hauppauge WinTV 885 Consumer IR Driver for eHome/Hauppauge Computer Works, Inc.) [MANUAL] hcw85cir Service system32\drivers\HdAudio.sys (High Definition Audio Function Driver/Microsoft Corporation) [MANUAL] HdAudAddService Service system32\drivers\HDAudBus.sys (High Definition Audio Bus Driver/Microsoft Corporation) [MANUAL] HDAudBus Service system32\drivers\HidBatt.sys (Hid Battery Driver/Microsoft Corporation) [MANUAL] HidBatt Service system32\DRIVERS\hidbth.sys (Bluetooth Miniport Driver for HID Devices/Microsoft Corporation) [MANUAL] HidBth Service system32\drivers\hidir.sys (Infrared Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidIr Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] hidserv Service system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidUsb Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] hkmsvc Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] HomeGroupListener Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] HomeGroupProvider Service system32\drivers\HpSAMD.sys (Smart Array SAS/SATA Controller Media Driver/Hewlett-Packard Company) [MANUAL] HpSAMD Service system32\drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP Service System32\drivers\hwpolicy.sys (Hardware Policy Driver/Microsoft Corporation) [BOOT] hwpolicy Service system32\drivers\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) [MANUAL] i8042prt Service system32\drivers\iaStor.sys (Intel Rapid Storage Technology driver - x64/Intel Corporation) [BOOT] iaStor Service C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (IAStorDataSvc/Intel Corporation) [AUTO] IAStorDataMgrSvc Service system32\drivers\iaStorV.sys (Intel Matrix Storage Manager driver - x64/Intel Corporation) [MANUAL] iaStorV Service C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Windows CardSpace/Microsoft Corporation) [MANUAL] idsvc Service IDSVia64 Service system32\drivers\iirsp.sys (Intel/ICP Raid Storport Driver/Intel Corp./ICP vortex GmbH) [MANUAL] iirsp Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] IKEEXT Service system32\drivers\Impcd.sys (Intel(R) Turbo Boost Technology Driver/Intel Corporation) [MANUAL] Impcd Service inetaccs Service system32\drivers\RTKVHD64.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp.) [MANUAL] IntcAzAudAddService Service system32\drivers\intelide.sys (Intel PCI IDE Driver/Microsoft Corporation) [MANUAL] intelide Service system32\drivers\intelppm.sys (Processor Device Driver/Microsoft Corporation) [MANUAL] intelppm Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] IPBusEnum Service system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] iphlpsvc Service system32\drivers\IPMIDrv.sys (WMI IPMI DRIVER/Microsoft Corporation) [MANUAL] IPMIDRV Service System32\drivers\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IPNAT Service C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (64-bit)/Apple Inc.) [DISABLED] iPod Service Service system32\drivers\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM Service system32\drivers\isapnp.sys (PNP ISA Bus Driver/Microsoft Corporation) [MANUAL] isapnp Service system32\drivers\msiscsi.sys (Microsoft iSCSI Initiator Driver/Microsoft Corporation) [MANUAL] iScsiPrt Service C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (RegMgr Module/InterVideo) [AUTO] IviRegMgr Service system32\DRIVERS\kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) [MANUAL] kbdclass Service system32\DRIVERS\kbdhid.sys (HID Keyboard Filter Driver/Microsoft Corporation) [MANUAL] kbdhid Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] KeyIso Service System32\Drivers\ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD Service System32\Drivers\ksecpkg.sys (Kernel Security Support Provider Interface Packages/Microsoft Corporation) [BOOT] KSecPkg Service system32\drivers\ksthunk.sys (Kernel Streaming WOW Thunk Service/Microsoft Corporation) [MANUAL] ksthunk Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] KtmRm Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] LanmanServer Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] LanmanWorkstation Service ldap Service system32\DRIVERS\lltdio.sys (Link-Layer Topology Mapper I/O Driver/Microsoft Corporation) [AUTO] lltdio Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] lltdsvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] lmhosts Service C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe (LMIGuardianSvc/LogMeIn, Inc.) [AUTO] LMIGuardianSvc Service C:\??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [AUTO] LMIInfo Service C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe (LogMeIn Maintenance Service/LogMeIn, Inc.) [AUTO] LMIMaint Service system32\DRIVERS\lmimirr.sys (LogMeIn Mirror Miniport Driver/LogMeIn, Inc.) [MANUAL] lmimirr Service [DISABLED] LMIRfsClientNP Service C:\Windows\system32\drivers\LMIRfsDriver.sys (LogMeIn Rfs Drivemap Driver/LogMeIn, Inc.) [AUTO] LMIRfsDriver Service C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (LogMeIn/LogMeIn, Inc.) [AUTO] LogMeIn Service Lsa Service system32\drivers\lsi_fc.sys (LSI Fusion-MPT FC Driver (StorPort)/LSI Corporation) [MANUAL] LSI_FC Service system32\drivers\lsi_sas.sys (LSI Fusion-MPT SAS Driver (StorPort)/LSI Corporation) [MANUAL] LSI_SAS Service system32\drivers\lsi_sas2.sys (LSI SAS Gen2 Driver (StorPort)/LSI Corporation) [MANUAL] LSI_SAS2 Service system32\drivers\lsi_scsi.sys (LSI Fusion-MPT SCSI Driver (StorPort)/LSI Corporation) [MANUAL] LSI_SCSI Service system32\drivers\luafv.sys (LUA File Virtualization Filter Driver/Microsoft Corporation) [AUTO] luafv Service MAV Client PerfMon Provider Service C:\Windows\system32\drivers\mbam.sys (Malwarebytes' Anti-Malware/Malwarebytes Corporation) [MANUAL] MBAMProtector Service C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes' Anti-Malware/Malwarebytes Corporation) [AUTO] MBAMService Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] Mcx2Svc Service system32\drivers\megasas.sys (MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64/LSI Corporation) [MANUAL] megasas Service system32\drivers\MegaSR.sys (LSI MegaRAID Software RAID Driver/LSI Corporation, Inc.) [MANUAL] MegaSR Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MMCSS Service system32\drivers\modem.sys (Modem Device Driver/Microsoft Corporation) [MANUAL] Modem Service system32\DRIVERS\monitor.sys (Monitor Driver/Microsoft Corporation) [MANUAL] monitor Service system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) [MANUAL] mouclass Service system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) [MANUAL] mouhid Service System32\drivers\mountmgr.sys (Mount Point Manager/Microsoft Corporation) [BOOT] mountmgr Service system32\drivers\mpio.sys (MultiPath Support Bus-Driver/Microsoft Corporation) [MANUAL] mpio Service System32\drivers\mpsdrv.sys (Microsoft Protection Service Driver/Microsoft Corporation) [MANUAL] mpsdrv Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MpsSvc Service system32\drivers\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV Service system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [MANUAL] mrxsmb Service system32\DRIVERS\mrxsmb10.sys (Longhorn SMB Downlevel SubRdr/Microsoft Corporation) [MANUAL] mrxsmb10 Service system32\DRIVERS\mrxsmb20.sys (Longhorn SMB 2.0 Redirector/Microsoft Corporation) [MANUAL] mrxsmb20 Service system32\drivers\msahci.sys (MS AHCI 1.0 Standard Driver/Microsoft Corporation) [MANUAL] msahci Service system32\drivers\msdsm.sys (Microsoft Device Specific Module/Microsoft Corporation) [MANUAL] msdsm Service C:\Windows\System32\msdtc.exe (Microsoft Distributed Transaction Coordinator Service/Microsoft Corporation) [MANUAL] MSDTC Service MSDTC Bridge 3.0.0.0 Service MSDTC Bridge 4.0.0.0 Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs Service System32\drivers\mshidkmdf.sys (Pass-through HID to KMDF Filter Driver/Microsoft Corporation) [MANUAL] mshidkmdf Service system32\drivers\msisadrv.sys (ISA Driver/Microsoft Corporation) [BOOT] msisadrv Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] MSiSCSI Service C:\Windows\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] msiserver Service system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV Service system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK Service system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM Service (Kernel Remote Procedure Call Provider/Microsoft Corporation) [MANUAL] MsRPC Service MSSCNTRS Service system32\drivers\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [SYSTEM] mssmbios Service C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe (SQL Server Windows NT/Microsoft Corporation) [AUTO] MSSQL$DDNI Service C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE (Microsoft SQL Server Active Directory Helper Service/Microsoft Corporation) [DISABLED] MSSQLServerADHelper100 Service system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE Service system32\drivers\MTConfig.sys (Microsoft Multi-Touch HID Driver/Microsoft Corporation) [MANUAL] MTConfig Service System32\Drivers\mup.sys (Multiple UNC Provider Driver/Microsoft Corporation) [BOOT] Mup Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] napagent Service system32\DRIVERS\nwifi.sys (NativeWiFi Miniport Driver/Microsoft Corporation) [MANUAL] NativeWifiP Service system32\drivers\ndis.sys (NDIS 6.20 driver/Microsoft Corporation) [BOOT] NDIS Service system32\DRIVERS\ndiscap.sys (NDIS Packet Capture Filter Driver/Microsoft Corporation) [MANUAL] NdisCap Service system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi Service system32\DRIVERS\ndisuio.sys (NDIS User mode I/O driver/Microsoft Corporation) [MANUAL] Ndisuio Service system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy Service system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS Service System32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] Netlogon Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Netman Service c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetMsmqActivator Service c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetPipeActivator Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] netprofm Service c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetTcpActivator Service c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetTcpPortSharing Service system32\drivers\nfrd960.sys (IBM ServeRAID Controller Driver/IBM Corporation) [MANUAL] nfrd960 Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] NlaSvc Service system32\drivers\NMgamingms.sys (Primax USB Optical Mouse Driver/Primax Ltd) [MANUAL] NMgamingmsFltr Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] nsi Service system32\drivers\nsiproxy.sys (NSI Proxy/Microsoft Corporation) [SYSTEM] nsiproxy Service NTDS Service (NT File System Driver/Microsoft Corporation) [MANUAL] Ntfs Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null Service system32\drivers\nvhda64v.sys (NVIDIA HDMI Audio Driver/NVIDIA Corporation) [MANUAL] NVHDA Service system32\DRIVERS\nvlddmkm.sys (NVIDIA Windows Kernel Mode Driver, Version 189.25 /NVIDIA Corporation) [MANUAL] nvlddmkm Service system32\drivers\nvraid.sys (NVIDIA® nForce(TM) RAID Driver/NVIDIA Corporation) [MANUAL] nvraid Service system32\drivers\nvstor.sys (NVIDIA® nForce(TM) Sata Performance Driver/NVIDIA Corporation) [MANUAL] nvstor Service C:\Windows\system32\nvvsvc.exe (NVIDIA Driver Helper Service, Version 189.25/NVIDIA Corporation) [AUTO] nvsvc Service system32\drivers\nv_agp.sys (NForce NT AGP Filter/Microsoft Corporation) [MANUAL] nv_agp Service system32\drivers\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) [MANUAL] ohci1394 Service C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose Service C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Office Software Protection Platform Service/Microsoft Corporation) [MANUAL] osppsvc Service Outlook Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] p2pimsvc Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] p2psvc Service system32\drivers\parport.sys (Parallel Port Driver/Microsoft Corporation) [MANUAL] Parport Service System32\drivers\partmgr.sys (Partition Management Driver/Microsoft Corporation) [BOOT] partmgr Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PcaSvc Service system32\drivers\pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) [BOOT] pci Service system32\drivers\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [MANUAL] pciide Service system32\drivers\pcmcia.sys (PCMCIA Bus Driver/Microsoft Corporation) [MANUAL] pcmcia Service C:\Windows\system32\PCTINDIS5X64.SYS [MANUAL] PCTINDIS5X64 Service System32\drivers\pcw.sys (Performance Counters for Windows Driver/Microsoft Corporation) [BOOT] pcw Service system32\drivers\peauth.sys (Protected Environment Authentication and Authorization Export Driver/Microsoft Corporation) [AUTO] PEAUTH Service PerfDisk Service C:\Windows\SysWow64\perfhost.exe (x86 Performance Counter Host/Microsoft Corporation) [MANUAL] PerfHost Service PerfNet Service PerfOS Service PerfProc Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] pla Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PlugPlay Service C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Device Information Provider/Sony Corporation) [DISABLED] PMBDeviceInfoProvider Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] PNRPAutoReg Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] PNRPsvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] PolicyAgent Service PortProxy Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Power Service system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport Service system32\drivers\processr.sys (Processor Device Driver/Microsoft Corporation) [MANUAL] Processor Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ProfSvc Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] ProtectedStorage Service system32\DRIVERS\pacer.sys (QoS Packet Scheduler/Microsoft Corporation) [SYSTEM] Psched Service C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (PsiService PsiService/Protexis Inc.) [DISABLED] PSI_SVC_2 Service System32\Drivers\PxHlpa64.sys (Px Engine Device Driver for 64-bit Windows/Sonic Solutions) [BOOT] PxHlpa64 Service system32\drivers\ql2300.sys (QLogic Fibre Channel Stor Miniport Driver/QLogic Corporation) [MANUAL] ql2300 Service system32\drivers\ql40xx.sys (QLogic iSCSI Storport Miniport Driver/QLogic Corporation) [MANUAL] ql40xx Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] QWAVE Service system32\drivers\qwavedrv.sys (Microsoft Quality Windows Audio Video Experience (qWave) Support Driver/Microsoft Corporation) [MANUAL] QWAVEdrv Service System32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [MANUAL] RasAcd Service system32\DRIVERS\AgileVpn.sys (RAS Agile Vpn Miniport Call Manager/Microsoft Corporation) [MANUAL] RasAgileVpn Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RasAuto Service system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RasMan Service system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe Service system32\DRIVERS\rassstp.sys (RAS SSTP Miniport Call Manager/Microsoft Corporation) [MANUAL] RasSstp Service system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] rdbss Service system32\drivers\rdpbus.sys (Microsoft RDP Bus Device driver/Microsoft Corporation) [MANUAL] rdpbus Service System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD Service RDPDD Service system32\drivers\rdpencdd.sys (RDP Encoder Miniport/Microsoft Corporation) [SYSTEM] RDPENCDD Service RDPNP Service system32\drivers\rdprefmp.sys (RDP Reflector Driver Miniport/Microsoft Corporation) [SYSTEM] RDPREFMP Service (RDP Terminal Stack Driver/Microsoft Corporation) [MANUAL] RDPWD Service System32\drivers\rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) [BOOT] rdyboost Service C:\Windows\system32\drivers\regi.sys (regi driver/InterVideo) [AUTO] regi Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] RemoteAccess Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] RemoteRegistry Service system32\DRIVERS\rfcomm.sys (Bluetooth RFCOMM Driver/Microsoft Corporation) [MANUAL] RFCOMM Service system32\drivers\rimssne64.sys (RICOH MS Driver/REDC) [AUTO] rimspci Service system32\DRIVERS\RimSerial_AMD64.sys (RIM Virtual Serial Driver/Research in Motion Ltd) [MANUAL] RimVSerPort Service system32\DRIVERS\risdpe64.sys (RICOH SD/MMC Driver/REDC) [AUTO] risdpcie Service system32\drivers\risdsne64.sys (RICOH PCIe SD/MMC Driver/REDC) [AUTO] risdsnpe Service System32\Drivers\RootMdm.sys (Legacy Non-Pnp Modem Device Driver/Microsoft Corporation) [MANUAL] ROOTMODEM Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] RpcEptMapper Service C:\Windows\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] RpcSs Service system32\DRIVERS\rspndr.sys (Link-Layer Topology Responder Driver for NDIS 6/Microsoft Corporation) [AUTO] rspndr Service C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe (SafeBox Service/BitDefender) [DISABLED] SafeBox Service C:\Program Files\Sony\VAIO Care\collsvc.exe (VaioCare Sample Collector Service/Sony of America Corporation) [MANUAL] SampleCollector Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [AUTO] SamSs Service system32\drivers\sbp2port.sys (SBP-2 Protocol Driver/Microsoft Corporation) [MANUAL] sbp2port Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SCardSvr Service System32\DRIVERS\scfilter.sys (Microsoft Smart Card Reader Filter Driver/Microsoft Corporation) [MANUAL] scfilter Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Schedule Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SCPolicySvc Service system32\drivers\sdbus.sys (SecureDigital Bus Driver/Microsoft Corporation) [MANUAL] sdbus Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SDRSVC Service (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] secdrv Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] seclogon Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SENS Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SensrSvc Service system32\drivers\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] Serenum Service system32\drivers\serial.sys (Serial Device Driver/Microsoft Corporation) [MANUAL] Serial Service system32\drivers\sermouse.sys (Serial Mouse Filter Driver/Microsoft Corporation) [MANUAL] sermouse Service ServiceModelEndpoint 3.0.0.0 Service ServiceModelOperation 3.0.0.0 Service ServiceModelService 3.0.0.0 Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SessionEnv Service system32\drivers\SFEP.sys (Sony Firmware Extension Parser driver/Sony Corporation) [MANUAL] SFEP Service system32\drivers\sffdisk.sys (Small Form Factor Disk Driver/Microsoft Corporation) [MANUAL] sffdisk Service system32\drivers\sffp_mmc.sys (Small Form Factor MMC Protocol Driver/Microsoft Corporation) [MANUAL] sffp_mmc Service system32\drivers\sffp_sd.sys (Small Form Factor SD Protocol Driver/Microsoft Corporation) [MANUAL] sffp_sd Service system32\drivers\sfloppy.sys (SCSI Floppy Driver/Microsoft Corporation) [MANUAL] sfloppy Service system32\DRIVERS\Sftfslh.sys (Microsoft Application Virtualization File System/Microsoft Corporation) [MANUAL] Sftfs Service C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Application Virtualization Client Service/Microsoft Corporation) [AUTO] sftlist Service system32\DRIVERS\Sftplaylh.sys (Microsoft Application Virtualization SystemGuard/Microsoft Corporation) [MANUAL] Sftplay Service system32\DRIVERS\Sftredirlh.sys (Microsoft Application Virtualization SystemGuard/Microsoft Corporation) [MANUAL] Sftredir Service system32\DRIVERS\Sftvollh.sys (Microsoft Application Virtualization Volume Manager/Microsoft Corporation) [MANUAL] Sftvol Service C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Application Virtualization Virtual Service Agent/Microsoft Corporation) [MANUAL] sftvsa Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SharedAccess Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ShellHWDetection Service system32\drivers\SiSRaid2.sys (SiS RAID Stor Miniport Driver/Silicon Integrated Systems Corp.) [MANUAL] SiSRaid2 Service system32\drivers\sisraid4.sys (SiS AHCI Stor-Miniport Driver/Silicon Integrated Systems) [MANUAL] SiSRaid4 Service system32\DRIVERS\smb.sys (SMB Transport driver/Microsoft Corporation) [MANUAL] Smb Service system32\DRIVERS\intelsmb.sys (System Management Bus 2.0 (SMBus) Driver/Intel Corporation) [MANUAL] smbusp Service C:\Program Files (x86)\System Optimizer\SMPDefragSrv64.exe (System Optimizer - Defrag Service/SpeedMyPC.com, (www.speedmypc.com)) [DISABLED] SMPDiskOptimizer Service SMSvcHost 3.0.0.0 Service SMSvcHost 4.0.0.0 Service C:\Windows\System32\snmptrap.exe (SNMP Trap/Microsoft Corporation) [MANUAL] SNMPTRAP Service C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (VAIO Media plus Content Importer/Sony Corporation) [DISABLED] SOHCImp Service C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (VAIO Media plus Digital Media Server/Sony Corporation) [DISABLED] SOHDms Service C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (VAIO Media plus Device Searcher/Sony Corporation) [DISABLED] SOHDs Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe (VAIO Entertainment Common Service/Sony Corporation) [DISABLED] SpfService Service (loader for security processor/Microsoft Corporation) [BOOT] spldr Service C:\Windows\System32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler Service C:\Windows\system32\sppsvc.exe (Microsoft Software Protection Platform Service/Microsoft Corporation) [AUTO] sppsvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] sppuinotify Service C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE (SQLAGENT - SQL Server Agent/Microsoft Corporation) [DISABLED] SQLAgent$DDNI Service C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (SQL Browser Service EXE/Microsoft Corporation) [DISABLED] SQLBrowser Service C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (SQL Server VSS Writer - 64 Bit/Microsoft Corporation) [AUTO] SQLWriter Service System32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] srv Service System32\DRIVERS\srv2.sys (Smb 2.0 Server driver/Microsoft Corporation) [MANUAL] srv2 Service System32\DRIVERS\srvnet.sys (Server Network driver/Microsoft Corporation) [MANUAL] srvnet Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SSDPSRV Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SstpSvc Service system32\drivers\stexstor.sys (Promise SuperTrak EX Series Driver for Windows /Promise Technology) [MANUAL] stexstor Service system32\DRIVERS\serscan.sys (Serial Imaging Device Driver/Microsoft Corporation) [MANUAL] StillCam Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] stisvc Service system32\drivers\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum Service SWINSTST Service System32\drivers\swmsflt.sys [MANUAL] swmsflt Service system32\DRIVERS\swnc8u56.sys (Sierra Wireless NDIS Driver/Sierra Wireless Inc.) [MANUAL] SWNC8U56 Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] swprv Service system32\DRIVERS\swumx56.sys (Sierra Wireless USB MUX Driver/Sierra Wireless Inc.) [MANUAL] SWUMX56 Service SymDS Service SymEFA Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SysMain Service SySWOW64\DRIVERS\szkg64.sys [BOOT] szkg5 Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] TabletInputService Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] TapiSrv Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] TBS Service System32\drivers\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [BOOT] Tcpip Service system32\DRIVERS\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [MANUAL] TCPIP6 Service TCPIP6TUNNEL Service System32\drivers\tcpipreg.sys (TCP/IP Registry Compatibility Driver/Microsoft Corporation) [AUTO] tcpipreg Service TCPIPTUNNEL Service system32\drivers\tdpipe.sys (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE Service system32\drivers\tdtcp.sys (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP Service system32\DRIVERS\tdx.sys (TDI Translation Driver/Microsoft Corporation) [SYSTEM] tdx Service system32\drivers\termdd.sys (Remote Desktop Server Driver/Microsoft Corporation) [SYSTEM] TermDD Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] TermService Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Themes Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] THREADORDER Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TrkWks Service system32\DRIVERS\trufos.sys (Trufos Kernel Module/BitDefender S.R.L.) [BOOT] trufos Service C:\Windows\servicing\TrustedInstaller.exe (Windows Modules Installer/Microsoft Corporation) [MANUAL] TrustedInstaller Service TSDDD Service System32\DRIVERS\tssecsrv.sys (TS Security Filter Driver/Microsoft Corporation) [MANUAL] tssecsrv Service system32\DRIVERS\tunnel.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) [MANUAL] tunnel Service C:\??