Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

need help -another victim of the happili redirect


  • Please log in to reply
5 replies to this topic

#1 alamode635

alamode635

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:35 AM

Posted 27 April 2012 - 03:59 PM

Thank you in advance for your help. I too have been hit with this happili redirect thing.

My scans appear clean but I still have Happili re-directing Chrome on my Vista Ultimate 64bit system. I have run the MiniTool Box, then TDSSKiller, then Malwarebytes. The logs/ results from those scans are below. I am thinking this may need to be removed manually?

Thank you again - I am running out of hair to pull out

Alex
+++++++++++++++++++++++

MiniToolBox by Farbar Version: 18-01-2012
Ran by Alex (administrator) on 27-04-2012 at 15:27:54
Microsoft® Windows Vista™ Ultimate Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Cisco Systems VPN Adapter for 64-bit Windows = Local Area Connection 3 (Disconnected)
Edimax 802.11n Wireless USB Adapter = Wireless Network Connection 6 (Connected)
Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 2" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 3" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 4" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 5" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 6" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection 3" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
add address name="Local Area Connection 3" address=0.0.0.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : vidEdit
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 6:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Edimax 802.11n Wireless USB Adapter #6
Physical Address. . . . . . . . . : 00-1F-1F-55-87-BD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2508:9eba:a0b9:7dbe%19(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, April 27, 2012 2:53:39 PM
Lease Expires . . . . . . . . . . : Saturday, April 28, 2012 2:53:39 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 402661151
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-22-1A-87-00-1E-8C-3F-74-0E
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 00-1E-8C-3F-74-0E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:



++++++++++++++++++++++++

15:31:05.0728 6884 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
15:31:07.0741 6884 ============================================================
15:31:07.0741 6884 Current date / time: 2012/04/27 15:31:07.0741
15:31:07.0741 6884 SystemInfo:
15:31:07.0741 6884
15:31:07.0741 6884 OS Version: 6.0.6002 ServicePack: 2.0
15:31:07.0741 6884 Product type: Workstation
15:31:07.0741 6884 ComputerName: VIDEDIT
15:31:07.0741 6884 UserName: Alex
15:31:07.0741 6884 Windows directory: C:\Windows
15:31:07.0741 6884 System windows directory: C:\Windows
15:31:07.0741 6884 Running under WOW64
15:31:07.0741 6884 Processor architecture: Intel x64
15:31:07.0741 6884 Number of processors: 4
15:31:07.0741 6884 Page size: 0x1000
15:31:07.0741 6884 Boot type: Normal boot
15:31:07.0741 6884 ============================================================
15:31:08.0084 6884 !crdlk
15:31:08.0084 6884 Drive \Device\Harddisk0\DR0 - Size: 0xAEA9A00000 (698.65 Gb), SectorSize: 0x200, Cylinders: 0x16442, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:31:08.0099 6884 ============================================================
15:31:08.0099 6884 \Device\Harddisk0\DR0:
15:31:08.0115 6884 MBR partitions:
15:31:08.0115 6884 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x186AD89C
15:31:08.0115 6884 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18D739D0, BlocksNum 0x3E7D57F2
15:31:08.0115 6884 ============================================================
15:31:08.0162 6884 V: <-> \Device\Harddisk0\DR0\Partition1
15:31:08.0193 6884 C: <-> \Device\Harddisk0\DR0\Partition0
15:31:08.0193 6884 ============================================================
15:31:08.0193 6884 Initialize success
15:31:08.0193 6884 ============================================================
15:31:44.0494 4204 ============================================================
15:31:44.0494 4204 Scan started
15:31:44.0494 4204 Mode: Manual; TDLFS;
15:31:44.0494 4204 ============================================================
15:31:45.0165 4204 61883 (78e902fb660bd5003fe726b9bef300b6) C:\Windows\system32\DRIVERS\61883.sys
15:31:45.0181 4204 61883 - ok
15:31:45.0243 4204 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
15:31:45.0259 4204 ACPI - ok
15:31:45.0321 4204 ADIHdAudAddService (9c2430847d0d7df0cb60eface1aa453a) C:\Windows\system32\drivers\ADIHdAud.sys
15:31:45.0352 4204 ADIHdAudAddService - ok
15:31:45.0477 4204 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:31:45.0477 4204 AdobeFlashPlayerUpdateSvc - ok
15:31:45.0539 4204 adp94xx (9137451d37ba1c325cd6c2def3d2d692) C:\Windows\system32\drivers\adp94xx.sys
15:31:45.0571 4204 adp94xx - ok
15:31:45.0633 4204 adpahci (01f80898df5cc7df19b3b11351846263) C:\Windows\system32\drivers\adpahci.sys
15:31:45.0664 4204 adpahci - ok
