Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google analytics pop-up. Is it spyware?

Started by af1 , Apr 17 2012 12:26 PM

  • Please log in to reply
11 replies to this topic

#1 af1

af1

    New Member

  • Members
  • Pip
  • 7 posts

Posted 17 April 2012 - 12:26 PM

I have seen a similar thread here: [url="http://www.bleepingcomputer.com/forums/topic449943.html"[/url], but I have a 64 bit OS running windows 7 - not the 32 bit version outlined in the thread. It is basically a pop-up that randomly shows itself in the bottom right hand corner of my Firefox and Chrome browsers.

None of my anti-virus softs have been able to detect it, let alone remove it. Eset and SuperAnti spyware and Emisoft.

I have seen the user "narenxp" help another member here and hope he can assist me.

I also have found these in my hosts file sitting at the bottom of the file:

188.119.151.111 www.google-analytics.com.
188.119.151.111 ad-emea.doubleclick.net.
188.119.151.111 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

I would like to think the process of removal to be the same as the thread specified above, but want to make certain before I proceed.

Anyone with knowledge on how to remove this annoyance would be very appreciated.

Thank you.

Edited by af1, 17 April 2012 - 12:34 PM.

 

  • BC Ads
  • BleepingComputer.com

#2 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,366 posts
  • Gender:Male
  • Location:India

Posted 17 April 2012 - 01:48 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 af1

af1

    New Member

  • Members
  • Pip
  • 7 posts

Posted 17 April 2012 - 05:07 PM

Thanks for the help narenxp!

