Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FF being redirected


  • Please log in to reply
9 replies to this topic

#1 DrifterMiles

DrifterMiles

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:05 AM

Posted 24 March 2012 - 01:55 AM

So I've been off of the internet for about a week, but got on and was doing some google searches and noticed I kept being redirected to random sites. I ran Malware Bytes and my anti-virus(Vipre) but nothing was found. Any clue on what this is?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:05 AM

Posted 24 March 2012 - 07:54 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 DrifterMiles

DrifterMiles
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:05 AM

Posted 24 March 2012 - 12:23 PM

Ok well Malware did find something last night when I ran a complete scan and here is the log for that....Also I have Win7 64bit, so didn't run GMER


3/24/2012 2:28:55 AM
mbam-log-2012-03-24 (02-28-55).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 683495
Time elapsed: 5 hour(s), 49 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Users\David\AppData\Roaming\Adobe\Adobe\hmlxkn.dll (Trojan.Agent.GMAGen) -> Delete on reboot.

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Update (Trojan.Agent.GMAGen) -> Data: rundll32.exe "C:\Users\David\AppData\Roaming\Adobe\Adobe\hmlxkn.dll",DllRegisterServer -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\David\AppData\Local\Temp\0.9869120079561701 (Exploit.Drop.9) -> Quarantined and deleted successfully.
C:\Users\David\AppData\Roaming\Adobe\Adobe\hmlxkn.dll (Trojan.Agent.GMAGen) -> Delete on reboot.

(end)


I then did what you told me and TDSKiller found something as well. Here is the log...