15:31:45.0695 4204 adpu160m (da001db13fff45dfe9109936e265b7cc) C:\Windows\system32\drivers\adpu160m.sys
15:31:45.0711 4204 adpu160m - ok
15:31:45.0742 4204 adpu320 (2b10c35c5b7c5c0c28f572e035319602) C:\Windows\system32\drivers\adpu320.sys
15:31:45.0758 4204 adpu320 - ok
15:31:45.0789 4204 AEADIFilters (c084fc3139509297586357cb8b2d3edb) C:\Windows\system32\AEADISRV.EXE
15:31:45.0789 4204 AEADIFilters - ok
15:31:45.0805 4204 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
15:31:45.0805 4204 AeLookupSvc - ok
15:31:45.0898 4204 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
15:31:45.0914 4204 AFD - ok
15:31:45.0929 4204 agp440 (5ccdd13bc602ae33cd8b62d33c29ab72) C:\Windows\system32\drivers\agp440.sys
15:31:45.0929 4204 agp440 - ok
15:31:45.0961 4204 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
15:31:45.0961 4204 aic78xx - ok
15:31:45.0992 4204 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
15:31:45.0992 4204 ALG - ok
15:31:46.0007 4204 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
15:31:46.0007 4204 aliide - ok
15:31:46.0023 4204 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
15:31:46.0023 4204 amdide - ok
15:31:46.0039 4204 AmdK8 (de55dc52f7ceb89a967572d6b491ada2) C:\Windows\system32\drivers\amdk8.sys
15:31:46.0039 4204 AmdK8 - ok
15:31:46.0085 4204 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
15:31:46.0085 4204 Appinfo - ok
15:31:46.0195 4204 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:31:46.0195 4204 Apple Mobile Device - ok
15:31:46.0257 4204 AppMgmt (3da98c07b18a676180fe7eed924d1673) C:\Windows\System32\appmgmts.dll
15:31:46.0273 4204 AppMgmt - ok
15:31:46.0288 4204 arc (2e8623f2fed998a97129a3db919551c8) C:\Windows\system32\drivers\arc.sys
15:31:46.0288 4204 arc - ok
15:31:46.0319 4204 arcsas (741a003c041a3ec480a2e71af71e9654) C:\Windows\system32\drivers\arcsas.sys
15:31:46.0319 4204 arcsas - ok
15:31:46.0335 4204 ASAPIW2k - ok
15:31:46.0413 4204 AsIO (85b756463ab0c000f816260d49923cde) C:\Windows\syswow64\drivers\AsIO.sys
15:31:46.0413 4204 AsIO - ok
15:31:46.0460 4204 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
15:31:46.0460 4204 aswFsBlk - ok
15:31:46.0491 4204 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
15:31:46.0491 4204 aswMonFlt - ok
15:31:46.0522 4204 AswRdr (ee1e8fea9d6dfe066aba3a8ea455a1f2) C:\Windows\system32\drivers\AswRdr.sys
15:31:46.0522 4204 AswRdr - ok
15:31:46.0600 4204 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
15:31:46.0600 4204 aswSnx - ok
15:31:46.0647 4204 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
15:31:46.0647 4204 aswSP - ok
15:31:46.0678 4204 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
15:31:46.0678 4204 aswTdi - ok
15:31:46.0709 4204 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
15:31:46.0709 4204 AsyncMac - ok
15:31:46.0725 4204 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
15:31:46.0725 4204 atapi - ok
15:31:46.0803 4204 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
15:31:46.0803 4204 AudioEndpointBuilder - ok
15:31:46.0803 4204 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
15:31:46.0819 4204 AudioSrv - ok
15:31:46.0850 4204 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:31:46.0850 4204 avast! Antivirus - ok
15:31:46.0897 4204 Avc (295fa2878ff499c0edfa0ebcc8c6ec66) C:\Windows\system32\DRIVERS\avc.sys
15:31:46.0897 4204 Avc - ok
15:31:46.0897 4204 AVCSTRM (044320c8073293e02d000671e1e7a592) C:\Windows\system32\DRIVERS\avcstrm.sys
15:31:46.0897 4204 AVCSTRM - ok
15:31:47.0224 4204 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
15:31:47.0255 4204 AVGIDSAgent - ok
15:31:47.0380 4204 AVGIDSDriver (fa46adf6e497cf185160f09e603ce2a3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
15:31:47.0396 4204 AVGIDSDriver - ok
15:31:47.0427 4204 AVGIDSEH (d6b93e5d8b96a66f55a4d2ee7f24667c) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
15:31:47.0427 4204 AVGIDSEH - ok
15:31:47.0443 4204 AVGIDSFilter (ff6551f1ab0da3b30c9dec923f21b504) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
15:31:47.0443 4204 AVGIDSFilter - ok
15:31:47.0521 4204 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
15:31:47.0536 4204 Avgldx64 - ok
15:31:47.0552 4204 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
15:31:47.0552 4204 Avgmfx64 - ok
15:31:47.0583 4204 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
15:31:47.0583 4204 Avgrkx64 - ok
15:31:47.0661 4204 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
15:31:47.0677 4204 Avgtdia - ok
15:31:47.0786 4204 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
15:31:47.0786 4204 avgwd - ok
15:31:47.0864 4204 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
15:31:47.0895 4204 BFE - ok
15:31:47.0989 4204 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
15:31:48.0035 4204 BITS - ok
15:31:48.0067 4204 blbdrive - ok
15:31:48.0176 4204 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:31:48.0176 4204 Bonjour Service - ok
15:31:48.0191 4204 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
15:31:48.0207 4204 bowser - ok
15:31:48.0238 4204 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
15:31:48.0238 4204 BrFiltLo - ok