Here is the initail scan:
15:00:15.0729 1984 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
15:00:16.0206 1984 ============================================================
15:00:16.0206 1984 Current date / time: 2012/04/17 15:00:16.0206
15:00:16.0206 1984 SystemInfo:
15:00:16.0206 1984
15:00:16.0206 1984 OS Version: 6.1.7601 ServicePack: 1.0
15:00:16.0206 1984 Product type: Workstation
15:00:16.0206 1984 ComputerName: OWNER-PC
15:00:16.0206 1984 UserName: Owner
15:00:16.0206 1984 Windows directory: C:\Windows
15:00:16.0206 1984 System windows directory: C:\Windows
15:00:16.0206 1984 Running under WOW64
15:00:16.0206 1984 Processor architecture: Intel x64
15:00:16.0206 1984 Number of processors: 8
15:00:16.0206 1984 Page size: 0x1000
15:00:16.0206 1984 Boot type: Normal boot
15:00:16.0206 1984 ============================================================
15:00:17.0348 1984 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
15:00:17.0351 1984 \Device\Harddisk0\DR0:
15:00:17.0351 1984 MBR used
15:00:17.0351 1984 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:00:17.0351 1984 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x621DB000
15:00:17.0374 1984 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x6220E800, BlocksNum 0x927B800
15:00:17.0374 1984 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6B48A000, BlocksNum 0x927B800
15:00:17.0453 1984 Initialize success
15:00:17.0453 1984 ============================================================
15:01:43.0430 1116 ============================================================
15:01:43.0430 1116 Scan started
15:01:43.0430 1116 Mode: Manual; TDLFS;
15:01:43.0430 1116 ============================================================
15:01:43.0686 1116 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
15:01:43.0687 1116 !SASCORE - ok
15:01:43.0774 1116 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:01:43.0776 1116 1394ohci - ok
15:01:43.0793 1116 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:01:43.0796 1116 ACPI - ok
15:01:43.0809 1116 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:01:43.0819 1116 AcpiPmi - ok
15:01:43.0927 1116 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:01:43.0928 1116 AdobeFlashPlayerUpdateSvc - ok
15:01:44.0010 1116 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:01:44.0042 1116 adp94xx - ok
15:01:44.0077 1116 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:01:44.0099 1116 adpahci - ok
15:01:44.0112 1116 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:01:44.0115 1116 adpu320 - ok
15:01:44.0140 1116 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:01:44.0140 1116 AeLookupSvc - ok
15:01:44.0214 1116 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:01:44.0218 1116 AFD - ok
15:01:44.0252 1116 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:01:44.0264 1116 agp440 - ok
15:01:44.0277 1116 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:01:44.0279 1116 ALG - ok
15:01:44.0299 1116 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:01:44.0309 1116 aliide - ok
15:01:44.0352 1116 AMD External Events Utility (812349d328eb406815183a5d17b49e7c) C:\Windows\system32\atiesrxx.exe
15:01:44.0353 1116 AMD External Events Utility - ok
15:01:44.0366 1116 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:01:44.0376 1116 amdide - ok
15:01:44.0438 1116 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:01:44.0463 1116 AmdK8 - ok
15:01:44.0588 1116 amdkmdag (0415ffe1b6a6ea141feafca57567f57f) C:\Windows\system32\DRIVERS\atikmdag.sys
15:01:44.0683 1116 amdkmdag - ok
15:01:44.0771 1116 amdkmdap (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\Windows\system32\DRIVERS\atikmpag.sys
15:01:44.0775 1116 amdkmdap - ok
15:01:44.0796 1116 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:01:44.0806 1116 AmdPPM - ok
15:01:44.0848 1116 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:01:44.0867 1116 amdsata - ok
15:01:44.0882 1116 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:01:44.0900 1116 amdsbs - ok
15:01:44.0922 1116 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:01:44.0931 1116 amdxata - ok
15:01:45.0021 1116 Apache2.2 (f41e453a90ef19217cee1675f5256ee7) c:\xampp\apache\bin\httpd.exe
15:01:45.0021 1116 Apache2.2 - ok
15:01:45.0099 1116 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:01:45.0113 1116 AppID - ok
15:01:45.0135 1116 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:01:45.0136 1116 AppIDSvc - ok
15:01:45.0166 1116 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:01:45.0175 1116 Appinfo - ok
15:01:45.0208 1116 AppleCharger (a632d9ea15f37d2605a7fcaf3892ec96) C:\Windows\system32\DRIVERS\AppleCharger.sys
15:01:45.0209 1116 AppleCharger - ok
15:01:45.0221 1116 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
15:01:45.0234 1116 AppleChargerSrv - ok
15:01:45.0298 1116 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
15:01:45.0315 1116 AppMgmt - ok
15:01:45.0359 1116 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:01:45.0370 1116 arc - ok
15:01:45.0379 1116 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:01:45.0381 1116 arcsas - ok
15:01:45.0437 1116 ArcSec - ok
15:01:45.0520 1116 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:01:45.0521 1116 aspnet_state - ok
15:01:45.0584 1116 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:01:45.0594 1116 AsyncMac - ok
15:01:45.0619 1116 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:01:45.0619 1116 atapi - ok
15:01:45.0686 1116 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
15:01:45.0704 1116 AtiHDAudioService - ok
15:01:45.0751 1116 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:01:45.0754 1116 AudioEndpointBuilder - ok
15:01:45.0761 1116 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:01:45.0764 1116 AudioSrv - ok
15:01:45.0831 1116 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:01:45.0844 1116 AxInstSV - ok
15:01:45.0891 1116 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:01:45.0897 1116 b06bdrv - ok
15:01:45.0935 1116 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:01:45.0947 1116 b57nd60a - ok
15:01:45.0987 1116 BCUService (382b151daffe4a9ce9da9f564b66761e) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
15:01:45.0988 1116 BCUService - ok
15:01:46.0011 1116 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:01:46.0013 1116 BDESVC - ok
15:01:46.0049 1116 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:01:46.0050 1116 Beep - ok
15:01:46.0099 1116 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:01:46.0102 1116 BFE - ok
15:01:46.0135 1116 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:01:46.0143 1116 BITS - ok
15:01:46.0184 1116 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:01:46.0195 1116 blbdrive - ok
15:01:46.0218 1116 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:01:46.0252 1116 bowser - ok
15:01:46.0300 1116 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:01:46.0301 1116 BrFiltLo - ok
15:01:46.0316 1116 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:01:46.0317 1116 BrFiltUp - ok
15:01:46.0343 1116 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:01:46.0344 1116 Browser - ok
15:01:46.0375 1116 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:01:46.0387 1116 Brserid - ok
15:01:46.0417 1116 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:01:46.0427 1116 BrSerWdm - ok
15:01:46.0443 1116 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:01:46.0453 1116 BrUsbMdm - ok
15:01:46.0464 1116 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:01:46.0465 1116 BrUsbSer - ok
15:01:46.0505 1116 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:01:46.0515 1116 BTHMODEM - ok
15:01:46.0542 1116 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:01:46.0558 1116 bthserv - ok
15:01:46.0586 1116 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:01:46.0599 1116 cdfs - ok
15:01:46.0656 1116 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:01:46.0668 1116 cdrom - ok
15:01:46.0708 1116 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:01:46.0722 1116 CertPropSvc - ok
15:01:46.0783 1116 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:01:46.0784 1116 circlass - ok
15:01:46.0819 1116 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:01:46.0822 1116 CLFS - ok
15:01:46.0852 1116 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:01:46.0853 1116 clr_optimization_v2.0.50727_32 - ok
15:01:46.0878 1116 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:01:46.0878 1116 clr_optimization_v2.0.50727_64 - ok
15:01:46.0970 1116 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:01:46.0971 1116 clr_optimization_v4.0.30319_32 - ok
15:01:47.0023 1116 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:01:47.0024 1116 clr_optimization_v4.0.30319_64 - ok
15:01:47.0081 1116 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:01:47.0090 1116 CmBatt - ok
15:01:47.0151 1116 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:01:47.0161 1116 cmdide - ok
15:01:47.0198 1116 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:01:47.0213 1116 CNG - ok
15:01:47.0230 1116 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:01:47.0241 1116 Compbatt - ok
15:01:47.0279 1116 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:01:47.0281 1116 CompositeBus - ok
15:01:47.0315 1116 COMSysApp - ok
15:01:47.0332 1116 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:01:47.0333 1116 crcdisk - ok