11:06:13.0772 3968 Windows directory: C:\Windows
11:06:13.0772 3968 System windows directory: C:\Windows
11:06:13.0772 3968 Running under WOW64
11:06:13.0772 3968 Processor architecture: Intel x64
11:06:13.0772 3968 Number of processors: 2
11:06:13.0772 3968 Page size: 0x1000
11:06:13.0772 3968 Boot type: Normal boot
11:06:13.0772 3968 ============================================================
11:06:16.0252 3968 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:06:16.0252 3968 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D55E00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:06:16.0252 3968 \Device\Harddisk0\DR0:
11:06:16.0252 3968 MBR used
11:06:16.0252 3968 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
11:06:16.0252 3968 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1D160800
11:06:16.0252 3968 \Device\Harddisk1\DR1:
11:06:16.0252 3968 MBR used
11:06:16.0252 3968 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
11:06:16.0302 3968 Initialize success
11:06:16.0302 3968 ============================================================
11:06:22.0566 2584 ============================================================
11:06:22.0566 2584 Scan started
11:06:22.0566 2584 Mode: Manual; TDLFS;
11:06:22.0566 2584 ============================================================
11:06:26.0770 2584 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
11:06:26.0780 2584 1394ohci - ok
11:06:26.0820 2584 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
11:06:26.0820 2584 ACPI - ok
11:06:26.0850 2584 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
11:06:26.0860 2584 AcpiPmi - ok
11:06:26.0920 2584 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:06:26.0980 2584 adp94xx - ok
11:06:27.0010 2584 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:06:27.0030 2584 adpahci - ok
11:06:27.0060 2584 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:06:27.0080 2584 adpu320 - ok
11:06:27.0132 2584 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:06:27.0142 2584 AeLookupSvc - ok
11:06:27.0222 2584 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
11:06:27.0242 2584 AFD - ok
11:06:27.0292 2584 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
11:06:27.0302 2584 agp440 - ok
11:06:27.0312 2584 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:06:27.0332 2584 ALG - ok
11:06:27.0362 2584 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
11:06:27.0372 2584 aliide - ok
11:06:27.0392 2584 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
11:06:27.0402 2584 amdide - ok
11:06:27.0433 2584 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:06:27.0443 2584 AmdK8 - ok
11:06:27.0453 2584 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:06:27.0463 2584 AmdPPM - ok
11:06:27.0493 2584 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
11:06:27.0503 2584 amdsata - ok
11:06:27.0533 2584 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:06:27.0543 2584 amdsbs - ok
11:06:27.0563 2584 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
11:06:27.0573 2584 amdxata - ok
11:06:27.0613 2584 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
11:06:27.0623 2584 AppID - ok
11:06:27.0673 2584 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:06:27.0683 2584 AppIDSvc - ok
11:06:27.0703 2584 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
11:06:27.0703 2584 Appinfo - ok
11:06:27.0863 2584 Apple Mobile Device (d503df3aba595f551b98b9bae017a271) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:06:27.0873 2584 Apple Mobile Device - ok
11:06:28.0023 2584 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:06:28.0033 2584 arc - ok
11:06:28.0063 2584 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:06:28.0073 2584 arcsas - ok
11:06:28.0113 2584 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:06:28.0113 2584 AsyncMac - ok
11:06:28.0133 2584 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
11:06:28.0133 2584 atapi - ok
11:06:28.0203 2584 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:06:28.0223 2584 AudioEndpointBuilder - ok
11:06:28.0253 2584 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:06:28.0263 2584 AudioSrv - ok
11:06:28.0303 2584 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
11:06:28.0313 2584 AxInstSV - ok
11:06:28.0373 2584 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:06:28.0403 2584 b06bdrv - ok
11:06:28.0473 2584 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:06:28.0493 2584 b57nd60a - ok
11:06:28.0523 2584 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:06:28.0533 2584 BDESVC - ok
11:06:28.0553 2584 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:06:28.0563 2584 Beep - ok
11:06:28.0633 2584 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
11:06:28.0663 2584 BITS - ok
11:06:28.0703 2584 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:06:28.0713 2584 blbdrive - ok
11:06:28.0843 2584 Bonjour Service (ebad0f51d8d4dade7660b1851addbd07) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
11:06:28.0853 2584 Bonjour Service - ok
11:06:28.0923 2584 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
11:06:28.0933 2584 bowser - ok
11:06:28.0983 2584 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:06:28.0993 2584 BrFiltLo - ok
11:06:29.0013 2584 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:06:29.0023 2584 BrFiltUp - ok
11:06:29.0063 2584 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
11:06:29.0083 2584 Browser - ok
11:06:29.0113 2584 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:06:29.0131 2584 Brserid - ok
11:06:29.0145 2584 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:06:29.0155 2584 BrSerWdm - ok
11:06:29.0195 2584 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:06:29.0205 2584 BrUsbMdm - ok
11:06:29.0225 2584 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:06:29.0235 2584 BrUsbSer - ok
11:06:29.0245 2584 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:06:29.0265 2584 BTHMODEM - ok
11:06:29.0345 2584 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:06:29.0355 2584 bthserv - ok
11:06:29.0385 2584 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:06:29.0395 2584 cdfs - ok
11:06:29.0425 2584 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
11:06:29.0435 2584 cdrom - ok
11:06:29.0475 2584 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:06:29.0485 2584 CertPropSvc - ok
11:06:29.0505 2584 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:06:29.0515 2584 circlass - ok
11:06:29.0555 2584 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:06:29.0565 2584 CLFS - ok
11:06:29.0645 2584 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:06:29.0655 2584 clr_optimization_v2.0.50727_32 - ok
11:06:29.0725 2584 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:06:29.0735 2584 clr_optimization_v2.0.50727_64 - ok
11:06:29.0825 2584 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:06:29.0851 2584 clr_optimization_v4.0.30319_32 - ok
11:06:29.0887 2584 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:06:29.0887 2584 clr_optimization_v4.0.30319_64 - ok
11:06:29.0949 2584 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:06:29.0979 2584 CmBatt - ok
11:06:29.0999 2584 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
11:06:30.0011 2584 cmdide - ok
11:06:30.0044 2584 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
11:06:30.0119 2584 CNG - ok
11:06:30.0159 2584 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:06:30.0177 2584 Compbatt - ok
11:06:30.0211 2584 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:06:30.0221 2584 CompositeBus - ok
11:06:30.0251 2584 COMSysApp - ok
11:06:30.0291 2584 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
11:06:30.0311 2584 cpuz135 - ok
11:06:30.0331 2584 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:06:30.0341 2584 crcdisk - ok
11:06:30.0411 2584 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
11:06:30.0421 2584 CryptSvc - ok
11:06:30.0501 2584 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:06:30.0501 2584 DcomLaunch - ok
11:06:30.0561 2584 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:06:30.0571 2584 defragsvc - ok
11:06:30.0631 2584 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
11:06:30.0641 2584 DfsC - ok
11:06:30.0681 2584 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
11:06:30.0701 2584 Dhcp - ok
11:06:30.0751 2584 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:06:30.0761 2584 discache - ok
11:06:30.0791 2584 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:06:30.0801 2584 Disk - ok
11:06:30.0851 2584 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
11:06:30.0871 2584 Dnscache - ok
11:06:30.0911 2584 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
11:06:30.0931 2584 dot3svc - ok
11:06:30.0941 2584 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
11:06:30.0961 2584 DPS - ok
11:06:31.0021 2584 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:06:31.0031 2584 drmkaud - ok
11:06:31.0081 2584 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:06:31.0081 2584 dtsoftbus01 - ok
11:06:31.0161 2584 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
11:06:31.0181 2584 DXGKrnl - ok
11:06:31.0221 2584 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:06:31.0231 2584 EapHost - ok
11:06:31.0351 2584 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:06:31.0443 2584 ebdrv - ok
11:06:31.0495 2584 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
11:06:31.0505 2584 EFS - ok
11:06:31.0595 2584 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
11:06:31.0615 2584 ehRecvr - ok
11:06:31.0665 2584 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:06:31.0675 2584 ehSched - ok
11:06:31.0715 2584 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:06:31.0745 2584 elxstor - ok
11:06:31.0765 2584 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
11:06:31.0775 2584 ErrDev - ok
11:06:31.0835 2584 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:06:31.0865 2584 EventSystem - ok
11:06:31.0895 2584 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:06:31.0905 2584 exfat - ok
11:06:31.0935 2584 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:06:31.0945 2584 fastfat - ok
11:06:31.0995 2584 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
11:06:32.0025 2584 Fax - ok
11:06:32.0045 2584 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:06:32.0055 2584 fdc - ok
11:06:32.0085 2584 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:06:32.0095 2584 fdPHost - ok
11:06:32.0115 2584 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:06:32.0125 2584 FDResPub - ok
11:06:32.0175 2584 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:06:32.0195 2584 FileInfo - ok
11:06:32.0215 2584 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:06:32.0225 2584 Filetrace - ok
11:06:32.0325 2584 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:06:32.0345 2584 FLEXnet Licensing Service - ok