15:31:48.0238 4204 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
15:31:48.0254 4204 BrFiltUp - ok
15:31:48.0285 4204 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
15:31:48.0285 4204 Browser - ok
15:31:48.0316 4204 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\DRIVERS\BrSerId.sys
15:31:48.0332 4204 Brserid - ok
15:31:48.0332 4204 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
15:31:48.0347 4204 BrSerWdm - ok
15:31:48.0347 4204 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
15:31:48.0347 4204 BrUsbMdm - ok
15:31:48.0363 4204 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
15:31:48.0363 4204 BrUsbSer - ok
15:31:48.0394 4204 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
15:31:48.0394 4204 BTHMODEM - ok
15:31:48.0425 4204 BthServ (22e65ffd640f16968f855f5b3528d366) C:\Windows\System32\bthserv.dll
15:31:48.0441 4204 BthServ - ok
15:31:48.0472 4204 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
15:31:48.0488 4204 cdfs - ok
15:31:48.0519 4204 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
15:31:48.0519 4204 cdrom - ok
15:31:48.0566 4204 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
15:31:48.0566 4204 CertPropSvc - ok
15:31:48.0581 4204 circlass (f28f00596824058bc61d5edf434c9b82) C:\Windows\system32\drivers\circlass.sys
15:31:48.0581 4204 circlass - ok
15:31:48.0644 4204 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
15:31:48.0675 4204 CLFS - ok
15:31:48.0753 4204 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:31:48.0769 4204 clr_optimization_v2.0.50727_32 - ok
15:31:48.0784 4204 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:31:48.0800 4204 clr_optimization_v2.0.50727_64 - ok
15:31:48.0878 4204 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:31:48.0893 4204 clr_optimization_v4.0.30319_32 - ok
15:31:48.0940 4204 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:31:48.0940 4204 clr_optimization_v4.0.30319_64 - ok
15:31:48.0971 4204 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
15:31:48.0971 4204 cmdide - ok
15:31:48.0987 4204 Compbatt (0e77a445640bf310817f60941c50560c) C:\Windows\system32\drivers\compbatt.sys
15:31:49.0003 4204 Compbatt - ok
15:31:49.0003 4204 COMSysApp - ok
15:31:49.0018 4204 crcdisk (b1192dcd5b9cf46beed0e2a9e5bcf59a) C:\Windows\system32\drivers\crcdisk.sys
15:31:49.0018 4204 crcdisk - ok
15:31:49.0065 4204 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
15:31:49.0081 4204 CryptSvc - ok
15:31:49.0159 4204 CSC (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys
15:31:49.0174 4204 CSC - ok
15:31:49.0252 4204 CscService (1b5f256d31836ed2ba60b3a6c800200c) C:\Windows\System32\cscsvc.dll
15:31:49.0283 4204 CscService - ok
15:31:49.0299 4204 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys
15:31:49.0315 4204 CVirtA - ok
15:31:49.0455 4204 CVPND (66257cb4e4fb69887cddc71663741435) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
15:31:49.0455 4204 CVPND - ok
15:31:49.0502 4204 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys
15:31:49.0549 4204 CVPNDRVA - ok
15:31:49.0627 4204 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
15:31:49.0642 4204 DcomLaunch - ok
15:31:49.0689 4204 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
15:31:49.0689 4204 DfsC - ok
15:31:49.0892 4204 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
15:31:49.0923 4204 DFSR - ok
15:31:50.0079 4204 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
15:31:50.0095 4204 Dhcp - ok
15:31:50.0141 4204 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
15:31:50.0141 4204 disk - ok
15:31:50.0188 4204 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
15:31:50.0188 4204 DNE - ok
15:31:50.0204 4204 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
15:31:50.0204 4204 Dnscache - ok
15:31:50.0251 4204 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
15:31:50.0297 4204 dot3svc - ok
15:31:50.0344 4204 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
15:31:50.0360 4204 DPS - ok
15:31:50.0375 4204 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
15:31:50.0375 4204 drmkaud - ok
15:31:50.0453 4204 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
15:31:50.0500 4204 DXGKrnl - ok
15:31:50.0547 4204 E1G60 (d57fe09b575545738a73a0c193d0616a) C:\Windows\system32\DRIVERS\E1G6032E.sys
15:31:50.0547 4204 E1G60 - ok
15:31:50.0594 4204 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
15:31:50.0609 4204 EapHost - ok
15:31:50.0656 4204 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
15:31:50.0672 4204 Ecache - ok
15:31:50.0734 4204 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
15:31:50.0765 4204 ehRecvr - ok
15:31:50.0797 4204 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
15:31:50.0812 4204 ehSched - ok
15:31:50.0828 4204 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
15:31:50.0828 4204 ehstart - ok
15:31:50.0890 4204 elxstor (3d6298aff3fe06c0616ce5d090a3eeaa) C:\Windows\system32\drivers\elxstor.sys
15:31:50.0937 4204 elxstor - ok
15:31:50.0999 4204 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
15:31:51.0031 4204 EMDMgmt - ok
15:31:51.0062 4204 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