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [MANUAL] TVICHW32 Service system32\drivers\uagp35.sys (MS AGPv3.5 Filter/Microsoft Corporation) [MANUAL] uagp35 Service system32\DRIVERS\udfs.sys (UDF File System Driver/Microsoft Corporation) [DISABLED] udfs Service UGatherer Service UGTHRSVC Service C:\Windows\system32\UI0Detect.exe (Interactive services detection/Microsoft Corporation) [MANUAL] UI0Detect Service system32\drivers\uliagpkx.sys (ULi AGPv3.0 Filter for K8/9 Processor Platforms/Microsoft Corporation) [MANUAL] uliagpkx Service system32\DRIVERS\umbus.sys (User-Mode Bus Enumerator/Microsoft Corporation) [MANUAL] umbus Service system32\drivers\umpass.sys (Generic pass-through driver/Microsoft Corporation) [MANUAL] UmPass Service C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe (Bitdefender Web Server/BitDefender) [MANUAL] Update Server Service C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (Bitdefender Update Service/Bitdefender) [AUTO] UPDATESRV Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] upnphost Service System32\Drivers\usbaapl64.sys (Apple Mobile Device USB Driver/Apple, Inc.) [MANUAL] USBAAPL64 Service system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp Service system32\drivers\usbcir.sys (USB Consumer IR Driver for eHome/Microsoft Corporation) [MANUAL] usbcir Service system32\drivers\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci Service system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub Service system32\drivers\usbohci.sys (OHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbohci Service system32\drivers\usbprint.sys (USB Printer driver/Microsoft Corporation) [MANUAL] usbprint Service system32\drivers\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR Service system32\drivers\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci Service System32\Drivers\usbvideo.sys (USB Video Class Driver/Microsoft Corporation) [MANUAL] usbvideo Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] UxSms Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Hardware Resource Manager/Sony Corporation) [DISABLED] VAIO Entertainment TV Device Arbitration Service Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (VAIO Event Service (Service Module)/Sony Corporation) [DISABLED] VAIO Event Service Service C:\Program Files\Sony\VAIO Power Management\SPMService.exe (SPM Module/Sony Corporation) [DISABLED] VAIO Power Management Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] VaultSvc Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (VAIO Content Folder Watcher/Sony Corporation) [DISABLED] VCFw Service C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (VCM Intelligent Analyzing Manager/Sony Corporation) [DISABLED] VcmIAlzMgr Service C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (VCM Intelligent Network Service Manager/Sony Corporation) [DISABLED] VcmINSMgr Service C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (VcmXml Helper Interface/Sony Corporation) [DISABLED] VcmXmlIfHelper Service system32\drivers\vdrvroot.sys (Virtual Drive Root Enumerator/Microsoft Corporation) [BOOT] vdrvroot Service C:\Windows\System32\vds.exe (Virtual Disk Service/Microsoft Corporation) [MANUAL] vds Service system32\DRIVERS\vgapnp.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [MANUAL] vga Service System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave Service system32\drivers\vhdmp.sys (VHD Miniport Driver/Microsoft Corporation) [MANUAL] vhdmp Service system32\drivers\viaide.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.) [MANUAL] viaide Service system32\drivers\volmgr.sys (Volume Manager Driver/Microsoft Corporation) [BOOT] volmgr Service System32\drivers\volmgrx.sys (Volume Manager Extension Driver/Microsoft Corporation) [BOOT] volmgrx Service system32\drivers\volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) [BOOT] volsnap Service system32\drivers\vsmraid.sys (VIA RAID DRIVER FOR AMD-X86-64/VIA Technologies Inc.,Ltd) [MANUAL] vsmraid Service C:\Windows\system32\vssvc.exe (Microsoft® Volume Shadow Copy Service/Microsoft Corporation) [MANUAL] VSS Service C:\Program [AUTO] VSSERV Service C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (VUAgent.exe/Sony Corporation) [DISABLED] VUAgent Service system32\DRIVERS\vwifibus.sys (Virtual WiFi Bus Driver/Microsoft Corporation) [MANUAL] vwifibus Service system32\DRIVERS\vwififlt.sys (Virtual WiFi Filter Driver/Microsoft Corporation) [SYSTEM] vwififlt Service system32\DRIVERS\vwifimp.sys (Virtual WiFi Miniport Driver/Microsoft Corporation) [MANUAL] vwifimp Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] W32Time Service W3SVC Service system32\drivers\wacompen.sys (Wacom Serial Pen Tablet HID Driver/Microsoft Corporation) [MANUAL] WacomPen Service system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] WANARP Service system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [SYSTEM] Wanarpv6 Service C:\Windows\system32\Wat\WatAdminSvc.exe (Windows Activation Technologies Service/Microsoft Corporation) [MANUAL] WatAdminSvc Service C:\Windows\system32\wbengine.exe (Microsoft® Block Level Backup Engine Service EXE/Microsoft Corporation) [MANUAL] wbengine Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WbioSrvc Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] wcncsvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WcsPlugInService Service system32\drivers\wd.sys (Microsoft Watchdog Timer Driver/Microsoft Corporation) [MANUAL] Wd Service system32\drivers\Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation) [BOOT] Wdf01000 Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WdiServiceHost Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WdiSystemHost Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WebClient Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Wecsvc Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] wercplsupport Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WerSvc Service system32\DRIVERS\wfplwf.sys (WFP NDIS 6.20 Lightweight Filter Driver/Microsoft Corporation) [SYSTEM] WfpLwf Service C:\Windows\system32\drivers\wimmount.sys (Wim file system Driver/Microsoft Corporation) [MANUAL] WIMMount Service Windows Workflow Foundation 3.0.0.0 Service Windows Workflow Foundation 4.0.0.0 Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WinHttpAutoProxySvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Winmgmt Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WinRM Service [MANUAL] Winsock Service WinSock2 Service system32\DRIVERS\WinUsb.sys (Windows USB Class Driver BETA/Microsoft Corporation) [MANUAL] WinUsb Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Wlansvc Service system32\drivers\wmiacpi.sys (Windows Management Interface for ACPI/Microsoft Corporation) [MANUAL] WmiAcpi Service WmiApRpl Service C:\Windows\system32\wbem\WmiApSrv.exe (WMI Performance Reverse Adapter/Microsoft Corporation) [MANUAL] wmiApSrv Service C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe [MANUAL] WMPNetworkSvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WPCSvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WPDBusEnum Service system32\drivers\ws2ifsl.sys (Winsock2 IFS Layer/Microsoft Corporation) [DISABLED] ws2ifsl Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wscsvc Service C:\Windows\system32\SearchIndexer.exe (Microsoft Windows Search Indexer/Microsoft Corporation) [AUTO] WSearch Service WSearchIdxPi Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wuauserv Service system32\drivers\WudfPf.sys (Windows Driver Foundation - User-mode Driver Framework Platform Driver/Microsoft Corporation) [MANUAL] WudfPf Service system32\DRIVERS\WUDFRd.sys (Windows Driver Foundation - User-mode Driver Framework Reflector/Microsoft Corporation) [MANUAL] WUDFRd Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wudfsvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WwanSvc Service xmlprov Service system32\DRIVERS\yk62x64.sys (Miniport Driver for Marvell Yukon Ethernet Controller./Marvell) [MANUAL] yukonw7 Service {A658EAA7-68C6-47D7-8949-DFD4BAFA7CDE} Service {A7AF2035-BC77-4D8B-9E4C-69438C93DAC6} Service {BB9F53EC-CA10-40D8-B7C0-543D3FA66BF5} Service {D726B9D6-BF17-49F0-A998-6B63D7E304A5} Service {E884B26E-C4CA-45EE-BDB5-D80A00D28A26} Service {FB07B180-9023-4FE7-AF57-C28120030C7B} Service {GT07DOT2-11ED-4329-B92E-3ADA2FCFCDD0} Service {GT5E3DA4-11ED-4329-B92E-3ADA2FCFCDD0} ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\0c6076d49816 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\5063139f7ac5 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\f07bcbd01ad5 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076d49816 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\5063139f7ac5 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbd01ad5 (not active ControlSet) Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076d49816 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\5063139f7ac5 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbd01ad5 Reg HKLM\SYSTEM\ControlSet004\services\BTHPORT\Parameters\Keys\0c6076d49816 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\services\BTHPORT\Parameters\Keys\5063139f7ac5 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\services\BTHPORT\Parameters\Keys\f07bcbd01ad5 (not active ControlSet) ---- EOF - GMER 1.0.15 ---- Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted November 13, 2011 Have you configured Firefox to use this proxy server? FF - prefs.js: network.proxy.http - 208.85.23.112 Or have you removed it yourself after you ran ComboFix? Do you want to use flvdirect.iamwired.net when searching in Firefox? FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search= Is SpyHunter still installed or is it a leftover from the uninstallation? R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] Is this something you trust? 2011-11-04 23:09 . 2011-11-04 23:09 -------- d-----w- c:\program files (x86)\Market Samurai It is installed 4th of November. Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 13, 2011 [quote name='CeciliaB' timestamp='1321209973' post='130478'] Have you configured Firefox to use this proxy server? FF - prefs.js: network.proxy.http - 208.85.23.112 Or have you removed it yourself after you ran ComboFix? Do you want to use flvdirect.iamwired.net when searching in Firefox? FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search= Is SpyHunter still installed or is it a leftover from the uninstallation? R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] Is this something you trust? 2011-11-04 23:09 . 2011-11-04 23:09 -------- d-----w- c:\program files (x86)\Market Samurai It is installed 4th of November. [/quote] thank you so much for your reply!! that proxy was an old one i used years ago. the settings in firefox are "no proxy" so that is not an issue I dont know what hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search= is. Should I remove this from the JS file? Spyhunter is leftover apparently. i just deleted that folder. I do trust "market samuri" The issue was before I installed this software. I'm wondering if that 'default search' thing is it?? Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 13, 2011 I deleted that iamwired.net part and restarted my computer and the problem still remains.... Aside from not being able to install adaware, EVERY website that I visit FROM A GOOGLE SEARCH is redirected through random sites to spam advertising websites... Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted November 13, 2011 You are welcome What is stored in the folder c:\users\derek\AppData\Local\APN ? Not much else that was created the last days of October and the first days of November according to the logs. Let us remove the "browser.search.defaulturl" and left-over of Enigma with ComboFix. Copy all lines in the box: [code] Killall:: DDS:: FF - ProfilePath - c:\users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search= FF - prefs.js: browser.search.selectedEngine - Search The Web FF - prefs.js: network.proxy.http - 208.85.23.112 FF - prefs.js: network.proxy.http_port - 3128 ClearJavaCache:: Driver:: esgiguard [/code] and paste into Notepad. Save the file on the desktop with the name CFScript. Prepare the computer according to the instructions for running ComboFix. Drag CFScript with the mouse and drop it on top of the ComboFix icon on the Desktop, the program will start in a special way. Paste the new ComboFix log into your answer. Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted November 13, 2011 Do you have several computers connected to a router? Do you have the same redirection issue with all computers? Do you have the same redirection issue both with Internet Explorer and Firefox? Save TDSSKiller on the Desktop: [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip]http://support.kaspersky.com/downloads/utils/tdsskiller.zip[/url] Right-click and select [b]Extract all[/b]. Remember the location of the extracted file. Turn off all programs. Run the program TDSSKiller.exe which is the file you extracted. Click on [b]Start Scan[/b]. If any threats are found select [b]Cure [/b]and click [b]Continue[/b]. If [b]Cure [/b]isn't available select [b]Skip. [/b]Do NOT select Quarantine or Delete. The computer might need a restart. Paste the content of the TDSSKiller log which is located in the folder C:\ with the name TDSSKiller followed by version and time. Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 14, 2011 (edited) [quote name='CeciliaB' timestamp='1321225910' post='130491'] You are welcome What is stored in the folder c:\users\derek\AppData\Local\APN ? Not much else that was created the last days of October and the first days of November according to the logs. Let us remove the "browser.search.defaulturl" and left-over of Enigma with ComboFix. Copy all lines in the box: [code] Killall:: DDS:: FF - ProfilePath - c:\users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search= FF - prefs.js: browser.search.selectedEngine - Search The Web FF - prefs.js: network.proxy.http - 208.85.23.112 FF - prefs.js: network.proxy.http_port - 3128 ClearJavaCache:: Driver:: esgiguard [/code] and paste into Notepad. Save the file on the desktop with the name CFScript. Prepare the computer according to the instructions for running ComboFix. Drag CFScript with the mouse and drop it on top of the ComboFix icon on the Desktop, the program will start in a special way. Paste the new ComboFix log into your answer. [/quote] Before I do this, i just have a question about this: FF - ProfilePath - c:\users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\ What is that line going to do? is it going to delete that firefox profile? Also, inside of the "APN" folder you asked about is a folder called "GoogleCRXs" with a file called "aaaaojdbdbhbbkpenbmlejjngphokgnp_7.13.1.0" Edited November 14, 2011 by itsjinx Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted November 14, 2011 No, your profile is not going to be deleted. That line is need for ComboFix to find the next 4 lines, to know in which folder those settings are stored. [quote]Also, inside of the "APN" folder you asked about is a folder called "GoogleCRXs" with a file called "aaaaojdbdbhbbkpenbmlejjngphokgnp_7.13.1.0" [/quote]Should be harmless then. Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 14, 2011 HERES THE COMBO FIX LOG: ComboFix 11-11-10.03 - derek 11/14/2011 15:55:43.3.8 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8174.6060 [GMT -5:00] Running from: c:\users\derek\Documents\Programs\ComboFix.exe Command switches used :: c:\users\derek\Desktop\CFScript.txt AV: Trend Micro AntiVirus *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro AntiVirus *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_ESGIGUARD -------\Service_esgiguard . . ((((((((((((((((((((((((( Files Created from 2011-10-14 to 2011-11-14 ))))))))))))))))))))))))))))))) . . 2011-11-14 21:30 . 2011-11-14 21:30 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2011-11-14 21:30 . 2011-11-14 21:30 -------- d-----w- c:\users\TEMP\AppData\Local\temp 2011-11-14 21:30 . 2011-11-14 21:30 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-12 19:57 . 2011-11-12 19:58 -------- d-----w- c:\program files (x86)\MP3 Rocket 2011-11-09 22:35 . 2011-11-09 22:35 -------- d-----w- c:\users\derek\AppData\Roaming\Malwarebytes 2011-11-09 22:35 . 2011-11-09 22:35 -------- d-----w- c:\programdata\Malwarebytes 2011-11-09 22:35 . 2011-08-31 22:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-09 22:13 . 2011-11-09 22:37 -------- d-----w- C:\sh4ldr 2011-11-09 22:12 . 2011-11-09 22:37 -------- d-----w- c:\windows\89A072791DB3485AB1DF584DF86774B9.TMP 2011-11-09 22:12 . 2011-11-09 22:12 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-11-08 04:14 . 2011-11-08 04:14 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\BitDefender 2011-11-08 00:05 . 2011-11-08 00:05 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\QuickScan 2011-11-07 23:45 . 2011-11-09 22:28 134104 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll 2011-11-07 23:45 . 2011-11-09 22:28 89048 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll 2011-11-07 23:45 . 2011-11-09 22:28 801752 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll 2011-11-07 23:45 . 2011-11-09 22:28 478168 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll 2011-11-07 23:45 . 2011-11-09 22:28 1989592 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll 2011-11-07 23:45 . 2011-11-09 22:28 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll 2011-11-07 23:45 . 2011-09-29 00:26 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll 2011-11-07 23:45 . 2011-09-29 00:26 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll 2011-11-07 23:31 . 2011-11-07 23:31 -------- d-----w- c:\programdata\Lavasoft 2011-11-07 23:31 . 2011-11-07 23:31 -------- d-----w- c:\program files (x86)\Lavasoft 2011-11-07 23:30 . 2011-11-07 23:30 243637 ----a-w- c:\programdata\1320708220.bdinstall.bin 2011-11-07 23:28 . 2011-11-07 23:32 -------- d-----w- c:\users\derek\AppData\Roaming\Bitdefender 2011-11-07 23:28 . 2011-11-07 23:30 -------- d-----w- c:\programdata\Bitdefender 2011-11-07 23:24 . 2011-11-07 23:25 -------- d-----w- c:\program files\Bitdefender 2011-11-07 23:24 . 2011-11-07 23:24 -------- d-----w- c:\users\derek\AppData\Roaming\QuickScan 2011-11-07 23:23 . 2011-11-08 00:11 329800 ----a-w- c:\windows\system32\drivers\trufos.sys 2011-11-07 23:23 . 2011-03-24 20:36 431176 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys 2011-11-07 23:23 . 2011-11-07 23:23 -------- d-----w- c:\program files\Common Files\Bitdefender 2011-11-07 23:23 . 2011-11-07 23:23 -------- d-----w- c:\program files (x86)\Common Files\Bitdefender 2011-11-07 22:39 . 2011-11-07 22:39 -------- d-----w- c:\users\derek\AppData\Local\Trend Micro 2011-11-07 00:27 . 2011-11-07 23:45 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-11-07 00:27 . 2011-11-07 23:45 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-11-07 00:21 . 2010-09-01 21:59 835656 ----a-w- c:\windows\SysWow64\WINCTL5.OCX 2011-11-07 00:21 . 2009-04-14 16:50 495689 ----a-w- c:\windows\SysWow64\WINUTIL6.DLL 2011-11-07 00:21 . 2006-03-31 20:36 393216 ----a-w- c:\windows\SysWow64\WINLCTL5.DLL 2011-11-07 00:21 . 2003-09-23 06:00 608448 ----a-w- c:\windows\SysWow64\COMCTL32.OCX 2011-11-07 00:21 . 2011-11-07 00:21 -------- d-----w- c:\windows\McAfee.com 2011-11-07 00:21 . 2008-06-02 15:38 212240 ----a-w- c:\windows\SysWow64\Richtx32.ocx 2011-11-07 00:00 . 2010-03-08 10:10 13824 ----a-w- c:\windows\system32\ffnd.exe 2011-11-06 23:06 . 2011-11-07 00:07 -------- d-----w- c:\users\derek\AppData\Roaming\FreeFixer 2011-11-06 23:06 . 2011-11-06 23:06 -------- d-----w- c:\users\derek\AppData\Local\FreeFixer 2011-11-06 23:06 . 2011-11-06 23:06 -------- d-----w- c:\program files\FreeFixer 2011-11-05 17:52 . 2011-06-21 04:09 200976 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys 2011-11-04 23:09 . 2011-11-04 23:09 -------- d-----w- c:\users\derek\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1 2011-11-04 23:09 . 2011-11-04 23:09 -------- d-----w- c:\program files (x86)\Market Samurai 2011-10-29 02:33 . 2011-10-29 02:33 -------- d-----w- c:\users\derek\AppData\Local\APN 2011-10-19 20:42 . 2011-11-04 00:15 -------- d-----w- c:\users\derek\AppData\Local\Spotify 2011-10-19 20:42 . 2011-10-21 03:12 -------- d-----w- c:\users\derek\AppData\Roaming\Spotify . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-07 23:58 . 2011-05-03 00:05 34688 ----a-w- c:\windows\system32\LMIport.dll 2011-10-07 23:58 . 2011-05-03 00:05 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2011-10-07 23:58 . 2011-05-03 00:04 80768 ----a-w- c:\windows\system32\LMIinit.dll 2011-10-01 20:49 . 2011-10-01 20:49 0 ----a-w- c:\windows\SysWow64\sho9564.tmp 2011-09-30 22:40 . 2011-09-30 22:40 0 ----a-w- c:\windows\SysWow64\sho78B0.tmp 2011-09-29 21:09 . 2011-09-29 21:09 79952 ----a-w- c:\windows\system32\drivers\bdsandbox.sys 2011-09-23 21:39 . 2011-05-17 00:38 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-09-16 23:25 . 2011-09-16 23:25 0 ----a-w- c:\windows\SysWow64\sho8A99.tmp 2011-09-09 19:25 . 2011-09-09 19:25 0 ----a-w- c:\windows\SysWow64\shoB3C6.tmp 2011-09-01 16:15 . 2011-09-01 16:15 553280 ----a-w- c:\windows\system32\drivers\avckf.sys 2011-09-01 16:12 . 2011-09-01 16:12 674904 ----a-w- c:\windows\system32\drivers\avc3.sys 2011-08-31 22:43 . 2011-08-31 22:43 0 ----a-w- c:\windows\SysWow64\shoC64B.tmp 2011-08-24 21:10 . 2011-08-24 21:10 0 ----a-w- c:\windows\SysWow64\shoB497.tmp . . ((((((((((((((((((((((((((((( [email protected]_01.55.10 ))))))))))))))))))))))))))))))))))))))))) . - 2011-11-10 22:20 . 2011-11-10 22:20 13585 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat + 2011-11-14 23:18 . 2011-11-14 23:18 13585 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat + 2009-07-14 04:54 . 2011-11-14 23:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2011-11-14 23:23 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-11-14 23:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-03-25 22:01 . 2011-11-14 02:05 62990 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-11-14 23:25 34166 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2010-05-03 02:44 . 2011-11-10 22:20 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-05-03 02:44 . 2011-11-14 23:23 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-11-11 21:52 . 2011-11-14 23:23 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-11-14 23:23 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-07-13 23:19 . 2011-11-14 23:22 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-07-13 23:19 . 2011-11-11 01:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-07-13 23:19 . 2011-11-11 01:05 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-07-13 23:19 . 2011-11-14 23:22 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-07-13 23:19 . 2011-11-14 23:22 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-07-13 23:19 . 2011-11-11 01:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-07-12 23:17 . 2011-11-14 23:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-07-12 23:17 . 2011-11-10 22:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-07-12 23:17 . 2011-11-14 23:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-07-12 23:17 . 2011-11-10 22:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-07-12 23:20 . 2011-11-14 02:05 6050 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1620454023-599415270-3658004543-1004_UserData.bin + 2010-07-13 22:34 . 2011-11-14 01:46 413082 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2009-07-14 02:36 . 2011-11-14 02:08 742366 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-11-14 02:08 151114 c:\windows\system32\perfc009.dat - 2009-07-14 05:01 . 2011-11-10 22:16 306360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-11-14 23:18 306360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-07-13 17:27 . 2011-11-14 23:18 1932232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1620454023-599415270-3658004543-1004-12288.dat - 2010-07-13 17:27 . 2011-11-10 22:16 1932232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1620454023-599415270-3658004543-1004-12288.dat + 2011-11-03 17:08 . 2011-11-03 17:08 15544320 c:\windows\Installer\16b463.msi . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green] @="{95A27763-F62A-4114-9072-E81D87DE3B68}" [HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}] 2011-10-21 01:03 991888 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial] @="{E300CD91-100F-4E67-9AF3-1384A6124015}" [HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}] 2011-10-21 01:03 991888 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow] @="{5E529433-B50E-4bef-A63B-16A6B71B071A}" [HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}] 2011-10-21 01:03 991888 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Carbonite Backup"="c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe" [2011-10-21 1063056] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ OnlyWire.LNK - c:\program files (x86)\OnlyWire\OnlyWireWindows.exe [2011-9-20 44456] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" "ControlCenter3"=c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun . R0 szkg5;szkg5;c:\windows\SySWOW64\DRIVERS\szkg64.