15:01:47.0368 1116 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:01:47.0369 1116 CryptSvc - ok
15:01:47.0394 1116 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
15:01:47.0400 1116 CSC - ok
15:01:47.0418 1116 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
15:01:47.0424 1116 CscService - ok
15:01:47.0462 1116 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:01:47.0464 1116 DcomLaunch - ok
15:01:47.0486 1116 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:01:47.0489 1116 defragsvc - ok
15:01:47.0545 1116 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:01:47.0561 1116 DfsC - ok
15:01:47.0581 1116 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:01:47.0582 1116 Dhcp - ok
15:01:47.0605 1116 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:01:47.0606 1116 discache - ok
15:01:47.0633 1116 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:01:47.0642 1116 Disk - ok
15:01:47.0666 1116 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:01:47.0667 1116 Dnscache - ok
15:01:47.0709 1116 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:01:47.0712 1116 dot3svc - ok
15:01:47.0759 1116 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:01:47.0760 1116 DPS - ok
15:01:47.0788 1116 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:01:47.0798 1116 drmkaud - ok
15:01:47.0836 1116 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:01:47.0841 1116 DXGKrnl - ok
15:01:47.0890 1116 eamonm (13533557d01b88c83110d5cf749f14d7) C:\Windows\system32\DRIVERS\eamonm.sys
15:01:47.0904 1116 eamonm - ok
15:01:47.0929 1116 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:01:47.0939 1116 EapHost - ok
15:01:48.0031 1116 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:01:48.0078 1116 ebdrv - ok
15:01:48.0106 1116 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:01:48.0107 1116 EFS - ok
15:01:48.0154 1116 ehdrv (e097728129e7b79bf1089d7aef42332b) C:\Windows\system32\DRIVERS\ehdrv.sys
15:01:48.0164 1116 ehdrv - ok
15:01:48.0221 1116 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:01:48.0226 1116 ehRecvr - ok
15:01:48.0260 1116 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:01:48.0260 1116 ehSched - ok
15:01:48.0311 1116 ekrn (f0eebac2f362aa866188a1c0ef819cb9) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
15:01:48.0314 1116 ekrn - ok
15:01:48.0367 1116 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:01:48.0373 1116 elxstor - ok
15:01:48.0431 1116 epfw (198c6fbc30bbd9632ea051203dccf204) C:\Windows\system32\DRIVERS\epfw.sys
15:01:48.0433 1116 epfw - ok
15:01:48.0468 1116 EpfwLWF (56de463f517710a8aa44eef82c35b3c9) C:\Windows\system32\DRIVERS\EpfwLWF.sys
15:01:48.0486 1116 EpfwLWF - ok
15:01:48.0503 1116 epfwwfp (710b0442bb2f99278d7b8e02a8849c11) C:\Windows\system32\DRIVERS\epfwwfp.sys
15:01:48.0512 1116 epfwwfp - ok
15:01:48.0533 1116 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:01:48.0543 1116 ErrDev - ok
15:01:48.0588 1116 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:01:48.0590 1116 EventSystem - ok
15:01:48.0621 1116 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:01:48.0641 1116 exfat - ok
15:01:48.0670 1116 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:01:48.0690 1116 fastfat - ok
15:01:48.0743 1116 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:01:48.0750 1116 Fax - ok
15:01:48.0769 1116 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:01:48.0788 1116 fdc - ok
15:01:48.0823 1116 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:01:48.0824 1116 fdPHost - ok
15:01:48.0838 1116 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:01:48.0838 1116 FDResPub - ok
15:01:48.0849 1116 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:01:48.0859 1116 FileInfo - ok
15:01:48.0885 1116 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:01:48.0898 1116 Filetrace - ok
15:01:48.0927 1116 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:01:48.0928 1116 flpydisk - ok
15:01:48.0972 1116 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:01:48.0993 1116 FltMgr - ok
15:01:49.0033 1116 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:01:49.0038 1116 FontCache - ok
15:01:49.0087 1116 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:01:49.0088 1116 FontCache3.0.0.0 - ok
15:01:49.0158 1116 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:01:49.0185 1116 FsDepends - ok
15:01:49.0236 1116 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:01:49.0245 1116 Fs_Rec - ok
15:01:49.0301 1116 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:01:49.0303 1116 fvevol - ok
15:01:49.0323 1116 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:01:49.0351 1116 gagp30kx - ok
15:01:49.0371 1116 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
15:01:49.0371 1116 gdrv - ok
15:01:49.0426 1116 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:01:49.0429 1116 gpsvc - ok
15:01:49.0444 1116 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:01:49.0446 1116 hcw85cir - ok
15:01:49.0502 1116 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:01:49.0506 1116 HdAudAddService - ok
15:01:49.0542 1116 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:01:49.0543 1116 HDAudBus - ok
15:01:49.0561 1116 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:01:49.0580 1116 HidBatt - ok
15:01:49.0593 1116 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:01:49.0604 1116 HidBth - ok
15:01:49.0621 1116 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:01:49.0640 1116 HidIr - ok
15:01:49.0677 1116 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:01:49.0677 1116 hidserv - ok
15:01:49.0728 1116 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:01:49.0737 1116 HidUsb - ok
15:01:49.0763 1116 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:01:49.0765 1116 hkmsvc - ok
15:01:49.0797 1116 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:01:49.0799 1116 HomeGroupListener - ok
15:01:49.0825 1116 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:01:49.0827 1116 HomeGroupProvider - ok
15:01:49.0847 1116 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:01:49.0848 1116 HpSAMD - ok
15:01:49.0902 1116 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:01:49.0907 1116 HTTP - ok
15:01:49.0938 1116 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:01:49.0938 1116 hwpolicy - ok
15:01:49.0985 1116 HyperDeskCustomThemeEnabler (ea644a529809d2218c0d7062582dd4dd) C:\Windows\Installer\MSI8AAF.tmp
15:01:49.0985 1116 HyperDeskCustomThemeEnabler - ok
15:01:50.0020 1116 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:01:50.0030 1116 i8042prt - ok
15:01:50.0060 1116 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:01:50.0074 1116 iaStorV - ok
15:01:50.0132 1116 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:01:50.0139 1116 idsvc - ok
15:01:50.0196 1116 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:01:50.0198 1116 iirsp - ok
15:01:50.0235 1116 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:01:50.0243 1116 IKEEXT - ok
15:01:50.0302 1116 IntcAzAudAddService (163f94ebf8f8a98616a6b804af08d736) C:\Windows\system32\drivers\RTKVHD64.sys
15:01:50.0319 1116 IntcAzAudAddService - ok
15:01:50.0348 1116 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:01:50.0349 1116 intelide - ok
15:01:50.0417 1116 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:01:50.0418 1116 intelppm - ok
15:01:50.0436 1116 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:01:50.0449 1116 IPBusEnum - ok
15:01:50.0472 1116 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:01:50.0474 1116 IpFilterDriver - ok
15:01:50.0506 1116 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:01:50.0512 1116 iphlpsvc - ok
15:01:50.0529 1116 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:01:50.0531 1116 IPMIDRV - ok
15:01:50.0550 1116 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:01:50.0563 1116 IPNAT - ok
15:01:50.0623 1116 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:01:50.0624 1116 IRENUM - ok
15:01:50.0656 1116 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:01:50.0666 1116 isapnp - ok
15:01:50.0683 1116 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:01:50.0695 1116 iScsiPrt - ok
15:01:50.0760 1116 JMB36X (f3a41ec4c6506e76e07a219b3a1df8d2) C:\Windows\SysWOW64\XSrvSetup.exe
15:01:50.0761 1116 JMB36X - ok
15:01:50.0779 1116 JRAID (1c368c1a2733dcc5b8e15420aa2b0f6d) C:\Windows\system32\DRIVERS\jraid.sys
15:01:50.0790 1116 JRAID - ok
15:01:50.0862 1116 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:01:50.0863 1116 kbdclass - ok
15:01:50.0897 1116 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:01:50.0898 1116 kbdhid - ok
15:01:50.0931 1116 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:01:50.0932 1116 KeyIso - ok
15:01:50.0946 1116 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:01:50.0948 1116 KSecDD - ok
15:01:50.0960 1116 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:01:50.0970 1116 KSecPkg - ok
15:01:50.0993 1116 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:01:51.0003 1116 ksthunk - ok
15:01:51.0048 1116 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:01:51.0053 1116 KtmRm - ok
15:01:51.0102 1116 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:01:51.0104 1116 LanmanServer - ok
15:01:51.0133 1116 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:01:51.0135 1116 LanmanWorkstation - ok
15:01:51.0165 1116 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:01:51.0175 1116 lltdio - ok
15:01:51.0199 1116 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:01:51.0204 1116 lltdsvc - ok