11:06:32.0375 2584 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:06:32.0385 2584 flpydisk - ok
11:06:32.0405 2584 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
11:06:32.0425 2584 FltMgr - ok
11:06:32.0505 2584 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
11:06:32.0555 2584 FontCache - ok
11:06:32.0625 2584 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:06:32.0635 2584 FontCache3.0.0.0 - ok
11:06:32.0685 2584 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:06:32.0695 2584 FsDepends - ok
11:06:32.0735 2584 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:06:32.0745 2584 Fs_Rec - ok
11:06:32.0815 2584 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:06:32.0825 2584 fvevol - ok
11:06:32.0845 2584 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:06:32.0855 2584 gagp30kx - ok
11:06:32.0895 2584 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:06:32.0905 2584 GEARAspiWDM - ok
11:06:32.0965 2584 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
11:06:32.0995 2584 gpsvc - ok
11:06:33.0015 2584 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:06:33.0025 2584 hcw85cir - ok
11:06:33.0085 2584 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
11:06:33.0105 2584 HdAudAddService - ok
11:06:33.0135 2584 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:06:33.0135 2584 HDAudBus - ok
11:06:33.0155 2584 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:06:33.0165 2584 HidBatt - ok
11:06:33.0195 2584 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:06:33.0215 2584 HidBth - ok
11:06:33.0235 2584 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:06:33.0245 2584 HidIr - ok
11:06:33.0295 2584 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
11:06:33.0305 2584 hidserv - ok
11:06:33.0385 2584 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
11:06:33.0395 2584 HidUsb - ok
11:06:33.0445 2584 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
11:06:33.0455 2584 hkmsvc - ok
11:06:33.0475 2584 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
11:06:33.0485 2584 HomeGroupListener - ok
11:06:33.0545 2584 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
11:06:33.0555 2584 HomeGroupProvider - ok
11:06:33.0615 2584 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
11:06:33.0625 2584 HpSAMD - ok
11:06:33.0665 2584 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
11:06:33.0685 2584 HTTP - ok
11:06:33.0705 2584 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
11:06:33.0715 2584 hwpolicy - ok
11:06:33.0785 2584 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:06:33.0795 2584 i8042prt - ok
11:06:33.0825 2584 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
11:06:33.0835 2584 iaStorV - ok
11:06:33.0915 2584 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:06:33.0955 2584 idsvc - ok
11:06:33.0975 2584 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:06:33.0985 2584 iirsp - ok
11:06:34.0055 2584 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
11:06:34.0075 2584 IKEEXT - ok
11:06:34.0185 2584 IntcAzAudAddService (26407a11d7e222afb7ce32700abbd9d1) C:\Windows\system32\drivers\RTKVHD64.sys
11:06:34.0205 2584 IntcAzAudAddService - ok
11:06:34.0257 2584 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
11:06:34.0267 2584 intelide - ok
11:06:34.0287 2584 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:06:34.0287 2584 intelppm - ok
11:06:34.0347 2584 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:06:34.0357 2584 IPBusEnum - ok
11:06:34.0387 2584 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:06:34.0397 2584 IpFilterDriver - ok
11:06:34.0407 2584 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:06:34.0417 2584 IPMIDRV - ok
11:06:34.0467 2584 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:06:34.0477 2584 IPNAT - ok
11:06:34.0547 2584 iPod Service (662f56bb84094b46bd9b3cf777bd1f6c) C:\Program Files\iPod\bin\iPodService.exe
11:06:34.0577 2584 iPod Service - ok
11:06:34.0617 2584 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:06:34.0627 2584 IRENUM - ok
11:06:34.0657 2584 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
11:06:34.0667 2584 isapnp - ok
11:06:34.0697 2584 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
11:06:34.0707 2584 iScsiPrt - ok
11:06:34.0757 2584 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:06:34.0767 2584 kbdclass - ok
11:06:34.0787 2584 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
11:06:34.0817 2584 kbdhid - ok
11:06:34.0852 2584 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
11:06:34.0855 2584 KeyIso - ok
11:06:34.0877 2584 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
11:06:34.0921 2584 KSecDD - ok
11:06:34.0959 2584 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
11:06:34.0999 2584 KSecPkg - ok
11:06:35.0031 2584 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:06:35.0059 2584 ksthunk - ok
11:06:35.0122 2584 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:06:35.0162 2584 KtmRm - ok
11:06:35.0201 2584 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
11:06:35.0221 2584 LanmanServer - ok
11:06:35.0271 2584 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
11:06:35.0281 2584 LanmanWorkstation - ok
11:06:35.0351 2584 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:06:35.0361 2584 lltdio - ok
11:06:35.0431 2584 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:06:35.0441 2584 lltdsvc - ok
11:06:35.0471 2584 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:06:35.0481 2584 lmhosts - ok
11:06:35.0521 2584 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:06:35.0531 2584 LSI_FC - ok
11:06:35.0561 2584 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:06:35.0571 2584 LSI_SAS - ok
11:06:35.0601 2584 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:06:35.0611 2584 LSI_SAS2 - ok
11:06:35.0641 2584 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:06:35.0651 2584 LSI_SCSI - ok
11:06:35.0691 2584 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:06:35.0711 2584 luafv - ok
11:06:35.0761 2584 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
11:06:35.0771 2584 Mcx2Svc - ok
11:06:35.0791 2584 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:06:35.0801 2584 megasas - ok
11:06:35.0831 2584 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:06:35.0841 2584 MegaSR - ok
11:06:35.0898 2584 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:06:35.0903 2584 MMCSS - ok
11:06:35.0923 2584 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:06:35.0933 2584 Modem - ok
11:06:35.0973 2584 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:06:35.0973 2584 monitor - ok
11:06:35.0993 2584 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:06:36.0003 2584 mouclass - ok
11:06:36.0043 2584 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:06:36.0053 2584 mouhid - ok
11:06:36.0073 2584 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
11:06:36.0083 2584 mountmgr - ok
11:06:36.0113 2584 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
11:06:36.0123 2584 mpio - ok
11:06:36.0143 2584 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:06:36.0153 2584 mpsdrv - ok
11:06:36.0183 2584 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
11:06:36.0193 2584 MRxDAV - ok
11:06:36.0243 2584 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:06:36.0253 2584 mrxsmb - ok
11:06:36.0273 2584 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:06:36.0293 2584 mrxsmb10 - ok
11:06:36.0313 2584 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:06:36.0323 2584 mrxsmb20 - ok
11:06:36.0373 2584 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
11:06:36.0383 2584 msahci - ok
11:06:36.0413 2584 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
11:06:36.0423 2584 msdsm - ok
11:06:36.0483 2584 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:06:36.0493 2584 MSDTC - ok
11:06:36.0533 2584 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:06:36.0543 2584 Msfs - ok
11:06:36.0573 2584 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:06:36.0583 2584 mshidkmdf - ok
11:06:36.0593 2584 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
11:06:36.0603 2584 msisadrv - ok
11:06:36.0653 2584 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:06:36.0683 2584 MSiSCSI - ok
11:06:36.0703 2584 msiserver - ok
11:06:36.0795 2584 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:06:36.0795 2584 MSKSSRV - ok
11:06:36.0825 2584 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:06:36.0835 2584 MSPCLOCK - ok
11:06:36.0855 2584 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:06:36.0865 2584 MSPQM - ok
11:06:36.0895 2584 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
11:06:36.0915 2584 MsRPC - ok
11:06:36.0935 2584 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:06:36.0935 2584 mssmbios - ok
11:06:36.0955 2584 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:06:36.0985 2584 MSTEE - ok
11:06:37.0005 2584 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:06:37.0015 2584 MTConfig - ok
11:06:37.0045 2584 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:06:37.0055 2584 Mup - ok
11:06:37.0105 2584 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
11:06:37.0275 2584 napagent - ok
11:06:37.0315 2584 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:06:37.0335 2584 NativeWifiP - ok
11:06:37.0405 2584 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
11:06:37.0415 2584 NDIS - ok
11:06:37.0445 2584 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:06:37.0465 2584 NdisCap - ok
11:06:37.0505 2584 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:06:37.0515 2584 NdisTapi - ok
11:06:37.0575 2584 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
11:06:37.0585 2584 Ndisuio - ok
11:06:37.0615 2584 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:06:37.0634 2584 NdisWan - ok
11:06:37.0657 2584 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
11:06:37.0667 2584 NDProxy - ok
11:06:37.0687 2584 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:06:37.0707 2584 NetBIOS - ok
11:06:37.0747 2584 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
11:06:37.0767 2584 NetBT - ok
11:06:37.0817 2584 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
11:06:37.0817 2584 Netlogon - ok
11:06:37.0877 2584 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:06:37.0897 2584 Netman - ok
11:06:37.0927 2584 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:06:37.0947 2584 netprofm - ok
11:06:38.0027 2584 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:06:38.0037 2584 NetTcpPortSharing - ok
11:06:38.0077 2584 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:06:38.0087 2584 nfrd960 - ok
11:06:38.0127 2584 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
11:06:38.0137 2584 NlaSvc - ok
11:06:38.0227 2584 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