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392] R2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [x] R2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x] R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [x] R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x] R3 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-12-23 168448] R3 SWNC8U56;Sierra Wireless MUX NDIS Driver (UMTS56);c:\windows\system32\DRIVERS\swnc8u56.sys [x] R3 SWUMX56;Sierra Wireless USB MUX Driver (UMTS56);c:\windows\system32\DRIVERS\swumx56.sys [x] R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-15 466736] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-03 135664] R4 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-03 135664] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128] R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] R4 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2011-09-13 74336] R4 SMPDiskOptimizer;SMPDiskOptimizer;c:\program files (x86)\System Optimizer\SMPDefragSrv64.exe [2010-10-19 275456] R4 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-02-24 108400] R4 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-02-24 422768] R4 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-02-24 67952] R4 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-02-08 302448] R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936] R4 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-01-20 574320] R4 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-03-18 852336] R4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-20 529776] R4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-02-20 386416] R4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-20 115568] R4 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-06-09 1223024] S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-03-01 89680] S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-08-10 102992] S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-10-07 375176] S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2010-09-17 15928] S2 regi;regi;c:\windows\system32\drivers\regi.sys [x] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-03 483688] S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2011-10-20 62512] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x] S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x] S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x] S3 NMgamingmsFltr;USB Optical Mouse;c:\windows\system32\drivers\NMgamingms.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-03 209768] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}] 2009-07-14 01:14 301568 ----a-w- c:\windows\System32\cmd.exe . Contents of the 'Scheduled Tasks' folder . 2011-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-03 03:05] . 2011-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-03 03:05] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green] @="{95A27763-F62A-4114-9072-E81D87DE3B68}" [HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}] 2011-10-21 00:56 1256592 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial] @="{E300CD91-100F-4E67-9AF3-1384A6124015}" [HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}] 2011-10-21 00:56 1256592 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow] @="{5E529433-B50E-4bef-A63B-16A6B71B071A}" [HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}] 2011-10-21 00:56 1256592 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1] @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}" [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}] 2011-09-13 16:23 260760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2] @="{342DAA0B-D796-460D-8566-901E08A1CCAD}" [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}] 2011-09-13 16:23 260760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3] @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}" [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}] 2011-09-13 16:23 260760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4] @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}" [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}] 2011-09-13 16:23 260760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-25 10060320] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-22 16397416] "LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2010-09-17 57928] "BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2011-11-08 1029640] "combofix"="c:\combofix\CF28302.3XE" [2009-07-14 344576] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mStart Page = about:blank mLocal Page = c:\windows\SYSTEM32\blank.htm TCP: DhcpNameServer = 192.168.1.1 64.233.217.5 64.233.217.2 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll FF - ProfilePath - c:\users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com FF - prefs.js: browser.search.selectedEngine - Search The Web FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS REMOVED - - - - . BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll . . . [HKEY_LOCAL_MACHINE\system\ControlSet003\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\"" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2447568~31bf3856ad364e35~amd64~~6.1.1.0] @DACL=(02 0000) "ApplicabilityState"=dword:00000070 "CurrentState"=dword:00000000 . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB947821~31bf3856ad364e35~amd64~~6.1.8.0] @DACL=(02 0000) "ApplicabilityState"=dword:00000070 "CurrentState"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files\Sony\VAIO Care\VCSpt.exe c:\program files\Bitdefender\Bitdefender 2012\Antispam32\pchooklaunch32.exe c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe . ************************************************************************** . Completion time: 2011-11-14 18:48:12 - machine was rebooted ComboFix-quarantined-files.txt 2011-11-14 23:48 ComboFix2.txt 2011-11-11 20:33 . Pre-Run: 488,391,548,928 bytes free Post-Run: 487,747,420,160 bytes free . - - End Of File - - ACAC8A11E370B159B43D1C7D3E0F2C19 Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 14, 2011 heres the TDSkiller Log: 15:40:56.0654 4848 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15 15:40:56.0763 4848 ============================================================ 15:40:56.0763 4848 Current date / time: 2011/11/14 15:40:56.0763 15:40:56.0763 4848 SystemInfo: 15:40:56.0763 4848 15:40:56.0763 4848 OS Version: 6.1.7600 ServicePack: 0.0 15:40:56.0763 4848 Product type: Workstation 15:40:56.0763 4848 ComputerName: DEREK-VAIO 15:40:56.0763 4848 UserName: derek 15:40:56.0763 4848 Windows directory: C:\Windows 15:40:56.0763 4848 System windows directory: C:\Windows 15:40:56.0763 4848 Running under WOW64 15:40:56.0763 4848 Processor architecture: Intel x64 15:40:56.0763 4848 Number of processors: 8 15:40:56.0763 4848 Page size: 0x1000 15:40:56.0763 4848 Boot type: Normal boot 15:40:56.0763 4848 ============================================================ 15:40:57.0184 4848 Initialize success 15:41:21.0920 6244 ============================================================ 15:41:21.0920 6244 Scan started 15:41:21.0920 6244 Mode: Manual; 15:41:21.0920 6244 ============================================================ 15:41:22.0858 6244 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys 15:41:22.0858 6244 1394ohci - ok 15:41:22.0988 6244 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys 15:41:22.0988 6244 ACPI - ok 15:41:23.0137 6244 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys 15:41:23.0137 6244 AcpiPmi - ok 15:41:23.0299 6244 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 15:41:23.0315 6244 adp94xx - ok 15:41:23.0440 6244 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 15:41:23.0440 6244 adpahci - ok 15:41:23.0565 6244 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 15:41:23.0565 6244 adpu320 - ok 15:41:23.0736 6244 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 15:41:23.0736 6244 AFD - ok 15:41:23.0923 6244 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:41:23.0923 6244 agp440 - ok 15:41:24.0017 6244 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:41:24.0017 6244 aliide - ok 15:41:24.0173 6244 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:41:24.0173 6244 amdide - ok 15:41:24.0271 6244 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 15:41:24.0272 6244 AmdK8 - ok 15:41:24.0387 6244 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 15:41:24.0387 6244 AmdPPM - ok 15:41:24.0537 6244 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 15:41:24.0537 6244 amdsata - ok 15:41:24.0687 6244 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 15:41:24.0687 6244 amdsbs - ok 15:41:24.0827 6244 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 15:41:24.0827 6244 amdxata - ok 15:41:25.0017 6244 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys 15:41:25.0017 6244 ApfiltrService - ok 15:41:25.0682 6244 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 15:41:25.0698 6244 AppID - ok 15:41:25.0776 6244 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 15:41:25.0776 6244 arc - ok 15:41:25.0807 6244 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 15:41:25.0807 6244 arcsas - ok 15:41:25.0947 6244 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 15:41:25.0947 6244 ArcSoftKsUFilter - ok 15:41:26.0025 6244 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:41:26.0025 6244 AsyncMac - ok 15:41:26.0057 6244 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:41:26.0088 6244 atapi - ok 15:41:26.0384 6244 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys 15:41:26.0415 6244 athr - ok 15:41:26.0603 6244 avc3 (10b021c6d0097d3844822667135cf263) C:\Windows\system32\DRIVERS\avc3.sys 15:41:26.0603 6244 avc3 - ok 15:41:26.0774 6244 avchv (9bb5c4987545c77c27a7e5471f635f88) C:\Windows\system32\DRIVERS\avchv.sys 15:41:26.0774 6244 avchv - ok 15:41:26.0993 6244 avckf (8e33e9175ae2f6cee4e77fc40d4c8f40) C:\Windows\system32\DRIVERS\avckf.sys 15:41:26.0993 6244 avckf - ok 15:41:27.0164 6244 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 15:41:27.0164 6244 b06bdrv - ok 15:41:27.0289 6244 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:41:27.0305 6244 b57nd60a - ok 15:41:27.0414 6244 BdfNdisf (5d70a5a4eb6bf57a8679f93a8bfb9480) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 15:41:27.0414 6244 BdfNdisf - ok 15:41:27.0554 6244 bdfsfltr (66116e0a4da8407ff7f2aaace52b8b54) C:\Windows\system32\DRIVERS\bdfsfltr.sys 15:41:27.0554 6244 bdfsfltr - ok 15:41:27.0695 6244 bdfwfpf (a626dcb25f09e117421e1021ca3d22a0) C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys 15:41:27.0695 6244 bdfwfpf - ok 15:41:27.0835 6244 bdsandbox (afda933f10d5b536b8713f119eba6912) C:\Windows\system32\drivers\bdsandbox.sys 15:41:27.0835 6244 bdsandbox - ok 15:41:27.0944 6244 BDVEDISK (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Windows\system32\DRIVERS\bdvedisk.sys 15:41:27.0944 6244 BDVEDISK - ok 15:41:28.0053 6244 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:41:28.0053 6244 Beep - ok 15:41:28.0241 6244 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 15:41:28.0241 6244 blbdrive - ok 15:41:28.0412 6244 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 15:41:28.0412 6244 bowser - ok 15:41:28.0475 6244 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 15:41:28.0475 6244 BrFiltLo - ok 15:41:28.0490 6244 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 15:41:28.0506 6244 BrFiltUp - ok 15:41:28.0537 6244 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:41:28.0537 6244 Brserid - ok 15:41:28.0568 6244 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:41:28.0568 6244 BrSerWdm - ok 15:41:28.0631 6244 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:41:28.0631 6244 BrUsbMdm - ok 15:41:28.0662 6244 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:41:28.0662 6244 BrUsbSer - ok 15:41:28.0677 6244 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 15:41:28.0693 6244 BthEnum - ok 15:41:28.0755 6244 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 15:41:28.0755 6244 BTHMODEM - ok 15:41:28.0818 6244 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 15:41:28.0818 6244 BthPan - ok 15:41:28.0849 6244 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys 15:41:28.0911 6244 BTHPORT - ok 15:41:29.0083 6244 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys 15:41:29.0083 6244 BTHUSB - ok 15:41:29.0208 6244 btwampfl - ok 15:41:29.0364 6244 btwaudio - ok 15:41:29.0379 6244 btwavdt - ok 15:41:29.0411 6244 btwl2cap - ok 15:41:29.0426 6244 btwrchid - ok 15:41:29.0442 6244 catchme - ok 15:41:29.0473 6244 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:41:29.0489 6244 cdfs - ok 15:41:29.0520 6244 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 15:41:29.0520 6244 cdrom - ok 15:41:29.0567 6244 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 15:41:29.0567 6244 circlass - ok 15:41:29.0613 6244 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:41:29.0613 6244 CLFS - ok 15:41:29.0645 6244 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 15:41:29.0645 6244 CmBatt - ok 15:41:29.0707 6244 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:41:29.0707 6244 cmdide - ok 15:41:29.0769 6244 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 15:41:29.0769 6244 CNG - ok 15:41:29.0801 6244 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 15:41:29.0801 6244 Compbatt - ok 15:41:29.0879 6244 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys 15:41:29.0879 6244 CompositeBus - ok 15:41:29.0925 6244 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 15:41:29.0941 6244 crcdisk - ok 15:41:30.0003 6244 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 15:41:30.0003 6244 DfsC - ok 15:41:30.0035 6244 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:41:30.0035 6244 discache - ok 15:41:30.0081 6244 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 15:41:30.0081 6244 Disk - ok 15:41:30.0113 6244 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:41:30.0113 6244 drmkaud - ok 15:41:30.0175 6244 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 15:41:30.0175 6244 DXGKrnl - ok 15:41:30.0362 6244 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 15:41:30.0425 6244 ebdrv - ok 15:41:30.0534 6244 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 15:41:30.0534 6244 elxstor - ok 15:41:30.0643 6244 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:41:30.0643 6244 ErrDev - ok 15:41:30.0659 6244 esgiguard - ok 15:41:30.0690 6244 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:41:30.0690 6244 exfat - ok 15:41:30.0752 6244 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:41:30.0752 6244 fastfat - ok 15:41:30.0783 6244 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 15:41:30.0783 6244 fdc - ok 15:41:30.0877 6244 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:41:30.0893 6244 FileInfo - ok 15:41:30.0924 6244 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:41:30.0924 6244 Filetrace - ok 15:41:30.0971 6244 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 15:41:30.0986 6244 flpydisk - ok 15:41:31.0049 6244 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 15:41:31.0064 6244 FltMgr - ok 15:41:31.0080 6244 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:41:31.0080 6244 FsDepends - ok 15:41:31.0127 6244 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 15:41:31.0127 6244 Fs_Rec - ok 15:41:31.0220 6244 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:41:31.0220 6244 fvevol - ok 15:41:31.0251 6244 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 15:41:31.0251 6244 gagp30kx - ok 15:41:31.0345 6244 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 15:41:31.0345 6244 GEARAspiWDM - ok 15:41:31.0407 6244 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:41:31.0407 6244 hcw85cir - ok 15:41:31.0439 6244 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 15:41:31.0439 6244 HdAudAddService - ok 15:41:31.0532 6244 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys 15:41:31.0532 6244 HDAudBus - ok 15:41:31.0563 6244 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 15:41:31.0563 6244 HidBatt - ok 15:41:31.0595 6244 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 15:41:31.0595 6244 HidBth - ok 15:41:31.0610 6244 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 15:41:31.0610 6244 HidIr - ok 15:41:31.0641 6244 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 15:41:31.0641 6244 HidUsb - ok 15:41:31.0704 6244 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys 15:41:31.0704 6244 HpSAMD - ok 15:41:31.0797 6244 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 15:41:31.0797 6244 HTTP - ok 15:41:31.0829 6244 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 15:41:31.0829 6244 hwpolicy - ok 15:41:31.0907 6244 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 15:41:31.0907 6244 i8042prt - ok 15:41:31.0985 6244 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys 15:41:31.0985 6244 iaStor - ok 15:41:32.0094 6244 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 15:41:32.0094 6244 iaStorV - ok 15:41:32.0187 6244 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 15:41:32.0187 6244 iirsp - ok 15:41:32.0234 6244 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys 15:41:32.0234 6244 Impcd - ok 15:41:32.0312 6244 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys 15:41:32.0328 6244 IntcAzAudAddService - ok 15:41:32.0437 6244 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:41:32.0437 6244 intelide - ok 15:41:32.0468 6244 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 15:41:32.0468 6244 intelppm - ok 15:41:32.0515 6244 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:41:32.0515 6244 IpFilterDriver - ok 15:41:32.0546 6244 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys 15:41:32.0546 6244 IPMIDRV - ok 15:41:32.0609 6244 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:41:32.0609 6244 IPNAT - ok 15:41:32.0655 6244 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:41:32.0655 6244 IRENUM - ok 15:41:32.0702 6244 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:41:32.0702 6244 isapnp - ok 15:41:32.0765 6244 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys 15:41:32.0780 6244 iScsiPrt - ok 15:41:32.0796 6244 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:41:32.0796 6244 kbdclass - ok 15:41:32.0843 6244 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 15:41:32.0843 6244 kbdhid - ok 15:41:32.0921 6244 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 15:41:32.0921 6244 KSecDD - ok 15:41:32.0967 6244 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 15:41:32.0967 6244 KSecPkg - ok 15:41:32.0999 6244 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:41:32.0999 6244 ksthunk - ok 15:41:33.0045 6244 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:41:33.0045 6244 lltdio - ok 15:41:33.0186 6244 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 15:41:33.0186 6244 LMIInfo - ok 15:41:33.0248 6244 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys 15:41:33.0248 6244 lmimirr - ok 15:41:33.0264 6244 LMIRfsClientNP - ok 15:41:33.0342 6244 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys 15:41:33.0342 6244 LMIRfsDriver - ok 15:41:33.0404 6244 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 15:41:33.0404 6244 LSI_FC - ok 15:41:33.0435 6244 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 15:41:33.0435 6244 LSI_SAS - ok 15:41:33.0467 6244 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 15:41:33.0467 6244 LSI_SAS2 - ok 15:41:33.0545 6244 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 15:41:33.0545 6244 LSI_SCSI - ok 15:41:33.0669 6244 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:41:33.0669 6244 luafv - ok 15:41:33.0716 6244 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 15:41:33.0716 6244 megasas - ok 15:41:33.0747 6244 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 15:41:33.0747 6244 MegaSR - ok 15:41:33.0779 6244 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:41:33.0779 6244 Modem - ok 15:41:33.0810 6244 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:41:33.0810 6244 monitor - ok 15:41:33.0857 6244 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:41:33.0872 6244 mouclass - ok 15:41:33.0919 6244 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:41:33.0919 6244 mouhid - ok 15:41:33.0935 6244 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 15:41:33.0935 6244 mountmgr - ok 15:41:33.0981 6244 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys 15:41:33.0981 6244 mpio - ok 15:41:34.0075 6244 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:41:34.0075 6244 mpsdrv - ok 15:41:34.0122 6244 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 15:41:34.0122 6244 MRxDAV - ok 15:41:34.0184 6244 mrxsmb (b7f3d2c40bdf8ffb73ebfb19c77734e2) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:41:34.0184 6244 mrxsmb - ok 15:41:34.0215 6244 mrxsmb10 (86c6f88b5168ce21cf8d69d0b3ff5d19) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:41:34.0215 6244 mrxsmb10 - ok 15:41:34.0262 6244 mrxsmb20 (b081069251c8e9f42cb8769d07148f9c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:41:34.0262 6244 mrxsmb20 - ok 15:41:34.0293 6244 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys 15:41:34.0293 6244 msahci - ok 15:41:34.0325 6244 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys 15:41:34.0325 6244 msdsm - ok 15:41:34.0434 6244 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:41:34.0434 6244 Msfs - ok 15:41:34.0449 6244 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:41:34.0449 6244 mshidkmdf - ok 15:41:34.0481 6244 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:41:34.0481 6244 msisadrv - ok 15:41:34.0512 6244 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:41:34.0527 6244 MSKSSRV - ok 15:41:34.0574 6244 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:41:34.0574 6244 MSPCLOCK - ok 15:41:34.0605 6244 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:41:34.0605 6244 MSPQM - ok 15:41:34.0637 6244 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 15:41:34.0637 6244 MsRPC - ok 15:41:34.0668 6244 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 15:41:34.0668 6244 mssmbios - ok 15:41:34.0730 6244 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:41:34.0730 6244 MSTEE - ok 15:41:34.0761 6244 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 15:41:34.0761 6244 MTConfig - ok 15:41:34.0793 6244 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:41:34.0793 6244 Mup - ok 15:41:34.0902 6244 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:41:34.0902 6244 NativeWifiP - ok 15:41:35.0027 6244 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 15:41:35.0027 6244 NDIS - ok 15:41:35.0058 6244 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:41:35.0058 6244 NdisCap - ok 15:41:35.0073 6244 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:41:35.0073 6244 NdisTapi - ok 15:41:35.0089 6244 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 15:41:35.0089 6244 Ndisuio - ok 15:41:35.0136 6244 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 15:41:35.0151 6244 NdisWan - ok 15:41:35.0183 6244 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 15:41:35.0183 6244 NDProxy - ok 15:41:35.0214 6244 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:41:35.0214 6244 NetBIOS - ok 15:41:35.0307 6244 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 15:41:35.0307 6244 NetBT - ok 15:41:35.0354 6244 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 15:41:35.0354 6244 nfrd960 - ok 15:41:35.0432 6244 NMgamingmsFltr (fbca3fd51604147770eb4fb53d6144a8) C:\Windows\system32\drivers\NMgamingms.sys 15:41:35.0432 6244 NMgamingmsFltr - ok 15:41:35.0510 6244 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:41:35.0510 6244 Npfs - ok 15:41:35.0588 6244 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:41:35.0588 6244 nsiproxy - ok 15:41:35.0666 6244 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 15:41:35.0682 6244 Ntfs - ok 15:41:35.0729 6244 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:41:35.0729 6244 Null - ok 15:41:35.0760 6244 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys 15:41:35.0760 6244 NVHDA - ok 15:41:35.0994 6244 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:41:36.0041 6244 nvlddmkm - ok 15:41:36.0150 6244 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 15:41:36.0150 6244 nvraid - ok 15:41:36.0181 6244 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 15:41:36.0181 6244 nvstor - ok 15:41:36.0212 6244 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:41:36.0212 6244 nv_agp - ok 15:41:36.0290 6244 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:41:36.0290 6244 ohci1394 - ok 15:41:36.0353 6244 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 15:41:36.0368 6244 Parport - ok 15:41:36.0431 6244 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 15:41:36.0446 6244 partmgr - ok 15:41:36.0493 6244 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys 15:41:36.0493 6244 pci - ok 