15:01:51.0216 1116 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:01:51.0217 1116 lmhosts - ok
15:01:51.0273 1116 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:01:51.0284 1116 LSI_FC - ok
15:01:51.0298 1116 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:01:51.0309 1116 LSI_SAS - ok
15:01:51.0325 1116 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:01:51.0336 1116 LSI_SAS2 - ok
15:01:51.0355 1116 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:01:51.0365 1116 LSI_SCSI - ok
15:01:51.0395 1116 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:01:51.0397 1116 luafv - ok
15:01:51.0455 1116 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:01:51.0457 1116 Mcx2Svc - ok
15:01:51.0564 1116 Media Center 16 Service (36f23e3581e8e40d80106c1abdca8abd) C:\Program Files (x86)\J River\Media Center 16\JRService.exe
15:01:51.0581 1116 Media Center 16 Service - ok
15:01:51.0620 1116 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:01:51.0639 1116 megasas - ok
15:01:51.0681 1116 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:01:51.0696 1116 MegaSR - ok
15:01:51.0759 1116 Microsoft SharePoint Workspace Audit Service - ok
15:01:51.0792 1116 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:01:51.0793 1116 MMCSS - ok
15:01:51.0808 1116 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:01:51.0809 1116 Modem - ok
15:01:51.0852 1116 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:01:51.0852 1116 monitor - ok
15:01:51.0888 1116 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:01:51.0889 1116 mouclass - ok
15:01:51.0952 1116 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:01:51.0953 1116 mouhid - ok
15:01:52.0002 1116 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:01:52.0002 1116 mountmgr - ok
15:01:52.0040 1116 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:01:52.0045 1116 mpio - ok
15:01:52.0062 1116 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:01:52.0072 1116 mpsdrv - ok
15:01:52.0107 1116 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:01:52.0110 1116 MpsSvc - ok
15:01:52.0151 1116 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:01:52.0154 1116 MRxDAV - ok
15:01:52.0190 1116 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:01:52.0215 1116 mrxsmb - ok
15:01:52.0252 1116 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:01:52.0288 1116 mrxsmb10 - ok
15:01:52.0302 1116 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:01:52.0312 1116 mrxsmb20 - ok
15:01:52.0341 1116 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:01:52.0351 1116 msahci - ok
15:01:52.0390 1116 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:01:52.0402 1116 msdsm - ok
15:01:52.0438 1116 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:01:52.0441 1116 MSDTC - ok
15:01:52.0491 1116 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:01:52.0492 1116 Msfs - ok
15:01:52.0507 1116 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:01:52.0508 1116 mshidkmdf - ok
15:01:52.0519 1116 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:01:52.0528 1116 msisadrv - ok
15:01:52.0554 1116 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:01:52.0556 1116 MSiSCSI - ok
15:01:52.0562 1116 msiserver - ok
15:01:52.0590 1116 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:01:52.0603 1116 MSKSSRV - ok
15:01:52.0635 1116 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:01:52.0636 1116 MSPCLOCK - ok
15:01:52.0642 1116 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:01:52.0652 1116 MSPQM - ok
15:01:52.0688 1116 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:01:52.0692 1116 MsRPC - ok
15:01:52.0738 1116 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:01:52.0738 1116 mssmbios - ok
15:01:52.0749 1116 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:01:52.0750 1116 MSTEE - ok
15:01:52.0767 1116 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:01:52.0768 1116 MTConfig - ok
15:01:52.0786 1116 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:01:52.0796 1116 Mup - ok
15:01:52.0865 1116 mysql - ok
15:01:52.0905 1116 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:01:52.0910 1116 napagent - ok
15:01:52.0949 1116 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:01:52.0971 1116 NativeWifiP - ok
15:01:53.0010 1116 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:01:53.0018 1116 NDIS - ok
15:01:53.0040 1116 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:01:53.0050 1116 NdisCap - ok
15:01:53.0077 1116 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:01:53.0078 1116 NdisTapi - ok
15:01:53.0134 1116 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:01:53.0136 1116 Ndisuio - ok
15:01:53.0162 1116 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:01:53.0173 1116 NdisWan - ok
15:01:53.0205 1116 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:01:53.0224 1116 NDProxy - ok
15:01:53.0262 1116 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:01:53.0272 1116 NetBIOS - ok
15:01:53.0316 1116 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:01:53.0318 1116 NetBT - ok
15:01:53.0364 1116 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:01:53.0365 1116 Netlogon - ok
15:01:53.0401 1116 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:01:53.0403 1116 Netman - ok
15:01:53.0468 1116 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:01:53.0469 1116 NetMsmqActivator - ok
15:01:53.0471 1116 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:01:53.0472 1116 NetPipeActivator - ok
15:01:53.0494 1116 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:01:53.0496 1116 netprofm - ok
15:01:53.0501 1116 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:01:53.0502 1116 NetTcpActivator - ok
15:01:53.0504 1116 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:01:53.0505 1116 NetTcpPortSharing - ok
15:01:53.0535 1116 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:01:53.0554 1116 nfrd960 - ok
15:01:53.0616 1116 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:01:53.0618 1116 NlaSvc - ok
15:01:53.0630 1116 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:01:53.0641 1116 Npfs - ok
15:01:53.0659 1116 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:01:53.0660 1116 nsi - ok
15:01:53.0683 1116 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:01:53.0684 1116 nsiproxy - ok
15:01:53.0738 1116 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:01:53.0761 1116 Ntfs - ok
15:01:53.0783 1116 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:01:53.0792 1116 Null - ok
15:01:53.0847 1116 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:01:53.0878 1116 nusb3hub - ok
15:01:53.0908 1116 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:01:53.0924 1116 nusb3xhc - ok
15:01:53.0965 1116 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:01:53.0977 1116 nvraid - ok
15:01:53.0999 1116 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:01:54.0408 1116 nvstor - ok
15:01:54.0479 1116 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:01:54.0490 1116 nv_agp - ok
15:01:54.0520 1116 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:01:54.0538 1116 ohci1394 - ok
15:01:54.0605 1116 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:01:54.0606 1116 ose - ok
15:01:54.0689 1116 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:01:54.0731 1116 osppsvc - ok
15:01:54.0783 1116 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:01:54.0785 1116 p2pimsvc - ok
15:01:54.0804 1116 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:01:54.0807 1116 p2psvc - ok
15:01:54.0852 1116 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:01:54.0863 1116 Parport - ok
15:01:54.0889 1116 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:01:54.0899 1116 partmgr - ok
15:01:54.0912 1116 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:01:54.0913 1116 PcaSvc - ok
15:01:54.0949 1116 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:01:54.0969 1116 pci - ok
15:01:54.0992 1116 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:01:55.0001 1116 pciide - ok
15:01:55.0043 1116 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:01:55.0055 1116 pcmcia - ok
15:01:55.0069 1116 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:01:55.0079 1116 pcw - ok
15:01:55.0098 1116 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:01:55.0114 1116 PEAUTH - ok
15:01:55.0149 1116 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:01:55.0161 1116 PeerDistSvc - ok
15:01:55.0200 1116 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:01:55.0201 1116 PerfHost - ok
15:01:55.0271 1116 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:01:55.0284 1116 pla - ok
15:01:55.0321 1116 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:01:55.0324 1116 PlugPlay - ok
15:01:55.0348 1116 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:01:55.0350 1116 PNRPAutoReg - ok
15:01:55.0367 1116 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:01:55.0368 1116 PNRPsvc - ok
15:01:55.0385 1116 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:01:55.0387 1116 PolicyAgent - ok
15:01:55.0411 1116 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:01:55.0413 1116 Power - ok
15:01:55.0486 1116 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:01:55.0514 1116 PptpMiniport - ok
15:01:55.0534 1116 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:01:55.0545 1116 Processor - ok