15:31:51.0062 4204 epmntdrv - ok
15:31:51.0093 4204 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys
15:31:51.0109 4204 EuGdiDrv - ok
15:31:51.0155 4204 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
15:31:51.0171 4204 EventSystem - ok
15:31:51.0218 4204 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
15:31:51.0233 4204 exfat - ok
15:31:51.0296 4204 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
15:31:51.0311 4204 fastfat - ok
15:31:51.0389 4204 Fax (989a776a2ff32a148fcf15c44058b129) C:\Windows\system32\fxssvc.exe
15:31:51.0405 4204 Fax - ok
15:31:51.0436 4204 fdc (61b6dbd1ad1143f008364d4e9a96b224) C:\Windows\system32\DRIVERS\fdc.sys
15:31:51.0436 4204 fdc - ok
15:31:51.0452 4204 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
15:31:51.0467 4204 fdPHost - ok
15:31:51.0483 4204 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
15:31:51.0483 4204 FDResPub - ok
15:31:51.0514 4204 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
15:31:51.0514 4204 FileInfo - ok
15:31:51.0545 4204 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
15:31:51.0545 4204 Filetrace - ok
15:31:51.0577 4204 flpydisk (12c3d1b4d0ce49e1ce343ba2f22f15e0) C:\Windows\system32\DRIVERS\flpydisk.sys
15:31:51.0577 4204 flpydisk - ok
15:31:51.0639 4204 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
15:31:51.0655 4204 FltMgr - ok
15:31:51.0779 4204 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
15:31:51.0811 4204 FontCache - ok
15:31:51.0857 4204 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:31:51.0873 4204 FontCache3.0.0.0 - ok
15:31:51.0889 4204 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
15:31:51.0904 4204 Fs_Rec - ok
15:31:51.0935 4204 fvevol (849e38db7d829962d0233a0a252b60c3) C:\Windows\system32\DRIVERS\fvevol.sys
15:31:51.0951 4204 fvevol - ok
15:31:51.0982 4204 gagp30kx (b54520cc7b4b55134d7527b1cd3fc1f2) C:\Windows\system32\drivers\gagp30kx.sys
15:31:51.0982 4204 gagp30kx - ok
15:31:51.0998 4204 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:31:51.0998 4204 GEARAspiWDM - ok
15:31:52.0138 4204 GoToMyPC (0b53f4306e17025e7685d18c3a77127e) C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe
15:31:52.0185 4204 GoToMyPC - ok
15:31:52.0263 4204 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
15:31:52.0279 4204 gpsvc - ok
15:31:52.0372 4204 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:31:52.0372 4204 gupdate - ok
15:31:52.0403 4204 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:31:52.0403 4204 gupdatem - ok
15:31:52.0481 4204 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
15:31:52.0497 4204 HdAudAddService - ok
15:31:52.0591 4204 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:31:52.0622 4204 HDAudBus - ok
15:31:52.0653 4204 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
15:31:52.0653 4204 HidBth - ok
15:31:52.0653 4204 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
15:31:52.0669 4204 HidIr - ok
15:31:52.0684 4204 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
15:31:52.0684 4204 hidserv - ok
15:31:52.0700 4204 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
15:31:52.0700 4204 HidUsb - ok
15:31:52.0747 4204 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
15:31:52.0747 4204 hkmsvc - ok
15:31:52.0778 4204 HpCISSs (8edc820115df1e04763b2923676ea5b2) C:\Windows\system32\drivers\hpcisss.sys
15:31:52.0778 4204 HpCISSs - ok
15:31:52.0856 4204 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
15:31:52.0903 4204 HTTP - ok
15:31:52.0918 4204 i2omp (f2901763845570ecac48e6a50ec50812) C:\Windows\system32\drivers\i2omp.sys
15:31:52.0918 4204 i2omp - ok
15:31:52.0949 4204 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
15:31:52.0949 4204 i8042prt - ok
15:31:53.0043 4204 IAANTMON (ae38a12f79a4980ddb88f36514f8a1da) C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
15:31:53.0043 4204 IAANTMON - ok
15:31:53.0090 4204 iaStor (9d7ed4275702e2fc409f2cc563245740) C:\Windows\system32\DRIVERS\iaStor.sys
15:31:53.0121 4204 iaStor - ok
15:31:53.0152 4204 iaStorV (72c3ee7ea3cd75a772e62ae0e5df8b8c) C:\Windows\system32\drivers\iastorv.sys
15:31:53.0168 4204 iaStorV - ok
15:31:53.0261 4204 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:31:53.0293 4204 idsvc - ok
15:31:53.0324 4204 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
15:31:53.0324 4204 iirsp - ok
15:31:53.0402 4204 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
15:31:53.0433 4204 IKEEXT - ok
15:31:53.0449 4204 intelide (36a266c673812878996f72b200203fbb) C:\Windows\system32\drivers\intelide.sys
15:31:53.0449 4204 intelide - ok
15:31:53.0480 4204 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
15:31:53.0480 4204 intelppm - ok
15:31:53.0511 4204 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
15:31:53.0511 4204 IPBusEnum - ok
15:31:53.0542 4204 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:31:53.0542 4204 IpFilterDriver - ok
15:31:53.0589 4204 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
15:31:53.0605 4204 iphlpsvc - ok
15:31:53.0605 4204 IpInIp - ok
15:31:53.0651 4204 IPMIDRV (eacdbbe429c6d170bdeee0effcbc317b) C:\Windows\system32\drivers\ipmidrv.sys