15:41:36.0540 6244 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:41:36.0540 6244 pciide - ok 15:41:36.0571 6244 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 15:41:36.0571 6244 pcmcia - ok 15:41:36.0587 6244 PCTINDIS5X64 - ok 15:41:36.0696 6244 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:41:36.0696 6244 pcw - ok 15:41:36.0727 6244 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:41:36.0727 6244 PEAUTH - ok 15:41:36.0867 6244 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 15:41:36.0883 6244 PptpMiniport - ok 15:41:36.0914 6244 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 15:41:36.0914 6244 Processor - ok 15:41:36.0945 6244 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 15:41:36.0945 6244 Psched - ok 15:41:37.0023 6244 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 15:41:37.0023 6244 PxHlpa64 - ok 15:41:37.0086 6244 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 15:41:37.0086 6244 ql2300 - ok 15:41:37.0148 6244 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 15:41:37.0148 6244 ql40xx - ok 15:41:37.0195 6244 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:41:37.0195 6244 QWAVEdrv - ok 15:41:37.0226 6244 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:41:37.0226 6244 RasAcd - ok 15:41:37.0257 6244 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:41:37.0257 6244 RasAgileVpn - ok 15:41:37.0289 6244 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:41:37.0289 6244 Rasl2tp - ok 15:41:37.0320 6244 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:41:37.0320 6244 RasPppoe - ok 15:41:37.0351 6244 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:41:37.0351 6244 RasSstp - ok 15:41:37.0398 6244 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 15:41:37.0413 6244 rdbss - ok 15:41:37.0445 6244 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 15:41:37.0445 6244 rdpbus - ok 15:41:37.0476 6244 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:41:37.0476 6244 RDPCDD - ok 15:41:37.0523 6244 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:41:37.0523 6244 RDPENCDD - ok 15:41:37.0554 6244 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:41:37.0554 6244 RDPREFMP - ok 15:41:37.0601 6244 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 15:41:37.0601 6244 RDPWD - ok 15:41:37.0632 6244 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 15:41:37.0632 6244 rdyboost - ok 15:41:37.0679 6244 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys 15:41:37.0679 6244 regi - ok 15:41:37.0725 6244 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 15:41:37.0725 6244 RFCOMM - ok 15:41:37.0757 6244 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys 15:41:37.0772 6244 rimspci - ok 15:41:37.0803 6244 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 15:41:37.0803 6244 RimVSerPort - ok 15:41:37.0835 6244 risdpcie (2eea929b8c4b6241bc945a3b173d9f71) C:\Windows\system32\DRIVERS\risdpe64.sys 15:41:37.0835 6244 risdpcie - ok 15:41:37.0866 6244 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys 15:41:37.0866 6244 risdsnpe - ok 15:41:37.0881 6244 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys 15:41:37.0881 6244 ROOTMODEM - ok 15:41:37.0944 6244 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:41:37.0944 6244 rspndr - ok 15:41:38.0037 6244 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys 15:41:38.0037 6244 sbp2port - ok 15:41:38.0053 6244 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 15:41:38.0053 6244 scfilter - ok 15:41:38.0100 6244 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\drivers\sdbus.sys 15:41:38.0100 6244 sdbus - ok 15:41:38.0147 6244 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:41:38.0147 6244 secdrv - ok 15:41:38.0209 6244 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 15:41:38.0209 6244 Serenum - ok 15:41:38.0225 6244 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 15:41:38.0225 6244 Serial - ok 15:41:38.0271 6244 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 15:41:38.0271 6244 sermouse - ok 15:41:38.0349 6244 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys 15:41:38.0349 6244 SFEP - ok 15:41:38.0396 6244 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:41:38.0396 6244 sffdisk - ok 15:41:38.0427 6244 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:41:38.0427 6244 sffp_mmc - ok 15:41:38.0459 6244 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys 15:41:38.0459 6244 sffp_sd - ok 15:41:38.0490 6244 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 15:41:38.0490 6244 sfloppy - ok 15:41:38.0537 6244 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys 15:41:38.0537 6244 Sftfs - ok 15:41:38.0599 6244 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys 15:41:38.0599 6244 Sftplay - ok 15:41:38.0630 6244 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys 15:41:38.0630 6244 Sftredir - ok 15:41:38.0677 6244 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys 15:41:38.0708 6244 Sftvol - ok 15:41:38.0786 6244 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 15:41:38.0786 6244 SiSRaid2 - ok 15:41:38.0817 6244 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 15:41:38.0817 6244 SiSRaid4 - ok 15:41:38.0880 6244 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:41:38.0880 6244 Smb - ok 15:41:38.0942 6244 smbusp (3b47f81c3c3b4742221a5391ef8d499d) C:\Windows\system32\DRIVERS\intelsmb.sys 15:41:39.0005 6244 smbusp - ok 15:41:39.0098 6244 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:41:39.0098 6244 spldr - ok 15:41:39.0192 6244 srv (148d50904d2a0df29a19778715eb35bb) C:\Windows\system32\DRIVERS\srv.sys 15:41:39.0192 6244 srv - ok 15:41:39.0254 6244 srv2 (ce2189fe31d36678ac9eb7ddee08ec96) C:\Windows\system32\DRIVERS\srv2.sys 15:41:39.0254 6244 srv2 - ok 15:41:39.0348 6244 srvnet (cb69edeb069a49577592835659cd0e46) C:\Windows\system32\DRIVERS\srvnet.sys 15:41:39.0348 6244 srvnet - ok 15:41:39.0410 6244 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 15:41:39.0410 6244 stexstor - ok 15:41:39.0441 6244 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 15:41:39.0441 6244 StillCam - ok 15:41:39.0488 6244 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 15:41:39.0488 6244 swenum - ok 15:41:39.0519 6244 swmsflt (851681f7d3200e2a646c5ee4d4e9883d) C:\Windows\System32\drivers\swmsflt.sys 15:41:39.0519 6244 swmsflt - ok 15:41:39.0551 6244 SWNC8U56 (c2ad3936249199c9d8187dcdea17ac25) C:\Windows\system32\DRIVERS\swnc8u56.sys 15:41:39.0551 6244 SWNC8U56 - ok 15:41:39.0582 6244 SWUMX56 (cc97ec73094cf0f47cd89aafba6d26f1) C:\Windows\system32\DRIVERS\swumx56.sys 15:41:39.0597 6244 SWUMX56 - ok 15:41:39.0597 6244 szkg5 - ok 15:41:39.0675 6244 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 15:41:39.0691 6244 Tcpip - ok 15:41:39.0722 6244 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 15:41:39.0738 6244 TCPIP6 - ok 15:41:39.0785 6244 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 15:41:39.0785 6244 tcpipreg - ok 15:41:39.0800 6244 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:41:39.0800 6244 TDPIPE - ok 15:41:39.0831 6244 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 15:41:39.0831 6244 TDTCP - ok 15:41:39.0878 6244 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 15:41:39.0878 6244 tdx - ok 15:41:39.0925 6244 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys 15:41:39.0925 6244 TermDD - ok 15:41:39.0987 6244 trufos (df219721ddffcbe03aa894b6b6742ba1) C:\Windows\system32\DRIVERS\trufos.sys 15:41:40.0003 6244 trufos - ok 15:41:40.0034 6244 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:41:40.0034 6244 tssecsrv - ok 15:41:40.0081 6244 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 15:41:40.0081 6244 tunnel - ok 15:41:40.0143 6244 TVICHW32 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW32.SYS 15:41:40.0143 6244 TVICHW32 - ok 15:41:40.0175 6244 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 15:41:40.0175 6244 uagp35 - ok 15:41:40.0206 6244 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys 15:41:40.0221 6244 udfs - ok 15:41:40.0268 6244 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:41:40.0284 6244 uliagpkx - ok 15:41:40.0315 6244 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 15:41:40.0315 6244 umbus - ok 15:41:40.0362 6244 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 15:41:40.0362 6244 UmPass - ok 15:41:40.0409 6244 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 15:41:40.0409 6244 USBAAPL64 - ok 15:41:40.0440 6244 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 15:41:40.0455 6244 usbccgp - ok 15:41:40.0487 6244 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:41:40.0487 6244 usbcir - ok 15:41:40.0549 6244 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys 15:41:40.0549 6244 usbehci - ok 15:41:40.0580 6244 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 15:41:40.0580 6244 usbhub - ok 15:41:40.0627 6244 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys 15:41:40.0627 6244 usbohci - ok 15:41:40.0658 6244 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 15:41:40.0658 6244 usbprint - ok 15:41:40.0689 6244 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS 15:41:40.0705 6244 USBSTOR - ok 15:41:40.0736 6244 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys 15:41:40.0736 6244 usbuhci - ok 15:41:40.0783 6244 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 15:41:40.0783 6244 usbvideo - ok 15:41:40.0877 6244 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:41:40.0877 6244 vdrvroot - ok 15:41:40.0923 6244 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:41:40.0923 6244 vga - ok 15:41:40.0970 6244 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:41:40.0970 6244 VgaSave - ok 15:41:41.0017 6244 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys 15:41:41.0017 6244 vhdmp - ok 15:41:41.0048 6244 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:41:41.0048 6244 viaide - ok 15:41:41.0111 6244 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys 15:41:41.0111 6244 volmgr - ok 15:41:41.0142 6244 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 15:41:41.0142 6244 volmgrx - ok 15:41:41.0189 6244 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys 15:41:41.0189 6244 volsnap - ok 15:41:41.0220 6244 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 15:41:41.0220 6244 vsmraid - ok 15:41:41.0267 6244 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 15:41:41.0267 6244 vwifibus - ok 15:41:41.0313 6244 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 15:41:41.0313 6244 vwififlt - ok 15:41:41.0345 6244 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 15:41:41.0345 6244 vwifimp - ok 15:41:41.0391 6244 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 15:41:41.0391 6244 WacomPen - ok 15:41:41.0423 6244 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 15:41:41.0423 6244 WANARP - ok 15:41:41.0423 6244 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 15:41:41.0423 6244 Wanarpv6 - ok 15:41:41.0501 6244 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 15:41:41.0501 6244 Wd - ok 15:41:41.0532 6244 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:41:41.0547 6244 Wdf01000 - ok 15:41:41.0594 6244 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:41:41.0594 6244 WfpLwf - ok 15:41:41.0625 6244 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:41:41.0625 6244 WIMMount - ok 15:41:41.0688 6244 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 15:41:41.0688 6244 WinUsb - ok 15:41:41.0735 6244 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 15:41:41.0735 6244 WmiAcpi - ok 15:41:41.0766 6244 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:41:41.0766 6244 ws2ifsl - ok 15:41:41.0859 6244 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 15:41:41.0859 6244 WudfPf - ok 15:41:41.0875 6244 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:41:41.0891 6244 WUDFRd - ok 15:41:41.0937 6244 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys 15:41:41.0937 6244 yukonw7 - ok 15:41:41.0984 6244 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 15:41:42.0171 6244 \Device\Harddisk0\DR0 - ok 15:41:42.0187 6244 Boot (0x1200) (ca1e0484e3abdd2c416ddfe2962c1845) \Device\Harddisk0\DR0\Partition0 15:41:42.0187 6244 \Device\Harddisk0\DR0\Partition0 - ok 15:41:42.0187 6244 Boot (0x1200) (d4b3b9b4d7e609a14c583c8d47894237) \Device\Harddisk0\DR0\Partition1 15:41:42.0187 6244 \Device\Harddisk0\DR0\Partition1 - ok 15:41:42.0187 6244 ============================================================ 15:41:42.0187 6244 Scan finished 15:41:42.0187 6244 ============================================================ 15:41:42.0187 2248 Detected object count: 0 15:41:42.0187 2248 Actual detected object count: 0 15:48:30.0923 1476 ============================================================ 15:48:30.0923 1476 Scan started 15:48:30.0923 1476 Mode: Manual; 15:48:30.0923 1476 ============================================================ 15:49:03.0028 1476 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys 15:49:03.0028 1476 1394ohci - ok 15:49:03.0496 1476 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys 15:49:03.0496 1476 ACPI - ok 15:49:03.0886 1476 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys 15:49:03.0886 1476 AcpiPmi - ok 15:49:04.0463 1476 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 15:49:04.0463 1476 adp94xx - ok 15:49:05.0228 1476 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 15:49:05.0228 1476 adpahci - ok 15:49:06.0101 1476 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 15:49:06.0101 1476 adpu320 - ok 15:49:07.0895 1476 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 15:49:07.0895 1476 AFD - ok 15:49:08.0863 1476 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:49:08.0863 1476 agp440 - ok 15:49:09.0892 1476 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:49:09.0892 1476 aliide - ok 15:49:10.0547 1476 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:49:10.0547 1476 amdide - ok 15:49:11.0047 1476 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 15:49:11.0047 1476 AmdK8 - ok 15:49:11.0671 1476 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 15:49:11.0671 1476 AmdPPM - ok 15:49:12.0185 1476 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 15:49:12.0185 1476 amdsata - ok 15:49:12.0685 1476 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 15:49:12.0685 1476 amdsbs - ok 15:49:13.0231 1476 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 15:49:13.0231 1476 amdxata - ok 15:49:13.0855 1476 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys 15:49:13.0855 1476 ApfiltrService - ok 15:49:15.0056 1476 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 15:49:15.0056 1476 AppID - ok 15:49:15.0446 1476 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 15:49:15.0446 1476 arc - ok 15:49:15.0992 1476 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 15:49:15.0992 1476 arcsas - ok 15:49:17.0474 1476 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 15:49:17.0474 1476 ArcSoftKsUFilter - ok 15:49:18.0176 1476 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:49:18.0176 1476 AsyncMac - ok 15:49:18.0675 1476 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:49:18.0675 1476 atapi - ok 15:49:19.0627 1476 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys 15:49:19.0627 1476 athr - ok 15:49:20.0672 1476 avc3 (10b021c6d0097d3844822667135cf263) C:\Windows\system32\DRIVERS\avc3.sys 15:49:20.0672 1476 avc3 - ok 15:49:21.0467 1476 avchv (9bb5c4987545c77c27a7e5471f635f88) C:\Windows\system32\DRIVERS\avchv.sys 15:49:21.0467 1476 avchv - ok 15:49:22.0653 1476 avckf (8e33e9175ae2f6cee4e77fc40d4c8f40) C:\Windows\system32\DRIVERS\avckf.sys 15:49:22.0653 1476 avckf - ok 15:49:23.0355 1476 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 15:49:23.0355 1476 b06bdrv - ok 15:49:23.0839 1476 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:49:23.0839 1476 b57nd60a - ok 15:49:24.0151 1476 BdfNdisf (5d70a5a4eb6bf57a8679f93a8bfb9480) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 15:49:24.0151 1476 BdfNdisf - ok 15:49:24.0744 1476 bdfsfltr (66116e0a4da8407ff7f2aaace52b8b54) C:\Windows\system32\DRIVERS\bdfsfltr.sys 15:49:24.0744 1476 bdfsfltr - ok 15:49:25.0071 1476 bdfwfpf (a626dcb25f09e117421e1021ca3d22a0) C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys 15:49:25.0071 1476 bdfwfpf - ok 15:49:25.0602 1476 bdsandbox (afda933f10d5b536b8713f119eba6912) C:\Windows\system32\drivers\bdsandbox.sys 15:49:25.0602 1476 bdsandbox - ok 15:49:26.0194 1476 BDVEDISK (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Windows\system32\DRIVERS\bdvedisk.sys 15:49:26.0194 1476 BDVEDISK - ok 15:49:26.0694 1476 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:49:26.0694 1476 Beep - ok 15:49:27.0193 1476 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 15:49:27.0193 1476 blbdrive - ok 15:49:27.0661 1476 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 15:49:27.0661 1476 bowser - ok 15:49:28.0441 1476 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 15:49:28.0441 1476 BrFiltLo - ok 15:49:29.0314 1476 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 15:49:29.0314 1476 BrFiltUp - ok 15:49:30.0219 1476 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:49:30.0219 1476 Brserid - ok 15:49:30.0718 1476 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:49:30.0718 1476 BrSerWdm - ok 15:49:31.0795 1476 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:49:31.0795 1476 BrUsbMdm - ok 15:49:32.0965 1476 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:49:32.0965 1476 BrUsbSer - ok 15:49:33.0807 1476 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 15:49:33.0823 1476 BthEnum - ok 15:49:35.0196 1476 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 15:49:35.0196 1476 BTHMODEM - ok 15:49:35.0742 1476 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 15:49:35.0742 1476 BthPan - ok 15:49:36.0678 1476 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys 15:49:36.0693 1476 BTHPORT - ok 15:49:37.0848 1476 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys 15:49:37.0848 1476 BTHUSB - ok 15:49:38.0175 1476 btwampfl - ok 15:49:38.0472 1476 btwaudio - ok 15:49:38.0799 1476 btwavdt - ok 15:49:39.0142 1476 btwl2cap - ok 15:49:39.0423 1476 btwrchid - ok 15:49:39.0454 1476 catchme - ok 15:49:39.0829 1476 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:49:39.0829 1476 cdfs - ok 15:49:40.0390 1476 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 15:49:40.0406 1476 cdrom - ok 15:49:40.0827 1476 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 15:49:40.0827 1476 circlass - ok 15:49:41.0248 1476 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:49:41.0248 1476 CLFS - ok 15:49:41.0701 1476 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 15:49:41.0701 1476 CmBatt - ok 15:49:42.0262 1476 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:49:42.0262 1476 cmdide - ok 15:49:42.0949 1476 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 15:49:42.0949 1476 CNG - ok 15:49:43.0510 1476 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 15:49:43.0510 1476 Compbatt - ok 15:49:44.0322 1476 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys 15:49:44.0322 1476 CompositeBus - ok 15:49:44.0899 1476 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 15:49:44.0899 1476 crcdisk - ok 15:49:45.0460 1476 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 15:49:45.0460 1476 DfsC - ok 15:49:46.0006 1476 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:49:46.0006 1476 discache - ok 15:49:46.0568 1476 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 15:49:46.0568 1476 Disk - ok 15:49:47.0098 1476 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:49:47.0098 1476 drmkaud - ok 15:49:48.0112 1476 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 15:49:48.0112 1476 DXGKrnl - ok 15:49:49.0470 1476 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 15:49:49.0485 1476 ebdrv - ok 15:49:50.0062 1476 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 15:49:50.0062 1476 elxstor - ok 15:49:50.0515 1476 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:49:50.0515 1476 ErrDev - ok 15:49:50.0562 1476 esgiguard - ok 15:49:50.0998 1476 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:49:50.0998 1476 exfat - ok 15:49:51.0544 1476 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:49:51.0544 1476 fastfat - ok 15:49:52.0480 1476 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 15:49:52.0480 1476 fdc - ok 15:49:52.0855 1476 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:49:52.0855 1476 FileInfo - ok 15:49:53.0214 1476 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:49:53.0214 1476 Filetrace - ok 15:49:53.0760 1476 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 15:49:53.0760 1476 flpydisk - ok 15:49:54.0228 1476 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 15:49:54.0228 1476 FltMgr - ok 15:49:54.0727 1476 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:49:54.0727 1476 FsDepends - ok 15:49:55.0257 1476 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 15:49:55.0257 1476 Fs_Rec - ok 15:49:55.0990 1476 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:49:55.0990 1476 fvevol - ok 15:49:56.0443 1476 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 15:49:56.0443 1476 gagp30kx - ok 15:49:56.0911 1476 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 15:49:56.0911 1476 GEARAspiWDM - ok 15:49:57.0410 1476 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:49:57.0410 1476 hcw85cir - ok 15:49:57.0862 1476 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 15:49:57.0862 1476 HdAudAddService - ok 15:49:58.0767 1476 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys 15:49:58.0767 1476 HDAudBus - ok 15:49:59.0173 1476 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 15:49:59.0173 1476 HidBatt - ok 15:49:59.0532 1476 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 15:49:59.0532 1476 HidBth - ok 15:50:00.0312 1476 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 15:50:00.0312 1476 HidIr - ok 15:50:00.0748 1476 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 15:50:00.0748 1476 HidUsb - ok 15:50:01.0060 1476 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys 15:50:01.0060 1476 HpSAMD - ok 15:50:01.0856 1476 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 15:50:01.0856 1476 HTTP - ok 15:50:02.0683 1476 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 15:50:02.0683 1476 hwpolicy - ok 15:50:03.0198 1476 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 15:50:03.0198 1476 i8042prt - ok 15:50:03.0790 1476 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys 15:50:03.0790 1476 iaStor - ok 15:50:04.0492 1476 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 15:50:04.0492 1476 iaStorV - ok 15:50:05.0038 1476 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 15:50:05.0038 1476 iirsp - ok 15:50:05.0678 1476 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys 15:50:05.0678 1476 Impcd - ok 15:50:06.0988 1476 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys 15:50:07.0004 1476 IntcAzAudAddService - ok 15:50:07.0441 1476 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:50:07.0441 1476 intelide - ok 15:50:07.0956 1476 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 15:50:07.0956 1476 intelppm - ok 15:50:08.0486 1476 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:50:08.0486 1476 IpFilterDriver - ok 15:50:08.0954 1476 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys 15:50:08.0954 1476 IPMIDRV - ok 15:50:09.0438 1476 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:50:09.0438 1476 IPNAT - ok 15:50:09.0999 1476 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:50:09.0999 1476 IRENUM - ok 15:50:10.0842 1476 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:50:10.0842 1476 isapnp - ok 15:50:11.0294 1476 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys 15:50:11.0294 1476 iScsiPrt - ok 15:50:11.0809 1476 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:50:11.0809 1476 kbdclass - ok 15:50:12.0433 1476 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 15:50:12.0433 1476 kbdhid - ok 15:50:13.0010 1476 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 15:50:13.0010 1476 KSecDD - ok 15:50:13.0525 1476 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 15:50:13.0525 1476 KSecPkg - ok 15:50:14.0024 1476 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:50:14.0024 1476 ksthunk - ok 15:50:14.0539 1476 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:50:14.0539 1476 lltdio - ok 15:50:14.0866 1476 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 15:50:14.0866 1476 LMIInfo - ok 15:50:15.0381 1476 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys 15:50:15.0381 1476 lmimirr - ok 15:50:15.0693 1476 LMIRfsClientNP - ok 15:50:16.0364 1476 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys 15:50:16.0364 1476 LMIRfsDriver - ok 15:50:16.0770 1476 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 15:50:16.0770 1476 LSI_FC - ok 15:50:17.0206 1476 