15:01:55.0580 1116 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:01:55.0582 1116 ProfSvc - ok
15:01:55.0614 1116 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:01:55.0615 1116 ProtectedStorage - ok
15:01:55.0650 1116 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:01:55.0651 1116 Psched - ok
15:01:55.0699 1116 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:01:55.0709 1116 PxHlpa64 - ok
15:01:55.0746 1116 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:01:55.0760 1116 ql2300 - ok
15:01:55.0781 1116 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:01:55.0784 1116 ql40xx - ok
15:01:55.0810 1116 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:01:55.0813 1116 QWAVE - ok
15:01:55.0830 1116 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:01:55.0840 1116 QWAVEdrv - ok
15:01:55.0850 1116 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:01:55.0860 1116 RasAcd - ok
15:01:55.0912 1116 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:01:55.0913 1116 RasAgileVpn - ok
15:01:55.0928 1116 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:01:55.0931 1116 RasAuto - ok
15:01:55.0962 1116 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:01:55.0982 1116 Rasl2tp - ok
15:01:55.0999 1116 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:01:56.0003 1116 RasMan - ok
15:01:56.0022 1116 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:01:56.0024 1116 RasPppoe - ok
15:01:56.0031 1116 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:01:56.0041 1116 RasSstp - ok
15:01:56.0075 1116 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:01:56.0078 1116 rdbss - ok
15:01:56.0124 1116 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:01:56.0143 1116 rdpbus - ok
15:01:56.0149 1116 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:01:56.0149 1116 RDPCDD - ok
15:01:56.0181 1116 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
15:01:56.0201 1116 RDPDR - ok
15:01:56.0215 1116 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:01:56.0215 1116 RDPENCDD - ok
15:01:56.0223 1116 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:01:56.0224 1116 RDPREFMP - ok
15:01:56.0269 1116 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
15:01:56.0279 1116 RdpVideoMiniport - ok
15:01:56.0346 1116 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
15:01:56.0359 1116 RDPWD - ok
15:01:56.0381 1116 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:01:56.0384 1116 rdyboost - ok
15:01:56.0405 1116 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:01:56.0407 1116 RemoteAccess - ok
15:01:56.0434 1116 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:01:56.0447 1116 RemoteRegistry - ok
15:01:56.0490 1116 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys
15:01:56.0500 1116 Revoflt - ok
15:01:56.0519 1116 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:01:56.0520 1116 RpcEptMapper - ok
15:01:56.0564 1116 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:01:56.0565 1116 RpcLocator - ok
15:01:56.0604 1116 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:01:56.0606 1116 RpcSs - ok
15:01:56.0652 1116 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:01:56.0662 1116 rspndr - ok
15:01:56.0692 1116 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:01:56.0703 1116 RTL8167 - ok
15:01:56.0727 1116 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
15:01:56.0728 1116 s3cap - ok
15:01:56.0756 1116 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:01:56.0757 1116 SamSs - ok
15:01:56.0850 1116 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:01:56.0850 1116 SASDIFSV - ok
15:01:56.0859 1116 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:01:56.0859 1116 SASKUTIL - ok
15:01:56.0907 1116 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:01:56.0918 1116 sbp2port - ok
15:01:56.0944 1116 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:01:56.0947 1116 SCardSvr - ok
15:01:56.0977 1116 SCDEmu (b2f50286dc82b93c013e3fc57ba1a956) C:\Windows\system32\drivers\SCDEmu.sys
15:01:57.0004 1116 SCDEmu - ok
15:01:57.0029 1116 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:01:57.0039 1116 scfilter - ok
15:01:57.0071 1116 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:01:57.0076 1116 Schedule - ok
15:01:57.0150 1116 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:01:57.0151 1116 SCPolicySvc - ok
15:01:57.0214 1116 ScsiAccess (958e956e119eb7b9aba142afed1b5ff4) C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
15:01:57.0239 1116 ScsiAccess - ok
15:01:57.0264 1116 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:01:57.0278 1116 SDRSVC - ok
15:01:57.0321 1116 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:01:57.0332 1116 secdrv - ok
15:01:57.0359 1116 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:01:57.0360 1116 seclogon - ok
15:01:57.0409 1116 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:01:57.0410 1116 SENS - ok
15:01:57.0427 1116 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:01:57.0429 1116 SensrSvc - ok
15:01:57.0462 1116 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:01:57.0472 1116 Serenum - ok
15:01:57.0486 1116 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:01:57.0520 1116 Serial - ok
15:01:57.0542 1116 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:01:57.0552 1116 sermouse - ok
15:01:57.0589 1116 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:01:57.0591 1116 SessionEnv - ok
15:01:57.0646 1116 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:01:57.0656 1116 sffdisk - ok
15:01:57.0690 1116 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:01:57.0700 1116 sffp_mmc - ok
15:01:57.0716 1116 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:01:57.0717 1116 sffp_sd - ok
15:01:57.0743 1116 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:01:57.0760 1116 sfloppy - ok
15:01:57.0782 1116 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:01:57.0786 1116 SharedAccess - ok
15:01:57.0841 1116 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:01:57.0843 1116 ShellHWDetection - ok
15:01:57.0871 1116 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:01:57.0890 1116 SiSRaid2 - ok
15:01:57.0926 1116 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:01:57.0937 1116 SiSRaid4 - ok
15:01:57.0987 1116 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
15:01:57.0987 1116 SkypeUpdate - ok
15:01:58.0050 1116 Smart TimeLock (101556f6216e97f1258d87c38203695f) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
15:01:58.0066 1116 Smart TimeLock - ok
15:01:58.0128 1116 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:01:58.0130 1116 Smb - ok
15:01:58.0165 1116 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:01:58.0167 1116 SNMPTRAP - ok
15:01:58.0189 1116 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:01:58.0199 1116 spldr - ok
15:01:58.0234 1116 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:01:58.0237 1116 Spooler - ok
15:01:58.0321 1116 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:01:58.0334 1116 sppsvc - ok
15:01:58.0377 1116 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:01:58.0379 1116 sppuinotify - ok
15:01:58.0428 1116 SRS_HDAL_Service (d030883fd7e6a0f5e3ec5db56ff9cf88) C:\Windows\system32\drivers\SRS_HDAL_amd64.sys
15:01:58.0451 1116 SRS_HDAL_Service - ok
15:01:58.0501 1116 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:01:58.0527 1116 srv - ok
15:01:58.0540 1116 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:01:58.0554 1116 srv2 - ok
15:01:58.0576 1116 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:01:58.0587 1116 srvnet - ok
15:01:58.0633 1116 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:01:58.0634 1116 SSDPSRV - ok
15:01:58.0662 1116 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:01:58.0664 1116 SstpSvc - ok
15:01:58.0691 1116 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:01:58.0692 1116 stexstor - ok
15:01:58.0738 1116 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:01:58.0745 1116 stisvc - ok
15:01:58.0771 1116 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
15:01:58.0772 1116 storflt - ok
15:01:58.0790 1116 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
15:01:58.0801 1116 storvsc - ok
15:01:58.0817 1116 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:01:58.0827 1116 swenum - ok
15:01:58.0909 1116 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:01:58.0911 1116 SwitchBoard - ok
15:01:58.0966 1116 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:01:58.0969 1116 swprv - ok
15:01:59.0007 1116 Synth3dVsc - ok
15:01:59.0066 1116 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:01:59.0072 1116 SysMain - ok
15:01:59.0107 1116 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:01:59.0135 1116 TabletInputService - ok
15:01:59.0185 1116 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:01:59.0189 1116 TapiSrv - ok
15:01:59.0210 1116 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:01:59.0212 1116 TBS - ok
15:01:59.0282 1116 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:01:59.0299 1116 Tcpip - ok
15:01:59.0332 1116 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:01:59.0338 1116 TCPIP6 - ok
15:01:59.0372 1116 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:01:59.0387 1116 tcpipreg - ok
15:01:59.0447 1116 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:01:59.0471 1116 TDPIPE - ok
15:01:59.0498 1116 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:01:59.0504 1116 TDTCP - ok