11:06:38.0247 2584 NMSAccess - ok
11:06:38.0287 2584 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:06:38.0297 2584 Npfs - ok
11:06:38.0337 2584 npggsvc - ok
11:06:38.0397 2584 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:06:38.0407 2584 nsi - ok
11:06:38.0417 2584 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:06:38.0427 2584 nsiproxy - ok
11:06:38.0499 2584 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
11:06:38.0559 2584 Ntfs - ok
11:06:38.0579 2584 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:06:38.0594 2584 Null - ok
11:06:38.0631 2584 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
11:06:38.0641 2584 NVHDA - ok
11:06:38.0942 2584 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:06:39.0030 2584 nvlddmkm - ok
11:06:39.0305 2584 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
11:06:39.0315 2584 nvraid - ok
11:06:39.0345 2584 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
11:06:39.0355 2584 nvstor - ok
11:06:39.0435 2584 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
11:06:39.0505 2584 nvsvc - ok
11:06:39.0705 2584 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
11:06:39.0725 2584 nvUpdatusService - ok
11:06:39.0849 2584 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
11:06:39.0925 2584 nv_agp - ok
11:06:39.0967 2584 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
11:06:39.0990 2584 ohci1394 - ok
11:06:40.0086 2584 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:06:40.0119 2584 ose - ok
11:06:40.0189 2584 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:06:40.0199 2584 p2pimsvc - ok
11:06:40.0359 2584 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:06:40.0719 2584 p2psvc - ok
11:06:40.0849 2584 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:06:40.0879 2584 Parport - ok
11:06:40.0959 2584 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
11:06:40.0979 2584 partmgr - ok
11:06:41.0109 2584 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:06:41.0149 2584 PcaSvc - ok
11:06:41.0179 2584 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
11:06:41.0209 2584 pci - ok
11:06:41.0249 2584 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
11:06:41.0259 2584 pciide - ok
11:06:41.0309 2584 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:06:41.0321 2584 pcmcia - ok
11:06:41.0341 2584 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:06:41.0351 2584 pcw - ok
11:06:41.0371 2584 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:06:41.0411 2584 PEAUTH - ok
11:06:41.0551 2584 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:06:41.0561 2584 PerfHost - ok
11:06:41.0681 2584 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
11:06:41.0721 2584 pla - ok
11:06:41.0803 2584 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
11:06:41.0813 2584 PlugPlay - ok
11:06:41.0853 2584 PnkBstrA - ok
11:06:41.0883 2584 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:06:41.0893 2584 PNRPAutoReg - ok
11:06:41.0923 2584 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:06:41.0933 2584 PNRPsvc - ok
11:06:41.0993 2584 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
11:06:42.0023 2584 PolicyAgent - ok
11:06:42.0083 2584 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:06:42.0103 2584 Power - ok
11:06:42.0173 2584 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
11:06:42.0203 2584 PptpMiniport - ok
11:06:42.0223 2584 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:06:42.0243 2584 Processor - ok
11:06:42.0313 2584 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
11:06:42.0323 2584 ProfSvc - ok
11:06:42.0373 2584 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
11:06:42.0373 2584 ProtectedStorage - ok
11:06:42.0453 2584 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
11:06:42.0473 2584 Psched - ok
11:06:42.0533 2584 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:06:42.0593 2584 ql2300 - ok
11:06:42.0633 2584 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:06:42.0643 2584 ql40xx - ok
11:06:42.0703 2584 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:06:42.0753 2584 QWAVE - ok
11:06:42.0813 2584 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:06:42.0823 2584 QWAVEdrv - ok
11:06:42.0853 2584 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:06:42.0853 2584 RasAcd - ok
11:06:42.0913 2584 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:06:42.0923 2584 RasAgileVpn - ok
11:06:42.0973 2584 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:06:42.0983 2584 RasAuto - ok
11:06:43.0033 2584 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:06:43.0043 2584 Rasl2tp - ok
11:06:43.0073 2584 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
11:06:43.0093 2584 RasMan - ok
11:06:43.0113 2584 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:06:43.0133 2584 RasPppoe - ok
11:06:43.0143 2584 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:06:43.0153 2584 RasSstp - ok
11:06:43.0193 2584 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
11:06:43.0213 2584 rdbss - ok
11:06:43.0243 2584 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:06:43.0253 2584 rdpbus - ok
11:06:43.0273 2584 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:06:43.0283 2584 RDPCDD - ok
11:06:43.0323 2584 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:06:43.0333 2584 RDPENCDD - ok
11:06:43.0343 2584 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:06:43.0363 2584 RDPREFMP - ok
11:06:43.0383 2584 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
11:06:43.0403 2584 RDPWD - ok
11:06:43.0443 2584 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
11:06:43.0453 2584 rdyboost - ok
11:06:43.0523 2584 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:06:43.0533 2584 RemoteAccess - ok
11:06:43.0583 2584 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:06:43.0593 2584 RemoteRegistry - ok
11:06:43.0613 2584 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:06:43.0623 2584 RpcEptMapper - ok
11:06:43.0643 2584 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:06:43.0653 2584 RpcLocator - ok
11:06:43.0673 2584 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:06:43.0683 2584 RpcSs - ok
11:06:43.0753 2584 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:06:43.0763 2584 rspndr - ok
11:06:43.0863 2584 RTCore64 (a61979abf1750503b79f1712889a6751) C:\Program Files (x86)\EVGA Precision\RTCore64.sys
11:06:43.0873 2584 RTCore64 - ok
11:06:44.0013 2584 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:06:44.0023 2584 RTL8167 - ok
11:06:44.0073 2584 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
11:06:44.0073 2584 SamSs - ok
11:06:44.0263 2584 SBAMSvc (2977a3760a2780b467e92ffa6c92d426) C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
11:06:44.0283 2584 SBAMSvc - ok
11:06:44.0325 2584 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\Windows\system32\DRIVERS\sbapifs.sys
11:06:44.0335 2584 sbapifs - ok
11:06:44.0405 2584 SbFw (f91668e1406546c9b4e15663b2d5bd06) C:\Windows\system32\drivers\SbFw.sys
11:06:44.0425 2584 SbFw - ok
11:06:44.0485 2584 SBFWIMCL (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\sbfwim.sys
11:06:44.0505 2584 SBFWIMCL - ok
11:06:44.0525 2584 SBFWIMCLMP (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\SBFWIM.sys
11:06:44.0525 2584 SBFWIMCLMP - ok
11:06:44.0595 2584 SbHips (f04cb6f08c33bd8383d3e022ac86bed8) C:\Windows\system32\drivers\sbhips.sys
11:06:44.0615 2584 SbHips - ok
11:06:44.0655 2584 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
11:06:44.0675 2584 sbp2port - ok
11:06:44.0835 2584 SBPIMSvc (7d7652fb094a4632b0314641de976855) C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
11:06:44.0855 2584 SBPIMSvc - ok
11:06:45.0017 2584 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys
11:06:45.0037 2584 SBRE - ok
11:06:45.0089 2584 sbwtis (8c9fab91a8fa3f6404107237a9febb2c) C:\Windows\system32\DRIVERS\sbwtis.sys
11:06:45.0109 2584 sbwtis - ok
11:06:45.0179 2584 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:06:45.0200 2584 SCardSvr - ok
11:06:45.0281 2584 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
11:06:45.0281 2584 scfilter - ok
11:06:45.0381 2584 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
11:06:45.0451 2584 Schedule - ok
11:06:45.0501 2584 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:06:45.0511 2584 SCPolicySvc - ok
11:06:45.0531 2584 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
11:06:45.0551 2584 SDRSVC - ok
11:06:45.0611 2584 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:06:45.0621 2584 secdrv - ok
11:06:45.0641 2584 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
11:06:45.0651 2584 seclogon - ok
11:06:45.0671 2584 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
11:06:45.0691 2584 SENS - ok
11:06:45.0721 2584 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:06:45.0731 2584 SensrSvc - ok
11:06:45.0771 2584 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:06:45.0781 2584 Serenum - ok
11:06:45.0801 2584 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:06:45.0811 2584 Serial - ok
11:06:45.0821 2584 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:06:45.0831 2584 sermouse - ok
11:06:45.0891 2584 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
11:06:45.0901 2584 SessionEnv - ok
11:06:45.0931 2584 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:06:45.0941 2584 sffdisk - ok
11:06:45.0961 2584 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:06:45.0971 2584 sffp_mmc - ok
11:06:45.0991 2584 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:06:46.0001 2584 sffp_sd - ok
11:06:46.0021 2584 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:06:46.0031 2584 sfloppy - ok
11:06:46.0101 2584 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:06:46.0131 2584 SharedAccess - ok
11:06:46.0181 2584 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
11:06:46.0211 2584 ShellHWDetection - ok
11:06:46.0241 2584 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:06:46.0251 2584 SiSRaid2 - ok
11:06:46.0281 2584 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:06:46.0291 2584 SiSRaid4 - ok
11:06:46.0421 2584 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:06:46.0441 2584 SkypeUpdate - ok
11:06:46.0581 2584 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:06:46.0601 2584 Smb - ok
11:06:46.0671 2584 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:06:46.0691 2584 SNMPTRAP - ok
11:06:46.0701 2584 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:06:46.0711 2584 spldr - ok
11:06:46.0781 2584 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
11:06:46.0801 2584 Spooler - ok
11:06:46.0891 2584 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
11:06:46.0911 2584 sppsvc - ok
11:06:46.0935 2584 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:06:46.0947 2584 sppuinotify - ok
11:06:46.0993 2584 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