15:31:53.0651 4204 IPMIDRV - ok
15:31:53.0683 4204 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
15:31:53.0683 4204 IPNAT - ok
15:31:53.0823 4204 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
15:31:53.0839 4204 iPod Service - ok
15:31:53.0854 4204 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
15:31:53.0854 4204 IRENUM - ok
15:31:53.0885 4204 isapnp (d3bb520b31f28c1a065cd058e762ee73) C:\Windows\system32\drivers\isapnp.sys
15:31:53.0885 4204 isapnp - ok
15:31:53.0932 4204 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
15:31:53.0932 4204 iScsiPrt - ok
15:31:54.0010 4204 ISWKL (2f062e9aa964c05241a213bd7b6ff935) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
15:31:54.0010 4204 ISWKL - ok
15:31:54.0166 4204 IswSvc (9a7e564c1d2a8b6768e9c6872b9d0e2f) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
15:31:54.0166 4204 IswSvc - ok
15:31:54.0197 4204 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
15:31:54.0197 4204 iteatapi - ok
15:31:54.0229 4204 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
15:31:54.0229 4204 iteraid - ok
15:31:54.0275 4204 jumi (ccb39c7006d436d238ac75d2abfde1fe) C:\Windows\system32\DRIVERS\jumi.sys
15:31:54.0291 4204 jumi - ok
15:31:54.0338 4204 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
15:31:54.0338 4204 kbdclass - ok
15:31:54.0353 4204 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
15:31:54.0369 4204 kbdhid - ok
15:31:54.0385 4204 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
15:31:54.0385 4204 KeyIso - ok
15:31:54.0463 4204 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
15:31:54.0494 4204 KSecDD - ok
15:31:54.0509 4204 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
15:31:54.0525 4204 ksthunk - ok
15:31:54.0556 4204 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
15:31:54.0587 4204 KtmRm - ok
15:31:54.0603 4204 L8042Kbd (7d80a55b6d0c2a54728158e846f4696d) C:\Windows\system32\DRIVERS\L8042Kbd.sys
15:31:54.0603 4204 L8042Kbd - ok
15:31:54.0665 4204 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
15:31:54.0681 4204 LanmanServer - ok
15:31:54.0743 4204 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
15:31:54.0775 4204 LanmanWorkstation - ok
15:31:54.0884 4204 LBTServ (7772dfab22611050b79504e671b06e6e) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
15:31:54.0899 4204 LBTServ - ok
15:31:54.0946 4204 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:31:54.0946 4204 LHidFilt - ok
15:31:55.0024 4204 LightScribeService (559c9b7800fac92fc515cd0003d7c631) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:31:55.0024 4204 LightScribeService - ok
15:31:55.0055 4204 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
15:31:55.0055 4204 lltdio - ok
15:31:55.0118 4204 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
15:31:55.0149 4204 lltdsvc - ok
15:31:55.0165 4204 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
15:31:55.0180 4204 lmhosts - ok
15:31:55.0196 4204 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:31:55.0196 4204 LMouFilt - ok
15:31:55.0227 4204 LSI_FC (1572f8d999c0ab4376afdce058a78df9) C:\Windows\system32\drivers\lsi_fc.sys
15:31:55.0227 4204 LSI_FC - ok
15:31:55.0274 4204 LSI_SAS (64470979c3e3c9ff60edfb5230c56e0e) C:\Windows\system32\drivers\lsi_sas.sys
15:31:55.0274 4204 LSI_SAS - ok
15:31:55.0321 4204 LSI_SCSI (4ced7d3b54bfc5bbae75c4a73c7f7428) C:\Windows\system32\drivers\lsi_scsi.sys
15:31:55.0321 4204 LSI_SCSI - ok
15:31:55.0367 4204 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
15:31:55.0367 4204 luafv - ok
15:31:55.0383 4204 LUsbFilt (d67f18191c0ced7212d771190f032158) C:\Windows\system32\Drivers\LUsbFilt.Sys
15:31:55.0399 4204 LUsbFilt - ok
15:31:55.0445 4204 lvpopf64 (b2085e335f2b57077b0cbadb6f1245cd) C:\Windows\system32\DRIVERS\lvpopf64.sys
15:31:55.0477 4204 lvpopf64 - ok
15:31:55.0492 4204 LVPr2M64 (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
15:31:55.0508 4204 LVPr2M64 - ok
15:31:55.0508 4204 LVPr2Mon (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
15:31:55.0508 4204 LVPr2Mon - ok
15:31:55.0570 4204 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
15:31:55.0601 4204 LVRS64 - ok
15:31:55.0867 4204 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
15:31:55.0991 4204 LVUVC64 - ok
15:31:56.0101 4204 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
15:31:56.0101 4204 Mcx2Svc - ok
15:31:56.0163 4204 megasas (2f631c2939d5f2e8958935ee701d70d7) C:\Windows\system32\drivers\megasas.sys
15:31:56.0163 4204 megasas - ok
15:31:56.0194 4204 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
15:31:56.0194 4204 MMCSS - ok
15:31:56.0210 4204 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
15:31:56.0210 4204 Modem - ok
15:31:56.0241 4204 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
15:31:56.0241 4204 monitor - ok
15:31:56.0272 4204 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
15:31:56.0272 4204 mouclass - ok
15:31:56.0288 4204 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
15:31:56.0288 4204 mouhid - ok
15:31:56.0303 4204 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
15:31:56.0303 4204 MountMgr - ok