15:01:59.0545 1116 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:01:59.0556 1116 tdx - ok
15:01:59.0585 1116 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:01:59.0595 1116 TermDD - ok
15:01:59.0614 1116 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:01:59.0621 1116 TermService - ok
15:01:59.0653 1116 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:01:59.0654 1116 Themes - ok
15:01:59.0709 1116 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:01:59.0710 1116 THREADORDER - ok
15:01:59.0738 1116 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:01:59.0739 1116 TrkWks - ok
15:01:59.0775 1116 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:01:59.0776 1116 TrustedInstaller - ok
15:01:59.0816 1116 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:01:59.0817 1116 tssecsrv - ok
15:01:59.0851 1116 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:01:59.0870 1116 TsUsbFlt - ok
15:01:59.0885 1116 tsusbhub - ok
15:01:59.0953 1116 TuneUp.UtilitiesSvc (8d4cc6a5c51acb30f801f78f694c7ea5) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
15:01:59.0961 1116 TuneUp.UtilitiesSvc - ok
15:01:59.0985 1116 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
15:01:59.0986 1116 TuneUpUtilitiesDrv - ok
15:02:00.0053 1116 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:02:00.0063 1116 tunnel - ok
15:02:00.0090 1116 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:02:00.0100 1116 uagp35 - ok
15:02:00.0151 1116 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:02:00.0155 1116 udfs - ok
15:02:00.0181 1116 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:02:00.0183 1116 UI0Detect - ok
15:02:00.0215 1116 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:02:00.0225 1116 uliagpkx - ok
15:02:00.0269 1116 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
15:02:00.0292 1116 umbus - ok
15:02:00.0327 1116 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:02:00.0337 1116 UmPass - ok
15:02:00.0383 1116 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
15:02:00.0386 1116 UmRdpService - ok
15:02:00.0413 1116 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:02:00.0418 1116 upnphost - ok
15:02:00.0515 1116 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:02:00.0526 1116 usbaudio - ok
15:02:00.0541 1116 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:02:00.0551 1116 usbccgp - ok
15:02:00.0592 1116 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:02:00.0594 1116 usbcir - ok
15:02:00.0611 1116 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:02:00.0621 1116 usbehci - ok
15:02:00.0646 1116 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:02:00.0659 1116 usbhub - ok
15:02:00.0716 1116 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:02:00.0726 1116 usbohci - ok
15:02:00.0748 1116 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:02:00.0758 1116 usbprint - ok
15:02:00.0793 1116 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:02:00.0812 1116 USBSTOR - ok
15:02:00.0829 1116 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
15:02:00.0831 1116 usbuhci - ok
15:02:00.0846 1116 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:02:00.0848 1116 UxSms - ok
15:02:00.0931 1116 UxTuneUp (31b569584d79c8d36e64dd467090f90f) C:\Windows\System32\uxtuneup.dll
15:02:00.0932 1116 UxTuneUp - ok
15:02:00.0964 1116 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:02:00.0965 1116 VaultSvc - ok
15:02:01.0018 1116 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:02:01.0036 1116 vdrvroot - ok
15:02:01.0071 1116 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:02:01.0077 1116 vds - ok
15:02:01.0120 1116 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:02:01.0122 1116 vga - ok
15:02:01.0151 1116 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:02:01.0161 1116 VgaSave - ok
15:02:01.0171 1116 VGPU - ok
15:02:01.0200 1116 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:02:01.0213 1116 vhdmp - ok
15:02:01.0269 1116 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:02:01.0279 1116 viaide - ok
15:02:01.0296 1116 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
15:02:01.0331 1116 vmbus - ok
15:02:01.0349 1116 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
15:02:01.0359 1116 VMBusHID - ok
15:02:01.0387 1116 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:02:01.0406 1116 volmgr - ok
15:02:01.0441 1116 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:02:01.0444 1116 volmgrx - ok
15:02:01.0497 1116 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:02:01.0512 1116 volsnap - ok
15:02:01.0540 1116 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:02:01.0552 1116 vsmraid - ok
15:02:01.0593 1116 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:02:01.0599 1116 VSS - ok
15:02:01.0635 1116 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:02:01.0658 1116 vwifibus - ok
15:02:01.0702 1116 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:02:01.0708 1116 W32Time - ok
15:02:01.0742 1116 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:02:01.0743 1116 WacomPen - ok
15:02:01.0776 1116 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:02:01.0786 1116 WANARP - ok
15:02:01.0788 1116 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:02:01.0789 1116 Wanarpv6 - ok
15:02:01.0838 1116 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:02:01.0868 1116 WatAdminSvc - ok
15:02:01.0943 1116 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:02:01.0964 1116 wbengine - ok
15:02:01.0996 1116 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:02:02.0000 1116 WbioSrvc - ok
15:02:02.0037 1116 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:02:02.0042 1116 wcncsvc - ok
15:02:02.0056 1116 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:02:02.0058 1116 WcsPlugInService - ok
15:02:02.0114 1116 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:02:02.0115 1116 Wd - ok
15:02:02.0132 1116 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:02:02.0139 1116 Wdf01000 - ok
15:02:02.0153 1116 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:02:02.0154 1116 WdiServiceHost - ok
15:02:02.0156 1116 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:02:02.0157 1116 WdiSystemHost - ok
15:02:02.0171 1116 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:02:02.0175 1116 WebClient - ok
15:02:02.0189 1116 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:02:02.0193 1116 Wecsvc - ok
15:02:02.0218 1116 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:02:02.0220 1116 wercplsupport - ok
15:02:02.0234 1116 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:02:02.0235 1116 WerSvc - ok
15:02:02.0298 1116 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:02:02.0308 1116 WfpLwf - ok
15:02:02.0321 1116 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:02:02.0345 1116 WIMMount - ok
15:02:02.0364 1116 WinDefend - ok
15:02:02.0368 1116 WinHttpAutoProxySvc - ok
15:02:02.0407 1116 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:02:02.0408 1116 Winmgmt - ok
15:02:02.0464 1116 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:02:02.0497 1116 WinRM - ok
15:02:02.0553 1116 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:02:02.0563 1116 Wlansvc - ok
15:02:02.0617 1116 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:02:02.0618 1116 WmiAcpi - ok
15:02:02.0661 1116 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:02:02.0663 1116 wmiApSrv - ok
15:02:02.0685 1116 WMPNetworkSvc - ok
15:02:02.0699 1116 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:02:02.0701 1116 WPCSvc - ok
15:02:02.0729 1116 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:02:02.0730 1116 WPDBusEnum - ok
15:02:02.0757 1116 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:02:02.0767 1116 ws2ifsl - ok
15:02:02.0785 1116 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
15:02:02.0787 1116 wscsvc - ok
15:02:02.0792 1116 WSearch - ok
15:02:02.0852 1116 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:02:02.0861 1116 wuauserv - ok
15:02:02.0908 1116 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:02:02.0919 1116 WudfPf - ok
15:02:02.0965 1116 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:02:02.0977 1116 WUDFRd - ok
15:02:03.0005 1116 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:02:03.0006 1116 wudfsvc - ok
15:02:03.0029 1116 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:02:03.0033 1116 WwanSvc - ok
15:02:03.0052 1116 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:02:03.0195 1116 \Device\Harddisk0\DR0 - ok
15:02:03.0196 1116 Boot (0x1200) (22fbaf4f851130cab7b26a9ceb3c836f) \Device\Harddisk0\DR0\Partition0
15:02:03.0197 1116 \Device\Harddisk0\DR0\Partition0 - ok
15:02:03.0226 1116 Boot (0x1200) (fe0ff2c7b041938ea865353a0f82aa87) \Device\Harddisk0\DR0\Partition1
15:02:03.0228 1116 \Device\Harddisk0\DR0\Partition1 - ok
15:02:03.0247 1116 Boot (0x1200) (faecf105115e4db0411717b151cff5fc) \Device\Harddisk0\DR0\Partition2
15:02:03.0253 1116 \Device\Harddisk0\DR0\Partition2 - ok
15:02:03.0284 1116 Boot (0x1200) (e8f75f0e2e2e0ecff5b146ffe2b87c5e) \Device\Harddisk0\DR0\Partition3
15:02:03.0287 1116 \Device\Harddisk0\DR0\Partition3 - ok
15:02:03.0287 1116 ============================================================
15:02:03.0287 1116 Scan finished
15:02:03.0287 1116 ============================================================
15:02:03.0293 4728 Detected object count: 0
15:02:03.0293 4728 Actual detected object count: 0
15:02:46.0602 1532 Deinitialize success