11:06:47.0013 2584 srv - ok
11:06:47.0043 2584 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
11:06:47.0063 2584 srv2 - ok
11:06:47.0083 2584 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
11:06:47.0093 2584 srvnet - ok
11:06:47.0153 2584 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:06:47.0163 2584 SSDPSRV - ok
11:06:47.0193 2584 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:06:47.0213 2584 SstpSvc - ok
11:06:47.0263 2584 StarOpen (e57b778208c783d8debab320c16a1b82) C:\Windows\system32\drivers\StarOpen.sys
11:06:47.0273 2584 StarOpen - ok
11:06:47.0373 2584 Steam Client Service - ok
11:06:47.0473 2584 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:06:47.0493 2584 Stereo Service - ok
11:06:47.0673 2584 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:06:47.0693 2584 stexstor - ok
11:06:47.0883 2584 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
11:06:48.0343 2584 stisvc - ok
11:06:48.0373 2584 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:06:48.0383 2584 swenum - ok
11:06:48.0463 2584 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:06:48.0493 2584 swprv - ok
11:06:48.0753 2584 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
11:06:48.0763 2584 SysMain - ok
11:06:48.0803 2584 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
11:06:48.0833 2584 TabletInputService - ok
11:06:48.0893 2584 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
11:06:48.0943 2584 TapiSrv - ok
11:06:48.0953 2584 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:06:48.0983 2584 TBS - ok
11:06:49.0083 2584 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
11:06:49.0133 2584 Tcpip - ok
11:06:49.0253 2584 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
11:06:49.0263 2584 TCPIP6 - ok
11:06:49.0315 2584 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
11:06:49.0345 2584 tcpipreg - ok
11:06:49.0375 2584 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:06:49.0385 2584 TDPIPE - ok
11:06:49.0415 2584 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:06:49.0425 2584 TDTCP - ok
11:06:49.0465 2584 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
11:06:49.0475 2584 tdx - ok
11:06:49.0495 2584 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
11:06:49.0505 2584 TermDD - ok
11:06:49.0595 2584 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
11:06:49.0645 2584 TermService - ok
11:06:49.0665 2584 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:06:49.0685 2584 Themes - ok
11:06:49.0745 2584 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:06:49.0745 2584 THREADORDER - ok
11:06:49.0805 2584 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:06:49.0825 2584 TrkWks - ok
11:06:49.0917 2584 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
11:06:49.0917 2584 TrustedInstaller - ok
11:06:49.0977 2584 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:06:50.0068 2584 tssecsrv - ok
11:06:50.0103 2584 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
11:06:50.0160 2584 tunnel - ok
11:06:50.0185 2584 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:06:50.0209 2584 uagp35 - ok
11:06:50.0240 2584 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
11:06:50.0257 2584 udfs - ok
11:06:50.0301 2584 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:06:50.0321 2584 UI0Detect - ok
11:06:50.0341 2584 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
11:06:50.0351 2584 uliagpkx - ok
11:06:50.0383 2584 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
11:06:50.0393 2584 umbus - ok
11:06:50.0423 2584 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:06:50.0443 2584 UmPass - ok
11:06:50.0493 2584 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:06:50.0513 2584 upnphost - ok
11:06:50.0563 2584 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
11:06:50.0573 2584 usbaudio - ok
11:06:50.0593 2584 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
11:06:50.0603 2584 usbccgp - ok
11:06:50.0633 2584 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
11:06:50.0646 2584 usbcir - ok
11:06:50.0665 2584 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
11:06:50.0675 2584 usbehci - ok
11:06:50.0715 2584 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
11:06:50.0725 2584 usbhub - ok
11:06:50.0770 2584 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
11:06:50.0780 2584 usbohci - ok
11:06:50.0795 2584 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:06:50.0807 2584 usbprint - ok
11:06:50.0827 2584 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:06:50.0847 2584 USBSTOR - ok
11:06:50.0857 2584 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
11:06:50.0867 2584 usbuhci - ok
11:06:50.0907 2584 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
11:06:50.0927 2584 usbvideo - ok
11:06:50.0967 2584 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:06:50.0977 2584 UxSms - ok
11:06:51.0037 2584 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
11:06:51.0037 2584 VaultSvc - ok
11:06:51.0097 2584 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
11:06:51.0117 2584 vdrvroot - ok
11:06:51.0247 2584 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
11:06:51.0267 2584 vds - ok
11:06:51.0317 2584 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:06:51.0327 2584 vga - ok
11:06:51.0347 2584 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:06:51.0357 2584 VgaSave - ok
11:06:51.0397 2584 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
11:06:51.0407 2584 vhdmp - ok
11:06:51.0437 2584 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
11:06:51.0447 2584 viaide - ok
11:06:51.0477 2584 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
11:06:51.0487 2584 volmgr - ok
11:06:51.0507 2584 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
11:06:51.0527 2584 volmgrx - ok
11:06:51.0547 2584 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
11:06:51.0567 2584 volsnap - ok
11:06:51.0597 2584 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:06:51.0607 2584 vsmraid - ok
11:06:51.0677 2584 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
11:06:51.0747 2584 VSS - ok
11:06:51.0767 2584 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
11:06:51.0777 2584 vwifibus - ok
11:06:51.0807 2584 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:06:51.0827 2584 W32Time - ok
11:06:51.0873 2584 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:06:51.0883 2584 WacomPen - ok
11:06:51.0909 2584 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:06:51.0929 2584 WANARP - ok
11:06:51.0939 2584 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:06:51.0939 2584 Wanarpv6 - ok
11:06:52.0039 2584 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
11:06:52.0089 2584 wbengine - ok
11:06:52.0109 2584 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:06:52.0141 2584 WbioSrvc - ok
11:06:52.0201 2584 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
11:06:52.0221 2584 wcncsvc - ok
11:06:52.0271 2584 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:06:52.0281 2584 WcsPlugInService - ok
11:06:52.0381 2584 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:06:52.0401 2584 Wd - ok
11:06:52.0451 2584 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:06:52.0481 2584 Wdf01000 - ok
11:06:52.0501 2584 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:06:52.0531 2584 WdiServiceHost - ok
11:06:52.0531 2584 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:06:52.0541 2584 WdiSystemHost - ok
11:06:52.0581 2584 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
11:06:52.0601 2584 WebClient - ok
11:06:52.0631 2584 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:06:52.0641 2584 Wecsvc - ok
11:06:52.0661 2584 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:06:52.0681 2584 wercplsupport - ok
11:06:52.0711 2584 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:06:52.0721 2584 WerSvc - ok
11:06:52.0791 2584 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:06:52.0801 2584 WfpLwf - ok
11:06:52.0831 2584 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:06:52.0851 2584 WIMMount - ok
11:06:52.0851 2584 WinHttpAutoProxySvc - ok
11:06:52.0951 2584 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:06:52.0961 2584 Winmgmt - ok
11:06:53.0071 2584 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
11:06:53.0131 2584 WinRM - ok
11:06:53.0183 2584 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:06:53.0233 2584 Wlansvc - ok
11:06:53.0423 2584 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:06:53.0483 2584 wlidsvc - ok
11:06:53.0555 2584 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:06:53.0565 2584 WmiAcpi - ok
11:06:53.0655 2584 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:06:53.0665 2584 wmiApSrv - ok
11:06:53.0725 2584 WMPNetworkSvc - ok
11:06:53.0775 2584 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:06:53.0795 2584 WPCSvc - ok
11:06:53.0825 2584 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
11:06:53.0835 2584 WPDBusEnum - ok
11:06:53.0895 2584 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:06:53.0905 2584 ws2ifsl - ok
11:06:53.0925 2584 WSearch - ok
11:06:54.0015 2584 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
11:06:54.0035 2584 wuauserv - ok
11:06:54.0061 2584 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
11:06:54.0073 2584 WudfPf - ok
11:06:54.0117 2584 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:06:54.0127 2584 WUDFRd - ok
11:06:54.0157 2584 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
11:06:54.0167 2584 wudfsvc - ok
11:06:54.0197 2584 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:06:54.0217 2584 WwanSvc - ok
11:06:54.0257 2584 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:06:54.0347 2584 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:06:54.0347 2584 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:06:54.0367 2584 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
11:06:54.0477 2584 \Device\Harddisk1\DR1 - ok
11:06:54.0487 2584 Boot (0x1200) (b89d8aa0a7e1fd83426305d6568425ab) \Device\Harddisk0\DR0\Partition0
11:06:54.0487 2584 \Device\Harddisk0\DR0\Partition0 - ok
11:06:54.0517 2584 Boot (0x1200) (3fae16a654c4f79ad529fc7e650e84ad) \Device\Harddisk0\DR0\Partition1
11:06:54.0517 2584 \Device\Harddisk0\DR0\Partition1 - ok
11:06:54.0527 2584 Boot (0x1200) (e956ef744c76289579da678e0ec69fe8) \Device\Harddisk1\DR1\Partition0
11:06:54.0527 2584 \Device\Harddisk1\DR1\Partition0 - ok
11:06:54.0527 2584 ============================================================
11:06:54.0527 2584 Scan finished
11:06:54.0527 2584 ============================================================
11:06:54.0547 3000 Detected object count: 1
11:06:54.0547 3000 Actual detected object count: 1
11:08:50.0269 3000 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:08:50.0269 3000 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Here is the aswMBR log...