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 15:50:17.0206 1476 LSI_SAS - ok 15:50:17.0659 1476 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 15:50:17.0659 1476 LSI_SAS2 - ok 15:50:18.0361 1476 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 15:50:18.0361 1476 LSI_SCSI - ok 15:50:18.0782 1476 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:50:18.0798 1476 luafv - ok 15:50:19.0312 1476 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 15:50:19.0312 1476 megasas - ok 15:50:19.0812 1476 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 15:50:19.0812 1476 MegaSR - ok 15:50:20.0794 1476 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:50:20.0794 1476 Modem - ok 15:50:21.0294 1476 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:50:21.0294 1476 monitor - ok 15:50:21.0621 1476 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:50:21.0621 1476 mouclass - ok 15:50:21.0871 1476 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:50:21.0871 1476 mouhid - ok 15:50:22.0339 1476 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 15:50:22.0339 1476 mountmgr - ok 15:50:22.0947 1476 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys 15:50:22.0947 1476 mpio - ok 15:50:23.0353 1476 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:50:23.0353 1476 mpsdrv - ok 15:50:23.0727 1476 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 15:50:23.0743 1476 MRxDAV - ok 15:50:24.0055 1476 mrxsmb (b7f3d2c40bdf8ffb73ebfb19c77734e2) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:50:24.0055 1476 mrxsmb - ok 15:50:24.0632 1476 mrxsmb10 (86c6f88b5168ce21cf8d69d0b3ff5d19) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:50:24.0632 1476 mrxsmb10 - ok 15:50:25.0006 1476 mrxsmb20 (b081069251c8e9f42cb8769d07148f9c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:50:25.0006 1476 mrxsmb20 - ok 15:50:25.0443 1476 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys 15:50:25.0443 1476 msahci - ok 15:50:25.0864 1476 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys 15:50:25.0864 1476 msdsm - ok 15:50:26.0254 1476 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:50:26.0254 1476 Msfs - ok 15:50:26.0348 1476 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:50:26.0348 1476 mshidkmdf - ok 15:50:26.0395 1476 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:50:26.0395 1476 msisadrv - ok 15:50:26.0457 1476 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:50:26.0457 1476 MSKSSRV - ok 15:50:26.0535 1476 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:50:26.0535 1476 MSPCLOCK - ok 15:50:26.0566 1476 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:50:26.0566 1476 MSPQM - ok 15:50:26.0644 1476 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 15:50:26.0644 1476 MsRPC - ok 15:50:26.0691 1476 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 15:50:26.0691 1476 mssmbios - ok 15:50:26.0769 1476 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:50:26.0769 1476 MSTEE - ok 15:50:26.0816 1476 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 15:50:26.0832 1476 MTConfig - ok 15:50:26.0910 1476 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:50:26.0910 1476 Mup - ok 15:50:27.0034 1476 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:50:27.0034 1476 NativeWifiP - ok 15:50:27.0300 1476 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 15:50:27.0315 1476 NDIS - ok 15:50:27.0612 1476 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:50:27.0612 1476 NdisCap - ok 15:50:27.0674 1476 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:50:27.0674 1476 NdisTapi - ok 15:50:27.0736 1476 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 15:50:27.0736 1476 Ndisuio - ok 15:50:27.0814 1476 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 15:50:27.0814 1476 NdisWan - ok 15:50:27.0986 1476 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 15:50:27.0986 1476 NDProxy - ok 15:50:28.0236 1476 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:50:28.0236 1476 NetBIOS - ok 15:50:28.0548 1476 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 15:50:28.0548 1476 NetBT - ok 15:50:28.0844 1476 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 15:50:28.0844 1476 nfrd960 - ok 15:50:29.0078 1476 NMgamingmsFltr (fbca3fd51604147770eb4fb53d6144a8) C:\Windows\system32\drivers\NMgamingms.sys 15:50:29.0078 1476 NMgamingmsFltr - ok 15:50:29.0390 1476 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:50:29.0390 1476 Npfs - ok 15:50:29.0593 1476 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:50:29.0593 1476 nsiproxy - ok 15:50:29.0733 1476 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 15:50:29.0733 1476 Ntfs - ok 15:50:30.0030 1476 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:50:30.0030 1476 Null - ok 15:50:30.0170 1476 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys 15:50:30.0170 1476 NVHDA - ok 15:50:32.0588 1476 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:50:32.0650 1476 nvlddmkm - ok 15:50:32.0947 1476 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 15:50:32.0962 1476 nvraid - ok 15:50:33.0040 1476 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 15:50:33.0040 1476 nvstor - ok 15:50:33.0134 1476 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:50:33.0134 1476 nv_agp - ok 15:50:33.0212 1476 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:50:33.0212 1476 ohci1394 - ok 15:50:33.0524 1476 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 15:50:33.0524 1476 Parport - ok 15:50:33.0727 1476 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 15:50:33.0727 1476 partmgr - ok 15:50:33.0820 1476 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys 15:50:33.0820 1476 pci - ok 15:50:34.0023 1476 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:50:34.0023 1476 pciide - ok 15:50:34.0226 1476 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 15:50:34.0226 1476 pcmcia - ok 15:50:34.0257 1476 PCTINDIS5X64 - ok 15:50:34.0304 1476 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:50:34.0320 1476 pcw - ok 15:50:34.0460 1476 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:50:34.0460 1476 PEAUTH - ok 15:50:34.0834 1476 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 15:50:34.0834 1476 PptpMiniport - ok 15:50:35.0240 1476 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 15:50:35.0240 1476 Processor - ok 15:50:35.0521 1476 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 15:50:35.0521 1476 Psched - ok 15:50:35.0724 1476 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 15:50:35.0724 1476 PxHlpa64 - ok 15:50:36.0176 1476 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 15:50:36.0176 1476 ql2300 - ok 15:50:36.0379 1476 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 15:50:36.0379 1476 ql40xx - ok 15:50:36.0597 1476 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:50:36.0597 1476 QWAVEdrv - ok 15:50:36.0769 1476 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:50:36.0769 1476 RasAcd - ok 15:50:36.0972 1476 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:50:36.0972 1476 RasAgileVpn - ok 15:50:37.0206 1476 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:50:37.0206 1476 Rasl2tp - ok 15:50:37.0393 1476 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:50:37.0393 1476 RasPppoe - ok 15:50:37.0533 1476 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:50:37.0533 1476 RasSstp - ok 15:50:37.0814 1476 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 15:50:37.0830 1476 rdbss - ok 15:50:38.0797 1476 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 15:50:38.0797 1476 rdpbus - ok 15:50:39.0223 1476 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:50:39.0233 1476 RDPCDD - ok 15:50:39.0533 1476 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:50:39.0533 1476 RDPENCDD - ok 15:50:39.0763 1476 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:50:39.0763 1476 RDPREFMP - ok 15:50:40.0223 1476 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 15:50:40.0223 1476 RDPWD - ok 15:50:40.0536 1476 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 15:50:40.0536 1476 rdyboost - ok 15:50:40.0863 1476 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys 15:50:40.0863 1476 regi - ok 15:50:41.0191 1476 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 15:50:41.0191 1476 RFCOMM - ok 15:50:41.0456 1476 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys 15:50:41.0456 1476 rimspci - ok 15:50:41.0752 1476 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 15:50:41.0752 1476 RimVSerPort - ok 15:50:42.0189 1476 risdpcie (2eea929b8c4b6241bc945a3b173d9f71) C:\Windows\system32\DRIVERS\risdpe64.sys 15:50:42.0189 1476 risdpcie - ok 15:50:42.0470 1476 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys 15:50:42.0470 1476 risdsnpe - ok 15:50:42.0782 1476 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys 15:50:42.0782 1476 ROOTMODEM - ok 15:50:43.0125 1476 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:50:43.0125 1476 rspndr - ok 15:50:43.0328 1476 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys 15:50:43.0328 1476 sbp2port - ok 15:50:43.0562 1476 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 15:50:43.0562 1476 scfilter - ok 15:50:43.0890 1476 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\drivers\sdbus.sys 15:50:43.0890 1476 sdbus - ok 15:50:44.0295 1476 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:50:44.0295 1476 secdrv - ok 15:50:44.0576 1476 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 15:50:44.0576 1476 Serenum - ok 15:50:44.0888 1476 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 15:50:44.0888 1476 Serial - ok 15:50:45.0169 1476 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 15:50:45.0169 1476 sermouse - ok 15:50:45.0543 1476 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys 15:50:45.0543 1476 SFEP - ok 15:50:45.0871 1476 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:50:45.0902 1476 sffdisk - ok 15:50:46.0230 1476 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:50:46.0230 1476 sffp_mmc - ok 15:50:46.0510 1476 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys 15:50:46.0510 1476 sffp_sd - ok 15:50:46.0791 1476 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 15:50:46.0791 1476 sfloppy - ok 15:50:47.0166 1476 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys 15:50:47.0400 1476 Sftfs - ok 15:50:47.0836 1476 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys 15:50:47.0836 1476 Sftplay - ok 15:50:48.0492 1476 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys 15:50:48.0492 1476 Sftredir - ok 15:50:48.0772 1476 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys 15:50:48.0772 1476 Sftvol - ok 15:50:49.0084 1476 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 15:50:49.0084 1476 SiSRaid2 - ok 15:50:49.0256 1476 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 15:50:49.0256 1476 SiSRaid4 - ok 15:50:49.0537 1476 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:50:49.0537 1476 Smb - ok 15:50:50.0020 1476 smbusp (3b47f81c3c3b4742221a5391ef8d499d) C:\Windows\system32\DRIVERS\intelsmb.sys 15:50:50.0020 1476 smbusp - ok 15:50:50.0270 1476 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:50:50.0270 1476 spldr - ok 15:50:50.0410 1476 srv (148d50904d2a0df29a19778715eb35bb) C:\Windows\system32\DRIVERS\srv.sys 15:50:50.0410 1476 srv - ok 15:50:50.0520 1476 srv2 (ce2189fe31d36678ac9eb7ddee08ec96) C:\Windows\system32\DRIVERS\srv2.sys 15:50:50.0520 1476 srv2 - ok 15:50:50.0707 1476 srvnet (cb69edeb069a49577592835659cd0e46) C:\Windows\system32\DRIVERS\srvnet.sys 15:50:50.0707 1476 srvnet - ok 15:50:50.0754 1476 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 15:50:50.0754 1476 stexstor - ok 15:50:50.0785 1476 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 15:50:50.0785 1476 StillCam - ok 15:50:50.0847 1476 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 15:50:50.0847 1476 swenum - ok 15:50:50.0910 1476 swmsflt (851681f7d3200e2a646c5ee4d4e9883d) C:\Windows\System32\drivers\swmsflt.sys 15:50:50.0910 1476 swmsflt - ok 15:50:50.0941 1476 SWNC8U56 (c2ad3936249199c9d8187dcdea17ac25) C:\Windows\system32\DRIVERS\swnc8u56.sys 15:50:50.0941 1476 SWNC8U56 - ok 15:50:50.0988 1476 SWUMX56 (cc97ec73094cf0f47cd89aafba6d26f1) C:\Windows\system32\DRIVERS\swumx56.sys 15:50:50.0988 1476 SWUMX56 - ok 15:50:51.0003 1476 szkg5 - ok 15:50:51.0175 1476 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 15:50:51.0190 1476 Tcpip - ok 15:50:51.0222 1476 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 15:50:51.0222 1476 TCPIP6 - ok 15:50:51.0268 1476 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 15:50:51.0268 1476 tcpipreg - ok 15:50:51.0284 1476 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:50:51.0284 1476 TDPIPE - ok 15:50:51.0315 1476 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 15:50:51.0315 1476 TDTCP - ok 15:50:51.0346 1476 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 15:50:51.0346 1476 tdx - ok 15:50:51.0440 1476 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys 15:50:51.0440 1476 TermDD - ok 15:50:51.0502 1476 trufos (df219721ddffcbe03aa894b6b6742ba1) C:\Windows\system32\DRIVERS\trufos.sys 15:50:51.0502 1476 trufos - ok 15:50:51.0534 1476 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:50:51.0534 1476 tssecsrv - ok 15:50:51.0549 1476 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 15:50:51.0565 1476 tunnel - ok 15:50:51.0596 1476 TVICHW32 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW32.SYS 15:50:51.0596 1476 TVICHW32 - ok 15:50:51.0643 1476 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 15:50:51.0643 1476 uagp35 - ok 15:50:51.0674 1476 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys 15:50:51.0674 1476 udfs - ok 15:50:51.0721 1476 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:50:51.0721 1476 uliagpkx - ok 15:50:51.0768 1476 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 15:50:51.0768 1476 umbus - ok 15:50:51.0799 1476 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 15:50:51.0799 1476 UmPass - ok 15:50:51.0846 1476 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 15:50:51.0861 1476 USBAAPL64 - ok 15:50:52.0048 1476 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 15:50:52.0048 1476 usbccgp - ok 15:50:52.0142 1476 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:50:52.0142 1476 usbcir - ok 15:50:52.0204 1476 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys 15:50:52.0204 1476 usbehci - ok 15:50:52.0236 1476 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 15:50:52.0236 1476 usbhub - ok 15:50:52.0329 1476 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys 15:50:52.0329 1476 usbohci - ok 15:50:52.0392 1476 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 15:50:52.0392 1476 usbprint - ok 15:50:52.0438 1476 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS 15:50:52.0438 1476 USBSTOR - ok 15:50:52.0485 1476 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys 15:50:52.0485 1476 usbuhci - ok 15:50:52.0516 1476 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 15:50:52.0516 1476 usbvideo - ok 15:50:52.0579 1476 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:50:52.0579 1476 vdrvroot - ok 15:50:52.0641 1476 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:50:52.0641 1476 vga - ok 15:50:52.0672 1476 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:50:52.0672 1476 VgaSave - ok 15:50:52.0719 1476 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys 15:50:52.0719 1476 vhdmp - ok 15:50:52.0750 1476 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:50:52.0750 1476 viaide - ok 15:50:52.0797 1476 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys 15:50:52.0797 1476 volmgr - ok 15:50:52.0828 1476 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 15:50:52.0844 1476 volmgrx - ok 15:50:52.0875 1476 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys 15:50:52.0875 1476 volsnap - ok 15:50:52.0938 1476 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 15:50:52.0938 1476 vsmraid - ok 15:50:53.0000 1476 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 15:50:53.0000 1476 vwifibus - ok 15:50:53.0031 1476 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 15:50:53.0031 1476 vwififlt - ok 15:50:53.0062 1476 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 15:50:53.0062 1476 vwifimp - ok 15:50:53.0109 1476 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 15:50:53.0109 1476 WacomPen - ok 15:50:53.0125 1476 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 15:50:53.0125 1476 WANARP - ok 15:50:53.0140 1476 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 15:50:53.0140 1476 Wanarpv6 - ok 15:50:53.0187 1476 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 15:50:53.0187 1476 Wd - ok 15:50:53.0234 1476 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:50:53.0250 1476 Wdf01000 - ok 15:50:53.0312 1476 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:50:53.0312 1476 WfpLwf - ok 15:50:53.0343 1476 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:50:53.0343 1476 WIMMount - ok 15:50:53.0406 1476 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 15:50:53.0421 1476 WinUsb - ok 15:50:53.0452 1476 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 15:50:53.0452 1476 WmiAcpi - ok 15:50:53.0499 1476 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:50:53.0499 1476 ws2ifsl - ok 15:50:53.0562 1476 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 15:50:53.0562 1476 WudfPf - ok 15:50:53.0593 1476 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:50:53.0593 1476 WUDFRd - ok 15:50:53.0640 1476 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys 15:50:53.0640 1476 yukonw7 - ok 15:50:53.0686 1476 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 15:50:53.0967 1476 \Device\Harddisk0\DR0 - ok 15:50:53.0967 1476 Boot (0x1200) (ca1e0484e3abdd2c416ddfe2962c1845) \Device\Harddisk0\DR0\Partition0 15:50:53.0967 1476 \Device\Harddisk0\DR0\Partition0 - ok 15:50:53.0983 1476 Boot (0x1200) (d4b3b9b4d7e609a14c583c8d47894237) \Device\Harddisk0\DR0\Partition1 15:50:53.0983 1476 \Device\Harddisk0\DR0\Partition1 - ok 15:50:53.0983 1476 ============================================================ 15:50:53.0983 1476 Scan finished 15:50:53.0983 1476 ============================================================ 15:50:53.0983 6516 Detected object count: 0 15:50:53.0983 6516 Actual detected object count: 0 15:58:49.0498 2432 ============================================================ 15:58:49.0498 2432 Scan started 15:58:49.0498 2432 Mode: Manual; 15:58:49.0498 2432 ============================================================ 15:58:50.0137 2432 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys 15:58:50.0137 2432 1394ohci - ok 15:58:50.0246 2432 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys 15:58:50.0246 2432 ACPI - ok 15:58:50.0371 2432 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys 15:58:50.0371 2432 AcpiPmi - ok 15:58:50.0480 2432 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 15:58:50.0480 2432 adp94xx - ok 15:58:50.0605 2432 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 15:58:50.0605 2432 adpahci - ok 15:58:50.0683 2432 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 15:58:50.0683 2432 adpu320 - ok 15:58:50.0824 2432 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 15:58:50.0824 2432 AFD - ok 15:58:50.0948 2432 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:58:50.0948 2432 agp440 - ok 15:58:51.0026 2432 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:58:51.0026 2432 aliide - ok 15:58:51.0136 2432 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:58:51.0136 2432 amdide - ok 15:58:51.0214 2432 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 15:58:51.0214 2432 AmdK8 - ok 15:58:51.0292 2432 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 15:58:51.0292 2432 AmdPPM - ok 15:58:51.0416 2432 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 15:58:51.0416 2432 amdsata - ok 15:58:51.0557 2432 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 15:58:51.0557 2432 amdsbs - ok 15:58:51.0697 2432 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 15:58:51.0697 2432 amdxata - ok 15:58:51.0822 2432 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys 15:58:51.0822 2432 ApfiltrService - ok 15:58:51.0916 2432 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 15:58:51.0916 2432 AppID - ok 15:58:52.0025 2432 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 15:58:52.0025 2432 arc - ok 15:58:52.0181 2432 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 15:58:52.0181 2432 arcsas - ok 15:58:52.0308 2432 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 15:58:52.0308 2432 ArcSoftKsUFilter - ok 15:58:52.0443 2432 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:58:52.0443 2432 AsyncMac - ok 15:58:52.0573 2432 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:58:52.0573 2432 atapi - ok 15:58:52.0703 2432 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys 15:58:52.0713 2432 athr - ok 15:58:52.0843 2432 avc3 (10b021c6d0097d3844822667135cf263) C:\Windows\system32\DRIVERS\avc3.sys 15:58:52.0843 2432 avc3 - ok 15:58:52.0973 2432 avchv (9bb5c4987545c77c27a7e5471f635f88) C:\Windows\system32\DRIVERS\avchv.sys 15:58:52.0973 2432 avchv - ok 15:58:53.0103 2432 avckf (8e33e9175ae2f6cee4e77fc40d4c8f40) C:\Windows\system32\DRIVERS\avckf.sys 15:58:53.0103 2432 avckf - ok 15:58:53.0213 2432 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 15:58:53.0213 2432 b06bdrv - ok 15:58:53.0343 2432 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:58:53.0343 2432 b57nd60a - ok 15:58:53.0443 2432 BdfNdisf (5d70a5a4eb6bf57a8679f93a8bfb9480) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 15:58:53.0443 2432 BdfNdisf - ok 15:58:53.0543 2432 bdfsfltr (66116e0a4da8407ff7f2aaace52b8b54) C:\Windows\system32\DRIVERS\bdfsfltr.sys 15:58:53.0543 2432 bdfsfltr - ok 15:58:53.0663 2432 bdfwfpf (a626dcb25f09e117421e1021ca3d22a0) C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys 15:58:53.0663 2432 bdfwfpf - ok 15:58:53.0781 2432 bdsandbox (afda933f10d5b536b8713f119eba6912) C:\Windows\system32\drivers\bdsandbox.sys 15:58:53.0781 2432 bdsandbox - ok 15:58:54.0109 2432 BDVEDISK (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Windows\system32\DRIVERS\bdvedisk.sys 15:58:54.0109 2432 BDVEDISK - ok 15:58:54.0312 2432 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:58:54.0312 2432 Beep - ok 15:58:54.0452 2432 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 15:58:54.0452 2432 blbdrive - ok 15:58:54.0561 2432 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 15:58:54.0561 2432 bowser - ok 15:58:54.0686 2432 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 15:58:54.0686 2432 BrFiltLo - ok 15:58:54.0780 2432 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 15:58:54.0780 2432 BrFiltUp - ok 15:58:54.0873 2432 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:58:54.0873 2432 Brserid - ok 15:58:55.0014 2432 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:58:55.0014 2432 BrSerWdm - ok 15:58:55.0107 2432 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:58:55.0107 2432 BrUsbMdm - ok 15:58:55.0232 2432 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:58:55.0232 2432 BrUsbSer - ok 15:58:55.0373 2432 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 15:58:55.0373 2432 BthEnum - ok 15:58:55.0482 2432 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 15:58:55.0497 2432 BTHMODEM - ok 15:58:55.0607 2432 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 15:58:55.0607 2432 BthPan - ok 15:58:55.0747 2432 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys 15:58:55.0763 2432 BTHPORT - ok 15:58:55.0903 2432 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys 15:58:55.0903 2432 BTHUSB - ok 15:58:55.0997 2432 btwampfl - ok 15:58:56.0075 2432 btwaudio - ok 15:58:56.0184 2432 btwavdt - ok 15:58:56.0262 2432 btwl2cap - ok 15:58:56.0340 2432 btwrchid - ok 15:58:56.0340 2432 catchme - ok 15:58:56.0480 2432 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:58:56.0480 2432 cdfs - ok 15:58:56.0574 2432 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 15:58:56.0574 2432 cdrom - ok 15:58:56.0683 2432 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 15:58:56.0683 2432 circlass - ok 15:58:56.0761 2432 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:58:56.0761 2432 CLFS - ok 15:58:56.0886 2432 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 15:58:56.0886 2432 CmBatt - ok 15:58:56.0979 2432 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:58:56.0979 2432 cmdide - ok 15:58:57.0120 2432 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 15:58:57.0120 2432 CNG - ok 15:58:57.0245 2432 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 15:58:57.0245 2432 Compbatt - ok 15:58:57.0323 2432 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys 15:58:57.0323 2432 CompositeBus - ok 15:58:57.0447 2432 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 15:58:57.0447 2432 crcdisk - ok 15:58:57.0588 2432 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 