15:31:56.0350 4204 mpio (ed48eac719ee28db773359eb1b06e2b5) C:\Windows\system32\drivers\mpio.sys
15:31:56.0350 4204 mpio - ok
15:31:56.0366 4204 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
15:31:56.0381 4204 mpsdrv - ok
15:31:56.0444 4204 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
15:31:56.0459 4204 MpsSvc - ok
15:31:56.0475 4204 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
15:31:56.0475 4204 Mraid35x - ok
15:31:56.0522 4204 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
15:31:56.0537 4204 MRxDAV - ok
15:31:56.0553 4204 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:31:56.0569 4204 mrxsmb - ok
15:31:56.0615 4204 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:31:56.0647 4204 mrxsmb10 - ok
15:31:56.0662 4204 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:31:56.0662 4204 mrxsmb20 - ok
15:31:56.0678 4204 msahci (eeadf970795148bfbb1db3abcc89c16b) C:\Windows\system32\drivers\msahci.sys
15:31:56.0678 4204 msahci - ok
15:31:56.0709 4204 msdsm (96d7c0a1b98434c6e4ff0c2e26a0e20a) C:\Windows\system32\drivers\msdsm.sys
15:31:56.0709 4204 msdsm - ok
15:31:56.0756 4204 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
15:31:56.0771 4204 MSDTC - ok
15:31:56.0803 4204 MSDV (df674ba7da5a4753d839a905b66d2fd9) C:\Windows\system32\DRIVERS\msdv.sys
15:31:56.0803 4204 MSDV - ok
15:31:56.0834 4204 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
15:31:56.0849 4204 Msfs - ok
15:31:56.0865 4204 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
15:31:56.0865 4204 msisadrv - ok
15:31:56.0912 4204 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
15:31:56.0912 4204 MSiSCSI - ok
15:31:56.0927 4204 msiserver - ok
15:31:56.0959 4204 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
15:31:56.0959 4204 MSKSSRV - ok
15:31:56.0974 4204 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
15:31:56.0974 4204 MSPCLOCK - ok
15:31:56.0990 4204 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
15:31:56.0990 4204 MSPQM - ok
15:31:57.0052 4204 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
15:31:57.0052 4204 MsRPC - ok
15:31:57.0068 4204 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
15:31:57.0068 4204 mssmbios - ok
15:31:57.0161 4204 MSSQL$SONY_MEDIAMGR - ok
15:31:57.0208 4204 MSSQLServerADHelper (cb7524c21727404bd3140dca32deb7de) C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
15:31:57.0224 4204 MSSQLServerADHelper - ok
15:31:57.0255 4204 MSTAPE (7d1f9672aa6d98d896fe22314442c36f) C:\Windows\system32\DRIVERS\mstape.sys
15:31:57.0271 4204 MSTAPE - ok
15:31:57.0286 4204 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
15:31:57.0286 4204 MSTEE - ok
15:31:57.0317 4204 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
15:31:57.0317 4204 MTsensor - ok
15:31:57.0349 4204 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
15:31:57.0349 4204 Mup - ok
15:31:57.0411 4204 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
15:31:57.0411 4204 napagent - ok
15:31:57.0458 4204 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
15:31:57.0473 4204 NativeWifiP - ok
15:31:57.0551 4204 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
15:31:57.0583 4204 NDIS - ok
15:31:57.0598 4204 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
15:31:57.0598 4204 NdisTapi - ok
15:31:57.0629 4204 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
15:31:57.0629 4204 Ndisuio - ok
15:31:57.0661 4204 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
15:31:57.0676 4204 NdisWan - ok
15:31:57.0692 4204 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
15:31:57.0692 4204 NDProxy - ok
15:31:57.0863 4204 Nero BackItUp Scheduler 3 (c5052fb77aa42ed440f9f6b4e37145a9) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
15:31:57.0863 4204 Nero BackItUp Scheduler 3 - ok
15:31:57.0910 4204 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
15:31:57.0910 4204 NetBIOS - ok
15:31:57.0957 4204 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
15:31:57.0973 4204 netbt - ok
15:31:58.0004 4204 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
15:31:58.0004 4204 Netlogon - ok
15:31:58.0066 4204 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
15:31:58.0082 4204 Netman - ok
15:31:58.0144 4204 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
15:31:58.0160 4204 netprofm - ok
15:31:58.0238 4204 netr28ux (af59ac2d8b751b8f0a28f29951e855c4) C:\Windows\system32\DRIVERS\netr28ux.sys
15:31:58.0269 4204 netr28ux - ok
15:31:58.0331 4204 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:31:58.0347 4204 NetTcpPortSharing - ok
15:31:58.0378 4204 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
15:31:58.0378 4204 nfrd960 - ok
15:31:58.0487 4204 NitroReaderDriverReadSpool2 (0734398d3d99986bb8006e9bb5eab1e5) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
15:31:58.0487 4204 NitroReaderDriverReadSpool2 - ok
15:31:58.0534 4204 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
15:31:58.0550 4204 NlaSvc - ok
15:31:58.0675 4204 NMIndexingService (74149bcf0307bb76d68c0f8912df731c) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
15:31:58.0690 4204 NMIndexingService - ok