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-24 12:03:34
-----------------------------
12:03:34.104 OS Version: Windows x64 6.1.7600
12:03:34.104 Number of processors: 2 586 0xF0D
12:03:34.104 ComputerName: DAVID-PC UserName: David
12:03:35.154 Initialize success
12:04:04.838 AVAST engine defs: 12032400
12:04:13.028 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-7
12:04:13.038 Disk 0 Vendor: ST3250410AS 3.AAF Size: 238475MB BusType: 3
12:04:13.038 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000007a
12:04:13.038 Disk 1 Vendor: Size: 238475MB BusType: 0
12:04:13.058 Disk 0 MBR read successfully
12:04:13.068 Disk 0 MBR scan
12:04:13.078 Disk 0 Windows 7 default MBR code
12:04:13.078 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
12:04:13.098 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238273 MB offset 411648
12:04:13.138 Disk 0 scanning C:\Windows\system32\drivers
12:04:23.808 Service scanning
12:04:43.778 Modules scanning
12:04:43.788 Disk 0 trace - called modules:
12:04:44.128 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
12:04:44.138 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c19060]
12:04:44.148 3 CLASSPNP.SYS[fffff880018a643f] -> nt!IofCallDriver -> [0xfffffa8003c5ae40]
12:04:44.158 5 ACPI.sys[fffff88000ed5781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-7[0xfffffa80046f3060]
12:04:45.498 AVAST engine scan C:\Windows
12:04:47.668 AVAST engine scan C:\Windows\system32
12:07:59.429 AVAST engine scan C:\Windows\system32\drivers
12:08:09.985 AVAST engine scan C:\Users\David
12:14:18.726 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
12:14:18.744 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR.txt"