15:58:57.0588 2432 DfsC - ok 15:58:57.0713 2432 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:58:57.0713 2432 discache - ok 15:58:57.0837 2432 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 15:58:57.0837 2432 Disk - ok 15:58:57.0978 2432 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:58:57.0978 2432 drmkaud - ok 15:58:58.0103 2432 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 15:58:58.0103 2432 DXGKrnl - ok 15:58:58.0259 2432 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 15:58:58.0274 2432 ebdrv - ok 15:58:58.0430 2432 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 15:58:58.0430 2432 elxstor - ok 15:58:58.0524 2432 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:58:58.0524 2432 ErrDev - ok 15:58:58.0586 2432 esgiguard - ok 15:58:58.0695 2432 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:58:58.0695 2432 exfat - ok 15:58:58.0805 2432 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:58:58.0805 2432 fastfat - ok 15:58:58.0929 2432 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 15:58:58.0929 2432 fdc - ok 15:58:59.0070 2432 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:58:59.0070 2432 FileInfo - ok 15:58:59.0210 2432 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:58:59.0210 2432 Filetrace - ok 15:58:59.0319 2432 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 15:58:59.0319 2432 flpydisk - ok 15:58:59.0460 2432 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 15:58:59.0460 2432 FltMgr - ok 15:58:59.0585 2432 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:58:59.0585 2432 FsDepends - ok 15:58:59.0709 2432 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 15:58:59.0709 2432 Fs_Rec - ok 15:58:59.0756 2432 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:58:59.0756 2432 fvevol - ok 15:58:59.0819 2432 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 15:58:59.0819 2432 gagp30kx - ok 15:58:59.0865 2432 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 15:58:59.0865 2432 GEARAspiWDM - ok 15:58:59.0897 2432 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:58:59.0912 2432 hcw85cir - ok 15:58:59.0943 2432 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 15:58:59.0943 2432 HdAudAddService - ok 15:58:59.0990 2432 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys 15:58:59.0990 2432 HDAudBus - ok 15:59:00.0021 2432 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 15:59:00.0021 2432 HidBatt - ok 15:59:00.0068 2432 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 15:59:00.0068 2432 HidBth - ok 15:59:00.0099 2432 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 15:59:00.0099 2432 HidIr - ok 15:59:00.0146 2432 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 15:59:00.0146 2432 HidUsb - ok 15:59:00.0193 2432 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys 15:59:00.0193 2432 HpSAMD - ok 15:59:00.0255 2432 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 15:59:00.0255 2432 HTTP - ok 15:59:00.0287 2432 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 15:59:00.0287 2432 hwpolicy - ok 15:59:00.0318 2432 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 15:59:00.0318 2432 i8042prt - ok 15:59:00.0349 2432 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys 15:59:00.0365 2432 iaStor - ok 15:59:00.0427 2432 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 15:59:00.0427 2432 iaStorV - ok 15:59:00.0489 2432 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 15:59:00.0489 2432 iirsp - ok 15:59:00.0521 2432 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys 15:59:00.0521 2432 Impcd - ok 15:59:00.0614 2432 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys 15:59:00.0614 2432 IntcAzAudAddService - ok 15:59:00.0723 2432 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:59:00.0723 2432 intelide - ok 15:59:00.0755 2432 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 15:59:00.0755 2432 intelppm - ok 15:59:00.0833 2432 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:59:00.0833 2432 IpFilterDriver - ok 15:59:00.0864 2432 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys 15:59:00.0864 2432 IPMIDRV - ok 15:59:00.0895 2432 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:59:00.0895 2432 IPNAT - ok 15:59:00.0911 2432 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:59:00.0911 2432 IRENUM - ok 15:59:00.0973 2432 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:59:00.0973 2432 isapnp - ok 15:59:01.0020 2432 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys 15:59:01.0035 2432 iScsiPrt - ok 15:59:01.0067 2432 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:59:01.0067 2432 kbdclass - ok 15:59:01.0098 2432 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 15:59:01.0098 2432 kbdhid - ok 15:59:01.0145 2432 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 15:59:01.0145 2432 KSecDD - ok 15:59:01.0176 2432 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 15:59:01.0176 2432 KSecPkg - ok 15:59:01.0207 2432 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:59:01.0207 2432 ksthunk - ok 15:59:01.0254 2432 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:59:01.0254 2432 lltdio - ok 15:59:01.0425 2432 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 15:59:01.0425 2432 LMIInfo - ok 15:59:01.0441 2432 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys 15:59:01.0441 2432 lmimirr - ok 15:59:01.0457 2432 LMIRfsClientNP - ok 15:59:01.0488 2432 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys 15:59:01.0488 2432 LMIRfsDriver - ok 15:59:01.0566 2432 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 15:59:01.0566 2432 LSI_FC - ok 15:59:01.0613 2432 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 15:59:01.0613 2432 LSI_SAS - ok 15:59:01.0644 2432 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 15:59:01.0644 2432 LSI_SAS2 - ok 15:59:01.0691 2432 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 15:59:01.0691 2432 LSI_SCSI - ok 15:59:01.0737 2432 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:59:01.0737 2432 luafv - ok 15:59:01.0800 2432 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 15:59:01.0800 2432 megasas - ok 15:59:01.0831 2432 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 15:59:01.0831 2432 MegaSR - ok 15:59:01.0862 2432 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:59:01.0878 2432 Modem - ok 15:59:01.0925 2432 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:59:01.0925 2432 monitor - ok 15:59:01.0971 2432 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:59:01.0971 2432 mouclass - ok 15:59:02.0003 2432 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:59:02.0003 2432 mouhid - ok 15:59:02.0049 2432 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 15:59:02.0049 2432 mountmgr - ok 15:59:02.0081 2432 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys 15:59:02.0096 2432 mpio - ok 15:59:02.0127 2432 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:59:02.0127 2432 mpsdrv - ok 15:59:02.0190 2432 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 15:59:02.0205 2432 MRxDAV - ok 15:59:02.0252 2432 mrxsmb (b7f3d2c40bdf8ffb73ebfb19c77734e2) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:59:02.0252 2432 mrxsmb - ok 15:59:02.0299 2432 mrxsmb10 (86c6f88b5168ce21cf8d69d0b3ff5d19) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:59:02.0299 2432 mrxsmb10 - ok 15:59:02.0361 2432 mrxsmb20 (b081069251c8e9f42cb8769d07148f9c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:59:02.0361 2432 mrxsmb20 - ok 15:59:02.0393 2432 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys 15:59:02.0393 2432 msahci - ok 15:59:02.0439 2432 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys 15:59:02.0439 2432 msdsm - ok 15:59:02.0502 2432 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:59:02.0502 2432 Msfs - ok 15:59:02.0533 2432 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:59:02.0533 2432 mshidkmdf - ok 15:59:02.0611 2432 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:59:02.0611 2432 msisadrv - ok 15:59:02.0642 2432 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:59:02.0642 2432 MSKSSRV - ok 15:59:02.0658 2432 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:59:02.0673 2432 MSPCLOCK - ok 15:59:02.0689 2432 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:59:02.0689 2432 MSPQM - ok 15:59:02.0736 2432 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 15:59:02.0736 2432 MsRPC - ok 15:59:02.0798 2432 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 15:59:02.0798 2432 mssmbios - ok 15:59:02.0845 2432 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:59:02.0845 2432 MSTEE - ok 15:59:02.0892 2432 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 15:59:02.0892 2432 MTConfig - ok 15:59:02.0923 2432 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:59:02.0923 2432 Mup - ok 15:59:03.0017 2432 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:59:03.0017 2432 NativeWifiP - ok 15:59:03.0032 2432 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 15:59:03.0048 2432 NDIS - ok 15:59:03.0063 2432 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:59:03.0079 2432 NdisCap - ok 15:59:03.0095 2432 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:59:03.0095 2432 NdisTapi - ok 15:59:03.0188 2432 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 15:59:03.0188 2432 Ndisuio - ok 15:59:03.0204 2432 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 15:59:03.0204 2432 NdisWan - ok 15:59:03.0235 2432 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 15:59:03.0235 2432 NDProxy - ok 15:59:03.0266 2432 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:59:03.0266 2432 NetBIOS - ok 15:59:03.0360 2432 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 15:59:03.0360 2432 NetBT - ok 15:59:03.0422 2432 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 15:59:03.0422 2432 nfrd960 - ok 15:59:03.0453 2432 NMgamingmsFltr (fbca3fd51604147770eb4fb53d6144a8) C:\Windows\system32\drivers\NMgamingms.sys 15:59:03.0453 2432 NMgamingmsFltr - ok 15:59:03.0485 2432 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:59:03.0485 2432 Npfs - ok 15:59:03.0516 2432 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:59:03.0516 2432 nsiproxy - ok 15:59:03.0594 2432 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 15:59:03.0594 2432 Ntfs - ok 15:59:03.0625 2432 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:59:03.0625 2432 Null - ok 15:59:03.0656 2432 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys 15:59:03.0672 2432 NVHDA - ok 15:59:03.0859 2432 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:59:03.0906 2432 nvlddmkm - ok 15:59:04.0031 2432 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 15:59:04.0031 2432 nvraid - ok 15:59:04.0062 2432 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 15:59:04.0062 2432 nvstor - ok 15:59:04.0093 2432 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:59:04.0093 2432 nv_agp - ok 15:59:04.0124 2432 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:59:04.0124 2432 ohci1394 - ok 15:59:04.0155 2432 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 15:59:04.0155 2432 Parport - ok 15:59:04.0187 2432 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 15:59:04.0187 2432 partmgr - ok 15:59:04.0218 2432 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys 15:59:04.0233 2432 pci - ok 15:59:04.0249 2432 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:59:04.0249 2432 pciide - ok 15:59:04.0296 2432 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 15:59:04.0296 2432 pcmcia - ok 15:59:04.0311 2432 PCTINDIS5X64 - ok 15:59:04.0343 2432 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:59:04.0343 2432 pcw - ok 15:59:04.0374 2432 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:59:04.0374 2432 PEAUTH - ok 15:59:04.0436 2432 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 15:59:04.0436 2432 PptpMiniport - ok 15:59:04.0467 2432 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 15:59:04.0467 2432 Processor - ok 15:59:04.0514 2432 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 15:59:04.0514 2432 Psched - ok 15:59:04.0545 2432 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 15:59:04.0545 2432 PxHlpa64 - ok 15:59:04.0577 2432 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 15:59:04.0592 2432 ql2300 - ok 15:59:04.0623 2432 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 15:59:04.0623 2432 ql40xx - ok 15:59:04.0670 2432 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:59:04.0670 2432 QWAVEdrv - ok 15:59:04.0701 2432 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:59:04.0701 2432 RasAcd - ok 15:59:04.0733 2432 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:59:04.0733 2432 RasAgileVpn - ok 15:59:04.0764 2432 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:59:04.0764 2432 Rasl2tp - ok 15:59:04.0795 2432 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:59:04.0795 2432 RasPppoe - ok 15:59:04.0811 2432 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:59:04.0811 2432 RasSstp - ok 15:59:04.0842 2432 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 15:59:04.0842 2432 rdbss - ok 15:59:04.0857 2432 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 15:59:04.0873 2432 rdpbus - ok 15:59:04.0904 2432 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:59:04.0904 2432 RDPCDD - ok 15:59:04.0920 2432 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:59:04.0920 2432 RDPENCDD - ok 15:59:04.0951 2432 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:59:04.0951 2432 RDPREFMP - ok 15:59:04.0967 2432 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 15:59:04.0967 2432 RDPWD - ok 15:59:04.0998 2432 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 15:59:04.0998 2432 rdyboost - ok 15:59:05.0045 2432 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys 15:59:05.0045 2432 regi - ok 15:59:05.0076 2432 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 15:59:05.0076 2432 RFCOMM - ok 15:59:05.0107 2432 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys 15:59:05.0107 2432 rimspci - ok 15:59:05.0138 2432 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 15:59:05.0138 2432 RimVSerPort - ok 15:59:05.0169 2432 risdpcie (2eea929b8c4b6241bc945a3b173d9f71) C:\Windows\system32\DRIVERS\risdpe64.sys 15:59:05.0169 2432 risdpcie - ok 15:59:05.0201 2432 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys 15:59:05.0201 2432 risdsnpe - ok 15:59:05.0232 2432 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys 15:59:05.0232 2432 ROOTMODEM - ok 15:59:05.0263 2432 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:59:05.0263 2432 rspndr - ok 15:59:05.0294 2432 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys 15:59:05.0294 2432 sbp2port - ok 15:59:05.0325 2432 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 15:59:05.0325 2432 scfilter - ok 15:59:05.0357 2432 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\drivers\sdbus.sys 15:59:05.0357 2432 sdbus - ok 15:59:05.0388 2432 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:59:05.0388 2432 secdrv - ok 15:59:05.0419 2432 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 15:59:05.0419 2432 Serenum - ok 15:59:05.0435 2432 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 15:59:05.0450 2432 Serial - ok 15:59:05.0466 2432 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 15:59:05.0466 2432 sermouse - ok 15:59:05.0513 2432 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys 15:59:05.0513 2432 SFEP - ok 15:59:05.0544 2432 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:59:05.0544 2432 sffdisk - ok 15:59:05.0575 2432 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:59:05.0591 2432 sffp_mmc - ok 15:59:05.0606 2432 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys 15:59:05.0606 2432 sffp_sd - ok 15:59:05.0637 2432 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 15:59:05.0637 2432 sfloppy - ok 15:59:05.0669 2432 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys 15:59:05.0669 2432 Sftfs - ok 15:59:05.0715 2432 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys 15:59:05.0715 2432 Sftplay - ok 15:59:05.0747 2432 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys 15:59:05.0747 2432 Sftredir - ok 15:59:05.0762 2432 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys 15:59:05.0762 2432 Sftvol - ok 15:59:05.0809 2432 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 15:59:05.0825 2432 SiSRaid2 - ok 15:59:05.0856 2432 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 15:59:05.0856 2432 SiSRaid4 - ok 15:59:05.0887 2432 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:59:05.0887 2432 Smb - ok 15:59:05.0918 2432 smbusp (3b47f81c3c3b4742221a5391ef8d499d) C:\Windows\system32\DRIVERS\intelsmb.sys 15:59:05.0934 2432 smbusp - ok 15:59:05.0981 2432 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:59:05.0981 2432 spldr - ok 15:59:06.0043 2432 srv (148d50904d2a0df29a19778715eb35bb) C:\Windows\system32\DRIVERS\srv.sys 15:59:06.0043 2432 srv - ok 15:59:06.0074 2432 srv2 (ce2189fe31d36678ac9eb7ddee08ec96) C:\Windows\system32\DRIVERS\srv2.sys 15:59:06.0074 2432 srv2 - ok 15:59:06.0105 2432 srvnet (cb69edeb069a49577592835659cd0e46) C:\Windows\system32\DRIVERS\srvnet.sys 15:59:06.0105 2432 srvnet - ok 15:59:06.0152 2432 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 15:59:06.0152 2432 stexstor - ok 15:59:06.0183 2432 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 15:59:06.0183 2432 StillCam - ok 15:59:06.0230 2432 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 15:59:06.0230 2432 swenum - ok 15:59:06.0261 2432 swmsflt (851681f7d3200e2a646c5ee4d4e9883d) C:\Windows\System32\drivers\swmsflt.sys 15:59:06.0261 2432 swmsflt - ok 15:59:06.0293 2432 SWNC8U56 (c2ad3936249199c9d8187dcdea17ac25) C:\Windows\system32\DRIVERS\swnc8u56.sys 15:59:06.0293 2432 SWNC8U56 - ok 15:59:06.0324 2432 SWUMX56 (cc97ec73094cf0f47cd89aafba6d26f1) C:\Windows\system32\DRIVERS\swumx56.sys 15:59:06.0339 2432 SWUMX56 - ok 15:59:06.0339 2432 szkg5 - ok 15:59:06.0433 2432 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 15:59:06.0433 2432 Tcpip - ok 15:59:06.0464 2432 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 15:59:06.0480 2432 TCPIP6 - ok 15:59:06.0511 2432 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 15:59:06.0511 2432 tcpipreg - ok 15:59:06.0542 2432 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:59:06.0542 2432 TDPIPE - ok 15:59:06.0573 2432 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 15:59:06.0573 2432 TDTCP - ok 15:59:06.0605 2432 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 15:59:06.0605 2432 tdx - ok 15:59:06.0636 2432 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys 15:59:06.0636 2432 TermDD - ok 15:59:06.0745 2432 trufos (df219721ddffcbe03aa894b6b6742ba1) C:\Windows\system32\DRIVERS\trufos.sys 15:59:06.0745 2432 trufos - ok 15:59:06.0792 2432 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:59:06.0792 2432 tssecsrv - ok 15:59:06.0870 2432 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 15:59:06.0870 2432 tunnel - ok 15:59:06.0932 2432 TVICHW32 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW32.SYS 15:59:06.0948 2432 TVICHW32 - ok 15:59:07.0010 2432 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 15:59:07.0010 2432 uagp35 - ok 15:59:07.0073 2432 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys 15:59:07.0073 2432 udfs - ok 15:59:07.0135 2432 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:59:07.0135 2432 uliagpkx - ok 15:59:07.0182 2432 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 15:59:07.0182 2432 umbus - ok 15:59:07.0213 2432 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 15:59:07.0213 2432 UmPass - ok 15:59:07.0291 2432 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 15:59:07.0291 2432 USBAAPL64 - ok 15:59:07.0338 2432 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 15:59:07.0338 2432 usbccgp - ok 15:59:07.0385 2432 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:59:07.0400 2432 usbcir - ok 15:59:07.0431 2432 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys 15:59:07.0447 2432 usbehci - ok 15:59:07.0478 2432 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 15:59:07.0478 2432 usbhub - ok 15:59:07.0525 2432 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys 15:59:07.0525 2432 usbohci - ok 15:59:07.0587 2432 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 15:59:07.0587 2432 usbprint - ok 15:59:07.0650 2432 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS 15:59:07.0650 2432 USBSTOR - ok 15:59:07.0697 2432 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys 15:59:07.0697 2432 usbuhci - ok 15:59:07.0759 2432 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 15:59:07.0759 2432 usbvideo - ok 15:59:07.0837 2432 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:59:07.0837 2432 vdrvroot - ok 15:59:07.0899 2432 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:59:07.0899 2432 vga - ok 15:59:07.0931 2432 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:59:07.0931 2432 VgaSave - ok 15:59:07.0962 2432 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys 15:59:07.0977 2432 vhdmp - ok 15:59:08.0009 2432 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:59:08.0009 2432 viaide - ok 15:59:08.0040 2432 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys 15:59:08.0055 2432 volmgr - ok 15:59:08.0087 2432 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 15:59:08.0087 2432 volmgrx - ok 15:59:08.0133 2432 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys 15:59:08.0133 2432 volsnap - ok 15:59:08.0196 2432 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 15:59:08.0196 2432 vsmraid - ok 15:59:08.0243 2432 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 15:59:08.0258 2432 vwifibus - ok 15:59:08.0289 2432 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 15:59:08.0289 2432 vwififlt - ok 15:59:08.0336 2432 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 15:59:08.0336 2432 vwifimp - ok 15:59:08.0383 2432 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 15:59:08.0383 2432 WacomPen - ok 15:59:08.0430 2432 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 15:59:08.0430 2432 WANARP - ok 15:59:08.0445 2432 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 15:59:08.0445 2432 Wanarpv6 - ok 15:59:08.0508 2432 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 15:59:08.0508 2432 Wd - ok 15:59:08.0555 2432 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:59:08.0555 2432 Wdf01000 - ok 15:59:08.0617 2432 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:59:08.0617 2432 WfpLwf - ok 15:59:08.0664 2432 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:59:08.0664 2432 WIMMount - ok 15:59:08.0742 2432 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 15:59:08.0742 2432 WinUsb - ok 15:59:08.0804 2432 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 15:59:08.0804 2432 WmiAcpi - ok 15:59:08.0851 2432 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:59:08.0851 2432 ws2ifsl - ok 15:59:08.0898 2432 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 15:59:08.0898 2432 WudfPf - ok 15:59:08.0929 2432 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:59:08.0929 2432 WUDFRd - ok 15:59:08.0991 2432 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys 15:59:08.0991 2432 yukonw7 - ok 15:59:09.0054 2432 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 15:59:09.0210 2432 \Device\Harddisk0\DR0 - ok 15:59:09.0210 2432 Boot (0x1200) (ca1e0484e3abdd2c416ddfe2962c1845) \Device\Harddisk0\DR0\Partition0 15:59:09.0210 2432 \Device\Harddisk0\DR0\Partition0 - ok 15:59:09.0225 2432 Boot (0x1200) (d4b3b9b4d7e609a14c583c8d47894237) \Device\Harddisk0\DR0\Partition1 15:59:09.0225 2432 \Device\Harddisk0\DR0\Partition1 - ok 15:59:09.0225 2432 ============================================================ 15:59:09.0225 2432 Scan finished 15:59:09.0225 2432 ============================================================ 15:59:09.0225 2136 Detected object count: 0 15:59:09.0225 2136 Actual detected object count: 0 Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 15, 2011 (edited) any help is appreciated! I still can't visit most websites without being redirected to spam sites i had to try 10 times to download TDSkiller because it kept redirecting me from the kaspersky website TO the kaspersky website homepage WITH AN AFFILIATE ID LINK in it Also, one thing to note.... If I manually type in a website into my browser it works. Its only when I CLICK A LINK TO A WEBSITE that it will show that website in the address bar, wait a couple seconds(white screen), and then redirect to a spam site. Edited November 15, 2011 by itsjinx Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted November 15, 2011 Please, answer these questions: Is your computer connected to a router? Do you have several computers connected to a router? Do you have the same redirection issue with all computers? Do you have the same redirection issue both with Internet Explorer and Firefox in this computer? Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 15, 2011 (edited) Yes I am connected to a router This is the only computer on my home WEP secured network other than my iPad which works fine on the network, no issues with it at all. It only affects my IE and firefox browsers, not safari/chrome. there has to be some BHO in the browsers to make this work I would think??? I have scanned my computer with every anti virus imaginable and all of them came back clean, with the exception of kaspersky which said I had a "trojan.js.redirector" virus which it deleted but the problem persists and it scans clean now, and the infected file it deleted is still deleted. Not sure if this is any help, but if I use an HTTP proxy, such as sigmabypass.info or any of them,(in ie or firefox) then I can browse google fine And did I mentioned I want to give you a gift card for your help?? :-) Edited November 15, 2011 by itsjinx Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted November 15, 2011 Then the router hasn't been changed by the infection at least (But WEP is a rather poor encryption, WPA is much better.) What happens if you run Firefox and IE without any add-ons? Start - All programs - Mozilla Firefox - Mozilla Firefox (safe mode) Start - All programs - Accessories - System Tools - Internet Explorer (no add-ons) Please, post a new OTL.txt. Let us also see if DDS shows anything that OTL doesn't. Save DDS to your desktop: http://download.bleepingcomputer.com/sUBs/dds.scr Double-click on the DDS tool to run it. When finished, DDS will open two (2) logs: 1. DDS.txt 2. Attach.txt Save them to your desktop and paste their content into your answer. Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 16, 2011 CONTENTS OF DDS: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by derek at 23:29:10 on 2011-11-15 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8174.4907 [GMT -5:00] . AV: Trend Micro AntiVirus *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro AntiVirus *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\taskhost.exe C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe C:\Windows\system32\taskeng.exe C:\Program Files\Sony\VAIO Care\VCSpt.exe C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Windows\system32\Dwm.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Bitdefender\Bitdefender 2012\pchooklaunch64.exe C:\Program Files\Bitdefender\Bitdefender 2012\Antispam32\pchooklaunch32.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Program Files\Sony\VAIO Care\VCsystray.exe C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Windows\System32\vds.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Macromedia\Dreamweaver 8\Dreamweaver.exe C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com mStart Page = about:blank mURLSearchHooks: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll BHO: MP3 Rocket Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: MP3 Rocket Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll mRun: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\OnlyWire.LNK - C:\Program Files (x86)\OnlyWire\OnlyWireWindows.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6522/mcfscan.cab TCP: DhcpNameServer = 192.168.1.1 64.233.217.5 64.233.217.2 TCP: Interfaces\{BB9F53EC-CA10-40D8-B7C0-543D3FA66BF5} : DhcpNameServer = 64.233.217.5 64.233.217.2 TCP: Interfaces\{D726B9D6-BF17-49F0-A998-6B63D7E304A5} : DhcpNameServer = 192.168.1.1 64.233.217.5 64.233.217.2 TCP: Interfaces\{D726B9D6-BF17-49F0-A998-6B63D7E304A5}\14962707F6274713 : DhcpNameServer = 10.0.1.1 TCP: Interfaces\{D726B9D6-BF17-49F0-A998-6B63D7E304A5}\24F6279637E45647 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{D726B9D6-BF17-49F0-A998-6B63D7E304A5}\357514450284F6573756 : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{D726B9D6-BF17-49F0-A998-6B63D7E304A5}\45F64796E696 : DhcpNameServer = 68.87.64.216 68.87.66.216 TCP: Interfaces\{D726B9D6-BF17-49F0-A998-6B63D7E304A5}\55070756270225F657475627 : DhcpNameServer = 68.87.77.134 68.87.72.134 TCP: Interfaces\{D726B9D6-BF17-49F0-A998-6B63D7E304A5}\D4966496233373230243830373 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{FB07B180-9023-4FE7-AF57-C28120030C7B} : DhcpNameServer = 209.183.33.23 209.183.35.23 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache BHO-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll BHO-X64: Ad-Aware Security Toolbar - No File BHO-X64: MP3 Rocket Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO-X64: Ask Toolbar BHO - No File TB-X64: MP3 Rocket Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll mRun-x64: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com FF - prefs.js: browser.search.selectedEngine - Search The Web FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . ============= SERVICES / DRIVERS =============== . R0 avc3;avc3;C:\Windows\system32\DRIVERS\avc3.sys --> C:\Windows\system32\DRIVERS\avc3.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2011-3-1 89680] R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-8-10 102992] R1 BDVEDISK;BDVEDISK;C:\Windows\system32\DRIVERS\bdvedisk.sys --> C:\Windows\system32\DRIVERS\bdvedisk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-3-25 13336] R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-3-1 375176] R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2010-9-17 15928] R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?] R2 regi;regi;\??\C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?] R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688] R2 UPDATESRV;BitDefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [2011-10-20 62512] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?] R3 avchv;avchv Function Driver;C:\Windows\system32\DRIVERS\avchv.sys --> C:\Windows\system32\DRIVERS\avchv.sys [?] R3 avckf;avckf;C:\Windows\system32\DRIVERS\avckf.sys --> C:\Windows\system32\DRIVERS\avckf.sys [?] R3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\system32\drivers\NMgamingms.sys --> C:\Windows\system32\drivers\NMgamingms.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 MSSQL$DDNI;SQL Server (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-3-30 43010392] S2 risdpcie;risdpcie;C:\Windows\system32\DRIVERS\risdpe64.sys --> C:\Windows\system32\DRIVERS\risdpe64.sys [?] S2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?] S3 bdsandbox;bdsandbox;\??\C:\Windows\system32\drivers\bdsandbox.sys --> C:\Windows\system32\drivers\bdsandbox.sys [?] S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SampleCollector;Intel(R) Sample Collector;C:\Program Files\Sony\VAIO Care\collsvc.exe [2010-5-2 168448] S3 SWNC8U56;Sierra Wireless MUX NDIS Driver (UMTS56);C:\Windows\system32\DRIVERS\swnc8u56.sys --> C:\Windows\system32\DRIVERS\swnc8u56.sys [?] S3 SWUMX56;Sierra Wireless USB MUX Driver (UMTS56);C:\Windows\system32\DRIVERS\swumx56.sys --> C:\Windows\system32\DRIVERS\swumx56.sys [?] S3 Update Server;BitDefender Update Server v2;C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-14 466736] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-2 135664] S4 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-2 135664] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-30 47128] S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] S4 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2011-9-13 74336] S4 SMPDiskOptimizer;SMPDiskOptimizer;C:\Program Files (x86)\System Optimizer\SMPDefragSrv64.exe [2011-5-11 275456] S4 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-5-2 108400] S4 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-5-2 422768] S4 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-5-2 67952] S4 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-2-8 302448] S4 SQLAgent$DDNI;SQL Server Agent (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936] S4 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-5-2 574320] S4 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-3-18 852336] S4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776] S4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-2-19 386416] S4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568] S4 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-5-2 1223024] . =============== File Associations =============== . JSEFile=NOTEPAD.EXE %1 . =============== Created Last 30 ================ . 2011-11-15 22:20:43 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection 2011-11-15 22:20:40 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner 2011-11-15 22:20:33 -------- d-----w- C:\Program Files (x86)\adawaretb 2011-11-15 17:54:58 675416 ----a-w- C:\Windows\System32\drivers\avc3.sys.upd 2011-11-15 02:02:44 -------- d-sh--w- C:\$RECYCLE.BIN 2011-11-14 20:41:35 -------- d-----w- C:\ComboFix 2011-11-12 19:57:44 -------- d-----w- C:\Program Files (x86)\MP3 Rocket 2011-11-11 01:09:45 98816 ----a-w- C:\Windows\sed.exe 2011-11-11 01:09:45 518144 ----a-w- C:\Windows\SWREG.exe 2011-11-11 01:09:45 256000 ----a-w- C:\Windows\PEV.exe 2011-11-11 01:09:45 208896 ----a-w- C:\Windows\MBR.exe 2011-11-09 22:35:38 -------- d-----w- C:\Users\derek\AppData\Roaming\Malwarebytes 2011-11-09 22:35:28 -------- d-----w- C:\ProgramData\Malwarebytes 2011-11-09 22:35:23 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-11-09 22:13:20 -------- d-----w- C:\sh4ldr 2011-11-09 22:12:37 -------- d-----w- C:\Windows\89A072791DB3485AB1DF584DF86774B9.TMP 2011-11-09 22:12:37 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2011-11-07 23:45:44 134104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 2011-11-07 23:45:43 89048 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll 2011-11-07 23:45:43 801752 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll 2011-11-07 23:45:43 478168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll 2011-11-07 23:45:43 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll 2011-11-07 23:45:43 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll 2011-11-07 23:45:43 1989592 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2011-11-07 23:45:43 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll 2011-11-07 23:31:43 -------- d-----w- C:\Program Files (x86)\Lavasoft 2011-11-07 23:30:48 243637 ----a-w- C:\ProgramData\1320708220.bdinstall.bin 2011-11-07 23:28:52 -------- d-----w- C:\Users\derek\AppData\Roaming\Bitdefender 2011-11-07 23:28:46 -------- d-----w- C:\ProgramData\Bitdefender 2011-11-07 23:24:47 -------- d-----w- C:\Program Files\Bitdefender 2011-11-07 23:24:31 -------- d-----w- C:\Users\derek\AppData\Roaming\QuickScan 2011-11-07 23:23:43 329800 ----a-w- C:\Windows\System32\drivers\trufos.sys 2011-11-07 23:23:42 431176 ----a-w- C:\Windows\System32\drivers\bdfsfltr.sys 2011-11-07 23:23:23 -------- d-----w- C:\Program Files\Common Files\Bitdefender 2011-11-07 23:23:13 -------- d-----w- C:\Program Files (x86)\Common Files\Bitdefender 2011-11-07 22:39:34 -------- d-----w- C:\Users\derek\AppData\Local\Trend Micro 2011-11-07 00:27:48 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2011-11-07 00:27:48 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2011-11-07 00:21:25 835656 ----a-w- C:\Windows\SysWow64\WINCTL5.OCX 2011-11-07 00:21:25 608448 ----a-w- C:\Windows\SysWow64\COMCTL32.OCX 2011-11-07 00:21:25 495689 ----a-w- C:\Windows\SysWow64\WINUTIL6.DLL 2011-11-07 00:21:25 393216 ----a-w- C:\Windows\SysWow64\WINLCTL5.DLL 2011-11-07 00:21:24 212240 ----a-w- C:\Windows\SysWow64\Richtx32.ocx 2011-11-07 00:21:24 -------- d-----w- C:\Windows\McAfee.com 2011-11-07 00:00:44 13824 ----a-w- C:\Windows\System32\ffnd.exe 2011-11-06 23:06:25 -------- d-----w- C:\Users\derek\AppData\Roaming\FreeFixer 2011-11-06 23:06:25 -------- d-----w- C:\Users\derek\AppData\Local\FreeFixer 2011-11-06 23:06:23 -------- d-----w- C:\Program Files\FreeFixer 2011-11-05 17:52:50 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys 2011-11-04 23:09:56 -------- d-----w- C:\Users\derek\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1 2011-11-04 23:09:32 -------- d-----w- C:\Program Files (x86)\Market Samurai 2011-10-29 02:33:26 -------- d-----w- C:\Users\derek\AppData\Local\APN 2011-10-19 20:42:09 -------- d-----w- C:\Users\derek\AppData\Local\Spotify 2011-10-19 20:42:06 -------- d-----w- C:\Users\derek\AppData\Roaming\Spotify . ==================== Find3M ==================== . 2011-10-07 23:58:49 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll 2011-10-07 23:58:49 34688 ----a-w- C:\Windows\System32\LMIport.dll 2011-10-07 23:58:48 80768 ----a-w- C:\Windows\System32\LMIinit.dll 2011-10-01 20:49:36 0 ----a-w- C:\Windows\SysWow64\sho9564.tmp 2011-09-30 22:40:27 0 ----a-w- C:\Windows\SysWow64\sho78B0.tmp 2011-09-29 21:09:50 79952 ----a-w- C:\Windows\System32\drivers\bdsandbox.sys 2011-09-23 21:39:23 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-09-16 23:25:25 0 ----a-w- C:\Windows\SysWow64\sho8A99.tmp 2011-09-09 19:25:37 0 ----a-w- C:\Windows\SysWow64\shoB3C6.tmp 2011-09-01 16:15:10 553280 ----a-w- C:\Windows\System32\drivers\avckf.sys 2011-09-01 16:12:52 674904 ----a-w- C:\Windows\System32\drivers\avc3.sys 2011-08-31 22:43:56 0 ----a-w- C:\Windows\SysWow64\shoC64B.tmp 2011-08-24 21:10:27 0 ----a-w- C:\Windows\SysWow64\shoB497.tmp . ============= FINISH: 23:37:33.65 =============== Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 16, 2011 CONTENTS OF ATTACH.TXT: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 7/12/2010 7:18:25 PM System Uptime: 11/14/2011 6:22:09 PM (29 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz | N/A | 1734/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 586 GiB total, 454.148 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e96a-e325-11ce-bfc1-08002be10318} Description: Ricoh PCIe SD/MMC Host Controller Device ID: PCI\VEN_1180&DEV_E822&SUBSYS_9067104D&REV_00\4&33EC5E58&0&00E1 Manufacturer: Ricoh Company Name: Ricoh PCIe SD/MMC Host Controller PNP Device ID: PCI\VEN_1180&DEV_E822&SUBSYS_9067104D&REV_00\4&33EC5E58&0&00E1 Service: risdpcie . Class GUID: {4d36e96a-e325-11ce-bfc1-08002be10318} Description: Ricoh PCIe SD/MMC Host Controller Device ID: PCI\VEN_1180&DEV_E822&SUBSYS_9067104D&REV_00\4&33EC5E58&0&04E1 Manufacturer: Ricoh Company Name: Ricoh PCIe SD/MMC Host Controller PNP Device ID: PCI\VEN_1180&DEV_E822&SUBSYS_9067104D&REV_00\4&33EC5E58&0&04E1 Service: risdpcie . ==== System Restore Points =================== . RP236: 11/9/2011 5:12:54 PM - Installed SpyHunter RP238: 11/9/2011 5:21:21 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later. RP240: 11/9/2011 5:36:05 PM - Removed SpyHunter RP242: 11/9/2011 6:55:43 PM - Installed Ad-Aware RP244: 11/9/2011 6:57:11 PM - Installed Ad-Aware RP246: 11/10/2011 9:42:22 PM - Installed Ad-Aware RP248: 11/10/2011 9:42:38 PM - Installed Ad-Aware RP249: 11/14/2011 3:29:30 PM - ComboFix created restore point RP251: 11/15/2011 5:19:48 PM - Installed Ad-Aware RP253: 11/15/2011 5:20:09 PM - Installed Ad-Aware . ==== Installed Programs ====================== . . 7-Zip 4.65 AccuWeather.com Cirrus Ad-Aware Security Toolbar Adobe AIR Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Reader 9.4.6 Adobe Stock Photos 1.0 Apple Application Support Apple Software Update Application Manager for VAIO ArcSoft Magic-i Visual Effects 2 ArcSoft WebCam Companion 3 AviSynth 2.5 Brother MFL-Pro Suite MFC-790CW Carbonite Cisco Connect ControlCenter Corel WinDVD Evernote FileZilla Client 3.5.0 FLV Player 2.0 (build 25) FreeFixer FrostWire 4.21.6 Google Chrome Google Toolbar for Internet Explorer Google Update Helper GSA Auto SoftSubmit v6.94 GTK+ Runtime 2.14.7 rev a (remove only) HijackThis 2.0.0 Intel(R) Control Center Intel(R) Rapid Storage Technology Intel(R) Turbo Boost Technology Driver IZArc 4.1.2 Java Auto Updater Java(TM) 6 Update 18 Junk Mail filter update LogMeIn Macromedia Dreamweaver 8 Macromedia Extension Manager Macromedia Flash 8 Macromedia Flash 8 Video Encoder Market Samurai Media Gallery Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Professional Edition 2003 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server System CLR Types Microsoft Visual Basic 2010 Express - ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Mozilla Firefox 8.0 (x86 en-US) MP3 Rocket MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nokia Connectivity Adapter Cable DKU-5 OnlyWire OOBE Pidgin PMB PMB VAIO Edition Guide PMB VAIO Edition plug-in (Click to Disc) PMB VAIO Edition plug-in (VAIO Image Optimizer) PMB VAIO Edition plug-in (VAIO Movie Story) PromoSoft 1.811 QuickTime QuoteTracker Realtek High Definition Audio Driver Safari Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Service Pack 1 for SQL Server 2008 (KB968369) Setting Utility Series Skype™ 5.6 SmartWi Connection Utility Sony Home Network Library Sothink SWF Decompiler Spotify Sql Server Customer Experience Improvement Program System Optimizer Template Phrases for Microsoft Outlook 2.1 The News Trader Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) VAIO Care VAIO Content Monitoring Settings VAIO Control Center VAIO Data Restore Tool VAIO DVD Menu Data VAIO Entertainment Platform VAIO Event Service VAIO Gate VAIO Gate Default VAIO Hardware Diagnostics VAIO Help and Support VAIO Media plus VAIO Media plus Opening Movie VAIO Messenger VAIO Movie Story Template Data VAIO Original Function Settings VAIO Power Management VAIO Sample Contents VAIO Survey VAIO Transfer Support VAIO Update VAIO Wallpaper Contents VAIO Window Organizer Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU WD Diagnostics Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer . ==== Event Viewer Messages From Past Week ======== . 11/9/2011 9:52:02 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s). 11/9/2011 10:51:48 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{396104F6-772C-4BCF-9931-51F54D192B28}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:51:08 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C3BCAEE6-E2D2-46CB-A098-DABA31F9D39F}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:50:35 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{853530CC-6C88-4775-8ABB-86DE20BB6B1C}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:50:02 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{47A178E6-9696-49ED-A769-E2D4F3470C70}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:49:29 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C2D809B1-F507-4301-8CC6-FFCAF193A5EB}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:48:55 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{181BFFCC-6E6A-4756-905B-DD3B92EAA2E8}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:48:22 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{CBC47632-A7CE-4D2C-8CD4-6349409D887A}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:47:50 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{5C9D2596-FB1C-4B95-B770-21FCD14E9639}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:47:16 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B7DA2D8E-D900-40C2-9978-27B74394EB46}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:46:43 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C1469519-65AF-4A4C-880A-F0F08D9FC2FB}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:46:10 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{AAD11433-F5D1-437F-AD2C-12151CC7EB2E}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:45:39 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{D4D889E2-0F5A-4631-8A4A-BF3433D98EE4}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:45:09 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{284CAE2E-4E90-4C64-9102-DF9FB061FEBD}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:44:36 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A72481A5-EF85-4A1F-81FB-90842D141CE0}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:44:06 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{5509C73F-B95A-48EC-A5ED-5F9D9AAAD623}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:43:34 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{0A2B4071-FE98-4CEC-BC42-6CD869272096}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:42:21 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{53F3297E-AE3F-4C20-B41C-6B2333509BC4}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:41:06 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{489FA9D3-97D1-42C5-A53A-C17F5F01C211}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:40:06 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{52087D9C-E64C-40F1-AD77-E42E4C550FA6}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:39:10 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{F7D76317-BF01-40C1-AB63-63F326517B80}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:38:13 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B768F224-C975-4319-8940-804D5BFB0B47}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 10:37:14 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{BF142600-8176-4068-AA0A-58DA06BEB1C2}' was corrupted and it has been recovered. Some data might have been lost. 11/9/2011 1:35:38 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: trufos 11/8/2011 7:39:24 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{292AD6EB-4AB9-4DB8-8359-88DD8436E5C1}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:38:31 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{7A62A0BC-0943-4C04-91BD-DF250A7E768F}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:37:59 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{9BFFC1D1-B91C-4620-A7E9-AFDF3DA11217}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:37:27 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{D7E37398-F739-4B73-B332-9D7B65A686F3}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:36:55 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{81D0B84F-CF65-4BDC-AB29-D2B43A454B4E}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:36:22 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{9F595A7E-8812-4D0F-8CB3-6252F1EC7748}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:35:50 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{4D9EECCC-3011-4B68-B9B6-22D221DE08FF}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:35:17 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{74E6984E-0479-4339-A5B9-719A56D48B75}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:34:43 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{571624D9-3811-4AA2-AB1C-E19B6E347919}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:34:10 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B81EB4A9-6183-4E88-9D6B-2AF2B172C606}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:33:36 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{DA4E88F1-E9ED-4E97-B7B3-647F9D446D14}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:33:05 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{49D54FF9-91AE-4C1E-903D-814E5F001291}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:32:33 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{EF881314-CC40-4CAE-8C1C-A2A611BC4E1F}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:32:02 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A58044FF-40E8-4AB7-AF77-AC4CFCE35785}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:31:31 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{F246BEE6-CBBB-4F4D-9DD3-AB3CFEACECE4}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:31:01 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{DF6C90A9-A868-48FB-B948-FD4BFAFA2EA2}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:30:33 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{569D4DC1-0DC8-4DB1-8F7D-06F914C4F5AF}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:30:05 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{4D73487C-9479-442B-914E-DE591A57D9FB}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 7:29:36 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{F211ED9A-24AC-452E-8148-90929B8AB1EC}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:40:01 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C5C37A7E-3AC5-4F4A-8D84-BCB412481E5F}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:39:09 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{46291047-DC2D-4F4E-BC26-2A01C2AF7815}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:38:17 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{DA159B72-55FD-48C9-9999-7FC80619371F}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:37:26 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{2BCB0BC2-60AD-4ED3-98B6-8C0D1769FEE0}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:36:31 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A8452BEC-43DC-4E27-BFA0-74216E08D893}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:35:39 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{131781AF-0957-42EB-9C3B-C71E1942FB21}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:34:44 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A80FC280-020E-4658-A4A7-9C535BBF4C53}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:33:52 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{4BC71784-C8E3-4CBD-9768-A608BE968353}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:33:00 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{260AA289-65DF-45DB-80DF-3C9CC97263C2}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:32:10 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{F017DB16-5969-498D-A96B-7EAE46CDA355}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:31:20 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{3061432F-2E7B-4775-BB75-1BC602411FB5}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:30:30 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{46FDB7EE-EE57-4EBB-846E-B77C01EAF7A8}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:29:38 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A3CAD24D-833F-4A50-B013-9F7E58D3BDFC}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:28:48 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{2F15CCF3-325D-46B1-8B4F-0136194A3BA3}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:28:00 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{99C9C449-D11A-4FED-836E-148C5D7B3A2E}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:27:12 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{23C81E80-77FA-4E07-AFBB-37CD1C738480}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:26:25 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{0E4460DB-9569-4F99-A697-E7CE07EDCA21}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 6:25:34 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{05E9ECED-9D18-4D15-9BEE-AAE1718B7A43}' was corrupted and it has been recovered. Some data might have been lost. 11/8/2011 12:39:03 AM, Error: Service Control Manager [7000] - The Lbd service failed to start due to the following error: The system cannot find the file specified. 