#4 af1

af1

    New Member

  • Members
  • Pip
  • 7 posts

Posted 17 April 2012 - 05:50 PM

GMER found no modifications.

#5 af1

af1

    New Member

  • Members
  • Pip
  • 7 posts

Posted 17 April 2012 - 06:10 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-17 15:51:41
-----------------------------
15:51:41.824 OS Version: Windows x64 6.1.7601 Service Pack 1
15:51:41.824 Number of processors: 8 586 0x1A05
15:51:41.825 ComputerName: OWNER-PC UserName: Owner
15:51:43.592 Initialize success
15:52:38.095 AVAST engine defs: 12041701
15:52:58.403 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-8
15:52:58.404 Disk 0 Vendor: Hitachi_HDS721010CLA332 JP4OA3MA Size: 953869MB BusType: 11
15:52:58.438 Disk 0 MBR read successfully
15:52:58.440 Disk 0 MBR scan
15:52:58.443 Disk 0 Windows 7 default MBR code
15:52:58.445 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:52:58.453 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 803766 MB offset 206848
15:52:58.457 Disk 0 Partition - 00 0F Extended LBA 75000 MB offset 1646321664
15:52:58.478 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 74999 MB offset 1799921664
15:52:58.508 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 74999 MB offset 1646323712
15:52:58.533 Disk 0 scanning C:\Windows\system32\drivers
15:53:06.756 Service scanning
15:53:27.938 Modules scanning
15:53:27.943 Disk 0 trace - called modules:
15:53:27.952 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
15:53:27.956 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80138fa790]
15:53:27.959 3 CLASSPNP.SYS[fffff88001bb143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP4T0L0-8[0xfffffa801368b1f0]
15:53:30.338 AVAST engine scan C:\Windows
15:53:33.472 AVAST engine scan C:\Windows\system32
15:55:58.224 AVAST engine scan C:\Windows\system32\drivers
15:56:07.698 AVAST engine scan C:\Users\Owner
16:08:32.139 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
16:08:32.141 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"
16:19:25.018 AVAST engine scan C:\ProgramData
16:21:46.984 Scan finished successfully
16:22:24.113 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
16:22:24.118 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"


The program seemingly froze, so I saved the log and when I came back to close out, it was running again. So you can see I saved it twice.

Thanks again for your help.

Edited by af1, 17 April 2012 - 06:25 PM.

#6 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,366 posts
  • Gender:Male
  • Location:India

Posted 17 April 2012 - 09:07 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#7 af1

af1

    New Member

  • Members
  • Pip
  • 7 posts

Posted 18 April 2012 - 01:47 AM

Nothing found for MBAM and Eset, so nothing to report.


MiniToolBox by Farbar Version: 18-01-2012
Ran by Owner (administrator) on 17-04-2012 at 23:37:20
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost







































































































































































































188.119.151.111 www.google-analytics.com.
188.119.151.111 ad-emea.doubleclick.net.
188.119.151.111 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=128 icmpredirects=enabled taskoffload=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=956 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 1C-6F-65-92-16-9B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::177:b55a:e639:b283%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, April 17, 2012 9:52:36 PM
Lease Expires . . . . . . . . . . : Wednesday, April 18, 2012 12:22:38 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 236744549
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-15-0E-9A-1C-6F-65-92-16-9B
DNS Servers . . . . . . . . . . . : 68.105.28.11
68.105.29.11
68.105.28.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{E9EC606F-946B-4814-952F-3040614F4A06}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns1.cox.net
Address: 68.105.28.11

Name: google.com
Addresses: 74.125.227.33
74.125.227.34
74.125.227.35
74.125.227.36
74.125.227.37
74.125.227.38
74.125.227.39
74.125.227.40
74.125.227.41
74.125.227.46
74.125.227.32


Pinging google.com [74.125.227.135] with 32 bytes of data:
Reply from 74.125.227.135: bytes=32 time=47ms TTL=53
Reply from 74.125.227.135: bytes=32 time=59ms TTL=53

Ping statistics for 74.125.227.135:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 47ms, Maximum = 59ms, Average = 53ms
Server: cdns1.cox.net
Address: 68.105.28.11

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=96ms TTL=53
Reply from 98.139.183.24: bytes=32 time=140ms TTL=53

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 96ms, Maximum = 140ms, Average = 118ms
Server: cdns1.cox.net
Address: 68.105.28.11

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...1c 6f 65 92 16 9b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.4 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.4 266
192.168.0.4 255.255.255.255 On-link 192.168.0.4 266
192.168.0.255 255.255.255.255 On-link 192.168.0.4 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.4 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.4 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 266 fe80::/64 On-link
10 266 fe80::177:b55a:e639:b283/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/17/2012 10:22:36 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {9ce81124-dc1a-4d68-84cd-df0994192b63}

Error: (04/17/2012 09:57:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/17/2012 09:57:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/17/2012 09:34:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/17/2012 08:47:03 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {ca1a72bb-e39c-4001-a940-0480bcdea95f}

Error: (04/17/2012 03:21:53 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d38c3d8e-2010-4400-84d2-2b8763fcc09c}

Error: (04/16/2012 10:12:59 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {894c59e2-4121-4b98-b448-7f346dc1b270}

Error: (04/16/2012 09:22:34 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {8ac9bbb1-d919-43e3-a7ca-7f9737e16514}

Error: (04/15/2012 06:04:11 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {766457b9-9654-462c-bb19-aa5d2cc9c9bd}

Error: (04/15/2012 02:32:41 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {6b851415-f66d-477e-97dc-a5ad1ae2ea04}


System errors:
=============
Error: (04/17/2012 09:52:48 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ArcSec

Error: (04/17/2012 09:51:38 PM) (Source: Service Control Manager) (User: )
Description: The Apache2.2 service terminated with service-specific error %%1.

Error: (04/17/2012 08:17:28 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (04/17/2012 08:17:09 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ArcSec

Error: (04/17/2012 06:03:20 PM) (Source: Service Control Manager) (User: )
Description: The Apache2.2 service terminated with service-specific error %%1.

Error: (04/17/2012 02:50:25 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ArcSec

Error: (04/17/2012 00:54:38 PM) (Source: Service Control Manager) (User: )
Description: The Apache2.2 service terminated with service-specific error %%1.

Error: (04/17/2012 08:18:05 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ArcSec

Error: (04/17/2012 02:17:12 AM) (Source: Service Control Manager) (User: )
Description: The Apache2.2 service terminated with service-specific error %%1.