15:31:58.0721 4204 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
15:31:58.0721 4204 Npfs - ok
15:31:58.0737 4204 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
15:31:58.0737 4204 nsi - ok
15:31:58.0753 4204 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
15:31:58.0768 4204 nsiproxy - ok
15:31:58.0877 4204 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
15:31:58.0909 4204 Ntfs - ok
15:31:59.0033 4204 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
15:31:59.0033 4204 Null - ok
15:31:59.0689 4204 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:31:59.0938 4204 nvlddmkm - ok
15:32:00.0094 4204 nvraid (840eeb44dc49317a6161961f7682cd99) C:\Windows\system32\drivers\nvraid.sys
15:32:00.0110 4204 nvraid - ok
15:32:00.0141 4204 nvstor (94c5334040a5d500897f4c5fd12aeede) C:\Windows\system32\drivers\nvstor.sys
15:32:00.0141 4204 nvstor - ok
15:32:00.0235 4204 nvsvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe
15:32:00.0250 4204 nvsvc - ok
15:32:00.0453 4204 nvUpdatusService (e7818cd4fb51284c948d68a7a85a69b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:32:00.0469 4204 nvUpdatusService - ok
15:32:00.0609 4204 nv_agp (aa1b6c86a4763502e20b65c025f39bad) C:\Windows\system32\drivers\nv_agp.sys
15:32:00.0625 4204 nv_agp - ok
15:32:00.0625 4204 NwlnkFlt - ok
15:32:00.0625 4204 NwlnkFwd - ok
15:32:00.0671 4204 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
15:32:00.0671 4204 ohci1394 - ok
15:32:00.0765 4204 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:32:00.0765 4204 ose - ok
15:32:00.0843 4204 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
15:32:00.0859 4204 p2pimsvc - ok
15:32:00.0874 4204 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
15:32:00.0874 4204 p2psvc - ok
15:32:00.0921 4204 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
15:32:00.0937 4204 Parport - ok
15:32:00.0968 4204 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
15:32:00.0983 4204 partmgr - ok
15:32:00.0999 4204 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
15:32:01.0015 4204 PcaSvc - ok
15:32:01.0046 4204 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
15:32:01.0061 4204 pci - ok
15:32:01.0093 4204 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
15:32:01.0093 4204 pciide - ok
15:32:01.0108 4204 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
15:32:01.0139 4204 pcmcia - ok
15:32:01.0202 4204 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
15:32:01.0233 4204 PEAUTH - ok
15:32:01.0295 4204 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
15:32:01.0311 4204 PerfHost - ok
15:32:01.0327 4204 pfc - ok
15:32:01.0451 4204 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
15:32:01.0483 4204 pla - ok
15:32:01.0529 4204 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
15:32:01.0561 4204 PlugPlay - ok
15:32:01.0639 4204 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
15:32:01.0654 4204 PNRPAutoReg - ok
15:32:01.0670 4204 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
15:32:01.0670 4204 PNRPsvc - ok
15:32:01.0748 4204 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
15:32:01.0763 4204 PolicyAgent - ok
15:32:01.0826 4204 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
15:32:01.0826 4204 PptpMiniport - ok
15:32:01.0841 4204 Processor (6bc78e5f12cbb74e7930aaaa4a0db387) C:\Windows\system32\drivers\processr.sys
15:32:01.0841 4204 Processor - ok
15:32:01.0888 4204 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
15:32:01.0904 4204 ProfSvc - ok
15:32:01.0935 4204 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
15:32:01.0935 4204 ProtectedStorage - ok
15:32:01.0966 4204 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
15:32:01.0966 4204 PSched - ok
15:32:02.0060 4204 ql2300 (4a29d25704917161bad9b4659a248dfd) C:\Windows\system32\drivers\ql2300.sys
15:32:02.0091 4204 ql2300 - ok
15:32:02.0122 4204 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
15:32:02.0138 4204 ql40xx - ok
15:32:02.0185 4204 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
15:32:02.0200 4204 QWAVE - ok
15:32:02.0216 4204 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
15:32:02.0231 4204 QWAVEdrv - ok
15:32:02.0294 4204 RalinkRegistryWriter (2daa6cf9773f22b72a1a98ef2a6eafdf) C:\Program Files (x86)\EDIMAX\Common\RalinkRegistryWriter.exe
15:32:02.0294 4204 RalinkRegistryWriter - ok
15:32:02.0356 4204 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
15:32:02.0372 4204 RapiMgr - ok
15:32:02.0403 4204 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
15:32:02.0403 4204 RasAcd - ok
15:32:02.0419 4204 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
15:32:02.0434 4204 RasAuto - ok
15:32:02.0481 4204 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:32:02.0481 4204 Rasl2tp - ok
15:32:02.0528 4204 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
15:32:02.0543 4204 RasMan - ok
15:32:02.0575 4204 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
15:32:02.0575 4204 RasPppoe - ok
15:32:02.0606 4204 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
15:32:02.0606 4204 RasSstp - ok
15:32:02.0637 4204 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
15:32:02.0668 4204 rdbss - ok