11/8/2011 12:23:52 AM, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/8/2011 12:14:09 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 11/8/2011 12:14:09 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 11/8/2011 12:14:09 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/8/2011 12:14:09 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/8/2011 12:14:09 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 11/8/2011 12:14:09 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/8/2011 12:14:09 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 11/8/2011 12:14:09 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 11/8/2011 12:14:09 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 11/8/2011 12:14:09 AM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/8/2011 12:14:09 AM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The pipe has been ended. 11/8/2011 11:33:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} 11/8/2011 11:10:16 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avc3 bdfsfltr bdfwfpf BDVEDISK discache spldr trufos Wanarpv6 11/15/2011 6:27:50 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\System32\config\COMPONENTS' was corrupted and it has been recovered. Some data might have been lost. 11/15/2011 5:19:43 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume . 11/15/2011 4:01:07 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error: An instance of the service is already running. 11/15/2011 4:00:07 AM, Error: Service Control Manager [7031] - The CarboniteService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/15/2011 12:33:11 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{ABEC5767-894C-49CF-87A9-3C57F6352B94}' was corrupted and it has been recovered. Some data might have been lost. 11/15/2011 12:30:17 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{5079C3C2-657D-4372-85F9-C54EE046AE83}' was corrupted and it has been recovered. Some data might have been lost. 11/15/2011 12:29:33 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{79A65D82-A62D-4D43-97AC-6D5DA9773521}' was corrupted and it has been recovered. Some data might have been lost. 11/15/2011 12:29:04 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{BE6C6601-1B56-4582-8B1A-9C5FCB75393C}' was corrupted and it has been recovered. Some data might have been lost. 11/15/2011 12:28:35 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{42F90F8D-ED3B-4142-B5C6-3E80BF42DCAF}' was corrupted and it has been recovered. Some data might have been lost. 11/15/2011 12:28:07 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{26295657-1744-4E43-B017-88EADDD63B56}' was corrupted and it has been recovered. Some data might have been lost. 11/15/2011 12:27:40 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B5F46C49-CD7D-4543-9222-F2D2305C0E04}' was corrupted and it has been recovered. Some data might have been lost. 11/15/2011 12:27:14 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{BDE3FE28-2B95-4220-A8FB-923888E56F29}' was corrupted and it has been recovered. Some data might have been lost. 11/15/2011 12:26:47 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C2A7F5E9-E361-4D73-A143-25045A9B6BEE}' was corrupted and it has been recovered. Some data might have been lost. 11/15/2011 12:26:20 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{FAED0AE0-2AD3-4486-9F04-988FB6B722F0}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 9:46:35 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{30F67932-7A45-40A3-9932-A1F6B287214C}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 9:45:44 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{9B7B7D32-E3FF-4433-B678-E9BC1C570DB1}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 9:44:52 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{04752D69-3029-4E1B-BB68-B87C38BE06DA}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 9:43:57 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B1AE172F-51E1-413C-A4CE-51CBD6B9BEEF}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 9:43:17 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{F98F4702-603F-4C18-A661-8626495C9A0F}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 9:42:37 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{3235D116-4AC9-41B8-98BD-E187C44085CF}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 9:41:59 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{BE2F9DA9-F012-4F50-B23A-4F97D2072A22}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 9:41:22 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{DBA0C014-B3A6-48F8-AA57-90E8F0BB4931}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 9:40:44 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A019C9EE-15D0-4B30-A130-FE81DE60C47A}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 9:40:06 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{90D558CE-1AF2-4224-848B-240C210B34E2}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 6:26:56 PM, Error: Service Control Manager [7024] - The SQL Server (DDNI) service terminated with service-specific error Access is denied.. 11/14/2011 6:23:29 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: szkg5 trufos 11/14/2011 6:23:09 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\derek\AppData\Local\Microsoft\Windows\UsrClass.dat' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 6:23:07 PM, Error: Service Control Manager [7000] - The risdsnpe service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 11/14/2011 6:23:03 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126 11/14/2011 6:22:37 PM, Error: Service Control Manager [7000] - The risdpcie service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. 11/14/2011 4:32:12 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 11/14/2011 3:52:59 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 11/14/2011 3:27:48 PM, Error: Service Control Manager [7034] - The LogMeIn Maintenance Service service terminated unexpectedly. It has done this 1 time(s). 11/14/2011 3:27:41 PM, Error: Service Control Manager [7034] - The LogMeIn service terminated unexpectedly. It has done this 1 time(s). 11/14/2011 3:27:38 PM, Error: Service Control Manager [7034] - The LMIGuardianSvc service terminated unexpectedly. It has done this 1 time(s). 11/14/2011 1:49:35 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{8ABBAF71-5968-4772-8FF8-989AB7DCF16F}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 1:49:02 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{93ADECFB-16AB-4005-81F5-3D72A940F0EB}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 1:48:29 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C591C5FD-9F38-4D05-9ADF-91771BFFD04C}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 1:47:56 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{1879AFB0-411C-46D8-9B82-356284E81D06}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 1:47:25 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{670846FA-47C5-4DAD-B03C-C0BC251833F8}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 1:46:54 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{CE0A5261-2CA2-4AF1-9A95-95D09A265637}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 1:46:23 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{068B311B-0A65-47B8-BF29-E5897319BAC3}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 1:45:50 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{DA591262-0DE0-45BC-8DC3-7D91AF316751}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 1:45:19 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{3346D814-CFAD-44DB-9CF1-0033FC83D58D}' was corrupted and it has been recovered. Some data might have been lost. 11/14/2011 1:44:44 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B0CE3E9C-D015-425F-9EC2-6FC71C0925FB}' was corrupted and it has been recovered. Some data might have been lost. 11/13/2011 9:05:31 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running. 11/13/2011 9:05:31 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Remote Access Connection Manager service, but this action failed with the following error: An instance of the service is already running. 11/13/2011 9:05:31 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error: An instance of the service is already running. 11/13/2011 9:04:30 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/13/2011 9:03:30 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/13/2011 8:53:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 11/13/2011 8:52:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. 11/13/2011 8:51:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hidserv service. 11/13/2011 8:50:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service. 11/13/2011 8:49:17 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running. 11/13/2011 8:47:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service. 11/13/2011 8:47:17 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/13/2011 8:47:17 PM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/13/2011 8:47:17 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/13/2011 8:47:17 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/13/2011 8:46:11 PM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s). 11/13/2011 5:55:38 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: szkg5 11/13/2011 5:52:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VSSERV service. 11/13/2011 5:52:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrustedInstaller service. 11/13/2011 5:52:14 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 11/13/2011 3:19:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service. 11/12/2011 8:51:34 PM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s). 11/12/2011 8:51:34 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/12/2011 8:51:34 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/12/2011 8:51:34 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/12/2011 8:51:34 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/12/2011 8:51:34 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/12/2011 8:51:34 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 11/12/2011 8:51:34 PM, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/12/2011 8:51:34 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/12/2011 8:51:34 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/12/2011 4:01:05 AM, Error: Service Control Manager [7023] - The CarboniteService service terminated with the following error: %%-2147418113 11/12/2011 12:13:35 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{15CFA321-EE23-40BE-8BB1-98266AC2C3B8}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:13:00 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{E81C9857-11A1-45DD-AEB8-CC765681677D}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:12:27 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{393E9825-B37F-43CB-9655-F16CB8CF7532}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:11:55 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{8F0D4266-1943-4C60-BF78-4678963B5781}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:11:21 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{6FFC78BE-1222-46F8-8DCE-16A10A4905CA}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:10:46 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{8D2D35C2-3B63-4EA7-8046-DBCCEA1EB6CA}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:10:11 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{F8439169-BD96-4119-8D9F-F051EE098F21}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:09:37 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{96736EA8-F072-4312-8333-22335CBDE4D3}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:09:03 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C70279FC-2CB0-46D2-A85C-6C066944BC10}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:08:30 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{F0E18A91-B9E9-4334-9487-BF5F04A4B4D4}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:07:53 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{2E9C26B9-A7EC-4114-8543-F854B1647F0E}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:07:21 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{DB346EB0-5527-4664-BE48-E2E6B87F1F8B}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:06:49 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A921E825-BC3E-46DD-9773-E5AE89F0DE21}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:06:17 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{CC1A6DCA-F55B-49F2-9501-0F82783FFC69}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:05:46 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{6E7097E5-71FD-434B-A1D7-36405EC89385}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:05:14 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{D979CF8D-D761-440D-AF62-CB144E340706}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:04:44 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{2FBF6591-463B-4269-A97B-B150177EB196}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:04:14 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{722E08C8-9A1D-4D7A-8DEE-AB09CFD99963}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:03:49 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{2C59C893-81AC-45C3-BC0B-C6697B784D27}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:03:22 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{086547A4-6A8A-422A-A843-47217093E20F}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:02:52 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{D4006A78-D6CF-4FF5-9EDC-AF9121D8F471}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:02:26 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{60BF6826-05E6-4EF8-A854-F686AA7DAEAA}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:01:57 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{8DBA8AEE-C9FF-4E9D-B04E-DBEC1CAD07A7}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:01:32 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{6D4E367A-7CE0-4972-8C67-A63CE9AB166C}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:01:07 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{1D984539-3F97-4145-A1F5-1550A847B60F}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:00:41 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{3F1AFAD6-D0BA-452A-90E7-33443ABC08CB}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 12:00:12 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{8DF4652B-181A-4926-8D37-C122859EB34C}' was corrupted and it has been recovered. Some data might have been lost. 11/12/2011 10:36:46 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{BC5BA293-7460-42CC-BEEC-8863BE8BF812}' was corrupted and it has been recovered. Some data might have been lost. 11/11/2011 6:07:35 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{DC74FCA8-FE2F-4A9A-A67B-DF6120B4E4E6}' was corrupted and it has been recovered. Some data might have been lost. 11/11/2011 6:06:50 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{586C20EB-4693-4280-8BC1-01FD7A3F662B}' was corrupted and it has been recovered. Some data might have been lost. 11/11/2011 6:05:52 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{FF4EB316-1BBB-4D62-B5D6-7E486A96237C}' was corrupted and it has been recovered. Some data might have been lost. 11/11/2011 6:04:49 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B13EB088-3F19-4799-955B-5D15B283734B}' was corrupted and it has been recovered. Some data might have been lost. 11/11/2011 6:03:55 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{EDA5AB1D-F5F9-40DD-AFFF-49D32D99F07F}' was corrupted and it has been recovered. Some data might have been lost. 11/11/2011 6:03:04 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{30C712F2-C27D-4642-885B-906659975A42}' was corrupted and it has been recovered. Some data might have been lost. 11/11/2011 6:02:02 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{5465E719-59F9-4CDA-850A-3216DAB07C89}' was corrupted and it has been recovered. Some data might have been lost. 11/11/2011 6:01:03 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{D3A26706-8F79-4377-9D8B-84AE5A7C8CED}' was corrupted and it has been recovered. Some data might have been lost. 11/11/2011 6:00:07 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{0DBB74C1-B55E-48B6-9406-2FAD793F6DC5}' was corrupted and it has been recovered. Some data might have been lost. 11/11/2011 5:55:16 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{88A09548-A0B8-44BD-8783-DC70D767DC81}' was corrupted and it has been recovered. Some data might have been lost. 11/11/2011 2:29:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 11/11/2011 2:22:56 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 11/11/2011 2:22:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 11/11/2011 2:22:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 11/11/2011 2:22:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 11/11/2011 2:22:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 11/11/2011 2:22:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 11/11/2011 2:22:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service CarboniteService with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666} 11/11/2011 2:22:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 11/11/2011 2:22:21 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avc3 BdfNdisf bdfsfltr bdfwfpf BDVEDISK DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr szkg5 tdx trufos vwififlt Wanarpv6 WfpLwf 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 11/11/2011 2:22:21 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start. 11/10/2011 9:00:04 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 11/10/2011 8:05:44 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 21 11/10/2011 8:05:29 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avc3 bdfsfltr bdfwfpf BDVEDISK discache spldr szkg5 trufos Wanarpv6 11/10/2011 5:20:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CarboniteService service. 11/10/2011 5:20:49 PM, Error: Service Control Manager [7024] - The Superfetch service terminated with service-specific error The operation completed successfully.. 11/10/2011 12:12:04 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{331ACD0C-7FFA-4BBF-A4EE-A7B2D06CCD67}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:11:30 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{9B0074D3-6E30-49C3-8A11-27CE65C40CB6}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:10:55 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{FAEE8ED2-81D1-4A96-88AE-E92360A366F1}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:10:21 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{0C6AE90F-A423-422E-92B7-B4C96E440C98}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:09:49 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{2485D4E1-63F5-4B3D-BAFC-60FFBDA86362}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:09:18 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{4D2F014F-007D-4CB5-BA87-73423712C5A5}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:08:49 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{27BF58CB-DEB6-45A1-BCBD-18A722DCA579}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:08:20 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{903A3744-BF1B-444B-A068-0B840B3DE849}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:07:52 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{F9B65785-B79B-48E8-9759-42755CD559E0}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:07:23 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{778629BC-5B00-4224-AD18-02A96080E0D8}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:06:54 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C2630827-7587-42B9-B23B-E49C8764AFA7}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:06:26 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{71C35F17-38AF-4D27-81B3-D6AEEEBAFECE}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:05:56 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A30C3207-A811-48D6-811F-45B9F894630B}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:05:27 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C1FC546E-620A-421E-B95C-23B024BAF801}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:04:58 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{FCFF952E-E9A2-4F14-81A4-BC302AFBF014}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:04:31 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{906C31D0-317B-4EBC-8E68-050DCEF8B5F3}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:04:05 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{ECB85C6A-0346-46B3-8340-7B3930F3BC3C}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:03:39 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{088ACC32-E115-4A17-8A67-2C703E9103BB}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:03:13 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{95AC8D10-DAED-422A-8285-0E7476816EF1}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:02:47 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{108CCDDA-0239-4115-8E7B-82C79D68D99E}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:02:21 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{4BBBC335-1657-4F2E-ADD0-196C8A5D6855}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:01:53 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{115A4FB7-C3A5-42D1-9B9D-17DF131CF2D5}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:01:27 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{AC88B5D6-309E-4C97-8FFA-B7B6F7D7C63B}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:01:03 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B85DAE14-6703-43C0-8416-57661B1ABE51}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:00:36 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A6C39F01-B2DA-4603-A549-FBCD42FBFAD3}' was corrupted and it has been recovered. Some data might have been lost. 11/10/2011 12:00:10 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{926d6b17-64fd-11df-a0f1-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{85877463-B421-4A9E-B542-D97BC5880985}' was corrupted and it has been recovered. Some data might have been lost. . ==== End Of File =========================== Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted November 16, 2011 What happens if you run Firefox and IE without any add-ons? Start - All programs - Mozilla Firefox - Mozilla Firefox (safe mode) Start - All programs - Accessories - System Tools - Internet Explorer (no add-ons) Share this post Link to post Share on other sites
itsjinx 0 Report post Posted November 16, 2011 Also, I tried in IE safe mode and the redirects still happen. I can't test firefox safemode because I don't have the Programs -> Mozilla folder in my start menu for some reason... Regardless, if IE in safemode still has the issue, what on earth could be doing this???? Could there be an open "process" that is monitoring all IE/Firefox browsers and redirecting when I click a link? That would seem pretty hard to do as opposed to something "inside" browser settings like a hidden proxy or something.... I'm so confused :-( Share this post Link to post Share on other sites