TDSkiller didn't give me the option to cure, so I just skipped. Thanks for your help, I really appreciate it.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:05 AM

Posted 24 March 2012 - 07:07 PM

I want you to run malware bytes once and make sure it comes out clean.

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


If Redirect is specific to a browser ,i want you to reinstall firefox and see if you still have redirects

good luck

#5 DrifterMiles

DrifterMiles
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:05 AM

Posted 26 March 2012 - 12:03 AM

Went out of town, I'll be running Malware tonight and post the log in the morning and will run the other programs tomorrow as well. Thank you. Also, as a note, browser hasn't been rerouted since I ran a full scan of malware last time, it also got rid of some weird popads on facebook that I had seen...looked like something with flash was infected.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:05 AM

Posted 26 March 2012 - 03:52 AM

:thumbup2:

#7 DrifterMiles

DrifterMiles
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:05 AM

Posted 26 March 2012 - 08:33 PM

Malware found nothing


ESET found 3 infected files...

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6cf2a506-1e585ade probably a variant of Java/Exploit.CVE-2011-3544.AZ trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6cf2a506-25a23b0c probably a variant of Java/Exploit.CVE-2011-3544.AZ trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6cf2a506-71164b8f probably a variant of Java/Exploit.CVE-2011-3544.AZ trojan cleaned by deleting - quarantined


Here is minitoobox...

MiniToolBox by Farbar Version: 18-01-2012
Ran by David (administrator) on 26-03-2012 at 20:31:41
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : David-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.tn.comcast.net.

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.tn.comcast.net.
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-21-85-10-1A-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2daa:9c3d:1df4:742c%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, March 25, 2012 8:27:44 PM
Lease Expires . . . . . . . . . . : Tuesday, March 27, 2012 8:27:44 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234889605
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-1E-50-E7-00-21-85-10-1A-49
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.tn.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 74.125.45.139
74.125.45.100
74.125.45.113
74.125.45.138
74.125.45.101
74.125.45.102


Pinging google.com [74.125.45.102] with 32 bytes of data:
Reply from 74.125.45.102: bytes=32 time=44ms TTL=52
Reply from 74.125.45.102: bytes=32 time=44ms TTL=51

Ping statistics for 74.125.45.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 44ms, Maximum = 44ms, Average = 44ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=125ms TTL=51
Reply from 72.30.38.140: bytes=32 time=135ms TTL=51

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 125ms, Maximum = 135ms, Average = 130ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 21 85 10 1a 49 ......Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.102 276
192.168.1.102 255.255.255.255 On-link 192.168.1.102 276
192.168.1.255 255.255.255.255 On-link 192.168.1.102 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.102 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.102 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::2daa:9c3d:1df4:742c/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 26 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 27 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 mswsock.dll [File Not found] ()
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/26/2012 11:54:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/26/2012 00:03:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/25/2012 03:11:01 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/25/2012 03:11:01 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/25/2012 10:25:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/24/2012 11:08:18 AM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/24/2012 11:08:18 AM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/24/2012 00:31:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/23/2012 00:32:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/22/2012 08:15:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.