Error: (04/16/2012 09:43:31 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005


Microsoft Office Sessions:
=========================
Error: (04/17/2012 10:22:36 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {9ce81124-dc1a-4d68-84cd-df0994192b63}

Error: (04/17/2012 09:57:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\System Files\Software\esetsmartinstaller_enu.exe

Error: (04/17/2012 09:57:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\System Files\Software\esetsmartinstaller_enu.exe

Error: (04/17/2012 09:34:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\System Files\Software\esetsmartinstaller_enu.exe

Error: (04/17/2012 08:47:03 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {ca1a72bb-e39c-4001-a940-0480bcdea95f}

Error: (04/17/2012 03:21:53 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d38c3d8e-2010-4400-84d2-2b8763fcc09c}

Error: (04/16/2012 10:12:59 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {894c59e2-4121-4b98-b448-7f346dc1b270}

Error: (04/16/2012 09:22:34 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {8ac9bbb1-d919-43e3-a7ca-7f9737e16514}

Error: (04/15/2012 06:04:11 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {766457b9-9654-462c-bb19-aa5d2cc9c9bd}

Error: (04/15/2012 02:32:41 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {6b851415-f66d-477e-97dc-a5ad1ae2ea04}


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.3)
Adobe AIR (Version: 3.2.0.2070)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe Download Assistant (Version: 1.0.5)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.233)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
AMD APP SDK Runtime (Version: 2.5.793.1)
AMD Catalyst Install Manager (Version: 3.0.851.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.61025.2207)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
BitTorrent (Version: 7.5.0)
Browser Configuration Utility (Version: 1.1.18.0)
Camtasia Studio 7 (Version: 7.0.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1025.2231.38573)
Catalyst Control Center Graphics Previews Common (Version: 2011.1025.2231.38573)
Catalyst Control Center InstallProxy (Version: 2011.1025.2231.38573)
ccc-utility64 (Version: 2011.1025.2231.38573)
CCC Help English (Version: 2011.1025.2230.38573)
CloudBerry S3 Explorer PRO 3.3.0 (Version: 3.3.0)
CursorFX Plus
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DisplayFusion 3.3.0 (Version: 3.3.0.0)
DivX Setup (Version: 2.6.1.5)
ESET Online Scanner v3
ESET Smart Security (Version: 5.0.93.0)
ffdshow [rev 3154] [2009-12-09] (Version: 1.0)
FileZilla Client 3.5.3 (Version: 3.5.3)
GenArts Sapphire Plug-ins 6.0 for After Effects and Compatible
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 16.0.912.75)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
HandBrake 0.9.6 (Version: 0.9.6)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Juicer 3.84
Keyword Blaze (Version: 1.2.3)
KeywordOptimizerPro (Version: 1.0.7)
LastPass (uninstall only)
Magic Bullet Suite 64-bit (Version: 11.0)
magicJack (Version: 2.0.6073.4252)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mass Video Generator 3.3
Media Center 16 (Version: 16)
MegaRobot (Version: 2.3.7)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mobilizer (Version: 0.9.5)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
Mozilla Thunderbird 11.0.1 (x86 en-US) (Version: 11.0.1)
NewBlue 3D Explosions for Windows (Version: 1.4)
NewBlue 3D Transformations for Windows (Version: 1.4)
NewBlue Light Blends for Windows (Version: 1.4)
NewBlue Motion Blends for Windows (Version: 2.4)
NewBlue Paint Blends for Windows (Version: 1.4)
NewBlue Plug-ins Bundle for Adobe CS5.5 (Team V.R Corporate Edition) (Version: X.4.0.0 build 110713)
Notepad++ (Version: 5.9.6.2)
ON_OFF Charge B10.0422.2 (Version: 1.00.0001)
PDF Settings CS5 (Version: 10.0)
Photodex Presenter
Photodex ProShow Producer version 4.5
Power SEO Ranker v1.0
PowerISO (Version: 4.8)
PxMergeModule (Version: 1.00.0000)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6077)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.30.0)
Resource Hacker Version 3.6.0
Revo Uninstaller Pro 2.5.5 (Version: 2.5.5)
S3 Ripper 2.0
Skype™ 5.8 (Version: 5.8.158)
Smart 6 B10.0422.1 (Version: 1.00.0000)
Snagit 10 (Version: 10.0.0)
SniperBot Pro 1.0 (Version: 1.0)
Sorenson Squeeze 7.0 (Version: 7.0.0)
SoundPackager
Sublime Text 2 Build 2165
SUPERAntiSpyware (Version: 5.0.1146)
Theme Resource Changer X64 v1.0
TuneUp Utilities 2012 (Version: 12.0.3500.14)
TuneUp Utilities Language Pack (en-US) (Version: 12.0.3500.14)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Windows 7 Logon Background Changer (Version: 1.3.4)
Winstep Xtreme 10.6
XAMPP 1.7.7
Xiph QuickTime Components

========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 24574.43 MB
Available physical RAM: 19438.11 MB
Total Pagefile: 49147.05 MB
Available Pagefile: 44319.72 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.26 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:784.93 GB) (Free:545.15 GB) NTFS
6 Drive m: (Mobile) (Fixed) (Total:73.24 GB) (Free:69.21 GB) NTFS
7 Drive v: (Video) (Fixed) (Total:73.24 GB) (Free:71.28 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest Owner


**** End of log ****

#8 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,366 posts
  • Gender:Male
  • Location:India

Posted 18 April 2012 - 02:00 AM

Click on startmenu and type

cmd

right click on it and select run as administrator

Now type following commands and press ENTER one by one

cd C:\windows\system32\drivers\etc
takeown /a /f hosts
cacls hosts /p everyone:f
attrib -s -h -r hosts
notepad hosts

A notepad should pop up

Now scroll to the bottom and delete the fake entries

You can check here on default hosts entries for windows 7

http://support.microsoft.com/kb/972034

Save the notepad and run this command

attrib +s +h +r hosts

Now launch mini toolbox and checkmark hosts contents alone and post the new log

good luck

Edited by narenxp, 19 April 2012 - 08:44 AM.

#9 af1

af1

    New Member

  • Members
  • Pip
  • 7 posts

Posted 18 April 2012 - 11:33 AM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Owner (administrator) on 18-04-2012 at 09:19:45
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

::1 localhost


































































































































































































**** End of log ****

Thank you very much!

Although the cmd command entries:
takeown /a /f hosts
cacls hosts /p everyone:f
attrib -s -h -r hosts
notepad hosts

were not accepted and gave me errors, I was able to open and edit my hosts file and remove the fake entries.

Also, the
attrib +s +h +r hosts

command returned a file not found???

I'm hoping this solves the problem.

I'll post my results after doing some browser testing.

Thanks again narenxp! Very nice of you to help everyone on this forum.

#10 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,366 posts
  • Gender:Male
  • Location:India

Posted 18 April 2012 - 01:08 PM

Actually your hosts file name is different.It should be something like hosts.old or hosts,backup which caused the error

Anyway if you have removed the entries then we can wrap up

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 af1

af1

    New Member

  • Members
  • Pip
  • 7 posts

Posted 18 April 2012 - 05:01 PM

I can't thank you enough varenxp.

We are pop-up/spyware free :busy:

You're awesome!

Take care.

#12 narenxp

narenxp

    Forum Addict

  • BC Advisor
  • PipPipPipPipPipPip
  • 16,366 posts
  • Gender:Male
  • Location:India

Posted 18 April 2012 - 06:23 PM

You're most welcome :thumbsup:
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·