System errors:
=============
Error: (03/26/2012 08:27:45 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/26/2012 06:15:25 PM) (Source: Service Control Manager) (User: )
Description: The sbwtis service failed to start due to the following error:
%%1753

Error: (03/26/2012 10:15:08 AM) (Source: Service Control Manager) (User: )
Description: The sbwtis service failed to start due to the following error:
%%1753

Error: (03/26/2012 05:14:17 AM) (Source: Service Control Manager) (User: )
Description: The sbwtis service failed to start due to the following error:
%%1753

Error: (03/25/2012 11:11:11 PM) (Source: Service Control Manager) (User: )
Description: The sbwtis service failed to start due to the following error:
%%1753

Error: (03/25/2012 08:27:49 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/25/2012 08:27:44 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/25/2012 08:27:43 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/25/2012 08:27:40 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/25/2012 05:10:11 PM) (Source: Service Control Manager) (User: )
Description: The sbwtis service failed to start due to the following error:
%%1753


Microsoft Office Sessions:
=========================
Error: (03/26/2012 11:54:23 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/26/2012 00:03:26 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (03/25/2012 03:11:01 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (03/25/2012 03:11:01 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: Performance1637070000000000000000000009030000

Error: (03/25/2012 10:25:46 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/24/2012 11:08:18 AM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (03/24/2012 11:08:18 AM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: Performance1637070000000000000000000009030000

Error: (03/24/2012 00:31:47 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/23/2012 00:32:00 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/22/2012 08:15:34 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe


=========================== Installed Programs ============================

Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.55)
Adobe Reader 9.3 (Version: 9.3.0)
Age of Conan: Unchained
AIM 7
Apple Application Support (Version: 1.2.1)
Apple Mobile Device Support (Version: 3.0.1.3)
Apple Software Update (Version: 2.1.2.120)
Bandisoft MPEG-1 Decoder
Battlefield 3™ Open Beta (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 0.80.0)
Bonjour (Version: 2.0.1.2)
CDBurnerXP (Version: 4.3.0.2015)
Cockatrice
Counter-Strike: Source
Counter-Strike: Source Beta
CPUID CPU-Z 1.58
DAEMON Tools Lite (Version: 4.41.3.0173)
DAEMON Tools Toolbar (Version: 1.1.7.0190)
Day of Defeat: Source
Diablo II
Diablo III Beta (Version: 0.4.0.7841)
DivX Setup (Version: 1.0.2.23)
Dota 2
Download Updater (AOL LLC)
EasyBits GO
ESET Online Scanner v3
ESN Sonar (Version: 0.70.0)
EVGA OC Scanner 1.7.3
EVGA Precision 2.0.2 (Version: 2.0.2)
Express Dictate
Express Scribe
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Faxion (Version: 1.52.0)
Google Chrome (Version: 17.0.963.83)
Heroes of Newerth (Version: 1.0.0)
iTunes (Version: 9.1.1.12)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Kingdoms of Amalur: Reckoning Demo
League of Legends (Version: 1.0020)
League of Legends (Version: 1.3)
Magic Online (Version: 3.00.0000)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Games for Windows - LIVE (Version: 2.0.687.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Office Professional Edition 2003 (Version: 11.0.7969.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 285.62 (Version: 285.62)
NVIDIA 3D Vision Driver 285.62 (Version: 285.62)
NVIDIA Control Panel 285.62 (Version: 285.62)
NVIDIA Graphics Driver 285.62 (Version: 285.62)
NVIDIA HD Audio Driver 1.2.24.0 (Version: 1.2.24.0)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA PhysX (Version: 9.11.0621)
NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.8562)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
Octoshape Streaming Services
OpenAL
Origin (Version: 8.3.7.3619)
Pando Media Booster (Version: 2.3.5.2)
Portal
PunkBuster Services (Version: 0.991)
QuickTime (Version: 7.66.71.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6363)
Resident Evil 5
Rosetta Stone Version 3 (Version: 3.4.5.0)
Rosetta Stone Version 3 (Version: 3.4.7.0)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.8 (Version: 5.8.156)
Star Wars: The Old Republic (Version: 1.00)
StarCraft II (Version: 1.4.1.19776)
StarCraft II Beta (Version: 0.16.0.15449)
Steam (Version: 1.0.0.0)
System Requirements Lab
System Requirements Lab (Version: 4.1.72.0)
System Requirements Lab CYRI (Version: 4.3.1.0)
Team Fortress 2
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Ventrilo Client (Version: 3.0.7)
VIPRE Internet Security (Version: 5.0.5134)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Warhammer Online - Wrath of Heroes (Version: )
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
World of Warcraft (Version: 4.3.0.15050)

========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 4095.16 MB
Available physical RAM: 1551.67 MB
Total Pagefile: 8188.46 MB
Available Pagefile: 6198.39 MB
Total Virtual: 4095.88 MB
Available Virtual: 3950.7 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.69 GB) (Free:67.64 GB) NTFS
4 Drive g: (External Drive) (Fixed) (Total:298.09 GB) (Free:88.95 GB) NTFS

========================= Users: ========================================

User accounts for \\DAVID-PC

Administrator ASPNET David
Guest UpdatusUser


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:05 AM

Posted 27 March 2012 - 02:14 AM

Download

HostsXpert

Open HostsXpert from your desktop.

If you get this pop up ''HOSTS file does not exist, press OK to create HOSTS file, Cancel to Quit''

Select ok

Close HostsXpert

Now launch mini toolbox and check mark hosts alone and post the new log

Let me know if you still have redirects

#9 DrifterMiles

DrifterMiles
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:05 AM

Posted 27 March 2012 - 08:48 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by David (administrator) on 27-03-2012 at 20:47:46
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

127.0.0.1 localhost


**** End of log ****



Haven't had redirects since I ran Malware the first time and still going strong.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:05 AM

Posted 27 March 2012 - 09:09 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users