15:32:02.0684 4204 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:32:02.0684 4204 RDPCDD - ok
15:32:02.0746 4204 rdpdr (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys
15:32:02.0762 4204 rdpdr - ok
15:32:02.0762 4204 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
15:32:02.0762 4204 RDPENCDD - ok
15:32:02.0824 4204 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
15:32:02.0840 4204 RDPWD - ok
15:32:02.0887 4204 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
15:32:02.0887 4204 RemoteAccess - ok
15:32:02.0933 4204 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
15:32:02.0949 4204 RemoteRegistry - ok
15:32:02.0965 4204 RimUsb - ok
15:32:03.0011 4204 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:32:03.0027 4204 RimVSerPort - ok
15:32:03.0058 4204 ROOTMODEM (6a0cf73b019cbc9255e23c9192ec3702) C:\Windows\system32\Drivers\RootMdm.sys
15:32:03.0058 4204 ROOTMODEM - ok
15:32:03.0089 4204 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
15:32:03.0089 4204 RpcLocator - ok
15:32:03.0167 4204 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
15:32:03.0183 4204 RpcSs - ok
15:32:03.0199 4204 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
15:32:03.0214 4204 rspndr - ok
15:32:03.0230 4204 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
15:32:03.0230 4204 SamSs - ok
15:32:03.0245 4204 sbp2port (8c8862dc7417d89b375492c981c491f7) C:\Windows\system32\DRIVERS\sbp2port.sys
15:32:03.0261 4204 sbp2port - ok
15:32:03.0292 4204 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
15:32:03.0308 4204 SCardSvr - ok
15:32:03.0401 4204 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
15:32:03.0417 4204 Schedule - ok
15:32:03.0448 4204 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
15:32:03.0448 4204 SCPolicySvc - ok
15:32:03.0479 4204 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
15:32:03.0495 4204 SDRSVC - ok
15:32:03.0511 4204 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:32:03.0511 4204 secdrv - ok
15:32:03.0542 4204 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
15:32:03.0542 4204 seclogon - ok
15:32:03.0573 4204 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
15:32:03.0573 4204 SENS - ok
15:32:03.0589 4204 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
15:32:03.0589 4204 Serenum - ok
15:32:03.0604 4204 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
15:32:03.0620 4204 Serial - ok
15:32:03.0651 4204 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
15:32:03.0651 4204 sermouse - ok
15:32:03.0682 4204 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
15:32:03.0698 4204 SessionEnv - ok
15:32:03.0713 4204 sffdisk (541b32f8d6b2dcb92ec43bab267e79ea) C:\Windows\system32\drivers\sffdisk.sys
15:32:03.0713 4204 sffdisk - ok
15:32:03.0729 4204 sffp_mmc (446e7cca3325c7e0ae0fde7f73cdd9c2) C:\Windows\system32\drivers\sffp_mmc.sys
15:32:03.0729 4204 sffp_mmc - ok
15:32:03.0745 4204 sffp_sd (67edc221348911e895af51c57d9a3725) C:\Windows\system32\drivers\sffp_sd.sys
15:32:03.0745 4204 sffp_sd - ok
15:32:03.0760 4204 sfloppy (40567781f0785c4a69411d1b40da8987) C:\Windows\system32\DRIVERS\sfloppy.sys
15:32:03.0760 4204 sfloppy - ok
15:32:03.0823 4204 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
15:32:03.0854 4204 SharedAccess - ok
15:32:03.0885 4204 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
15:32:03.0916 4204 ShellHWDetection - ok
15:32:03.0947 4204 SI3132 (0f498dee92fd73dd999bae4d506367f5) C:\Windows\system32\DRIVERS\SI3132.sys
15:32:03.0963 4204 SI3132 - ok
15:32:03.0979 4204 SiFilter (127ce10e01f53f2edaca7fe42e5631ea) C:\Windows\system32\DRIVERS\SiWinAcc.sys
15:32:03.0979 4204 SiFilter - ok
15:32:04.0010 4204 SiRemFil (b742c37002b8ebef6e230df9b4b28546) C:\Windows\system32\DRIVERS\SiRemFil.sys
15:32:04.0010 4204 SiRemFil - ok
15:32:04.0041 4204 SiSRaid2 (08dda16573fa44f8b13afe74597ad2e5) C:\Windows\system32\drivers\sisraid2.sys
15:32:04.0041 4204 SiSRaid2 - ok
15:32:04.0072 4204 SiSRaid4 (c52259e9daaf3890d572d87ffee0979e) C:\Windows\system32\drivers\sisraid4.sys
15:32:04.0072 4204 SiSRaid4 - ok
15:32:04.0228 4204 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
15:32:04.0275 4204 slsvc - ok
15:32:04.0400 4204 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
15:32:04.0415 4204 SLUINotify - ok
15:32:04.0462 4204 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
15:32:04.0478 4204 Smb - ok
15:32:04.0509 4204 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
15:32:04.0509 4204 SNMPTRAP - ok
15:32:04.0634 4204 SPDFCreatorReadSpool (c2e02dde966219e0dbed8e266cd27ab5) C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe
15:32:04.0634 4204 SPDFCreatorReadSpool - ok
15:32:04.0649 4204 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
15:32:04.0649 4204 spldr - ok
15:32:04.0712 4204 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
15:32:04.0727 4204 Spooler - ok
15:32:04.0774 4204 SQLAgent$SONY_MEDIAMGR - ok
15:32:04.0852 4204 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
15:32:04.0852 4204 srv - ok
15:32:04.0899 4204 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
15:32:04.0915 4204 srv2 - ok
15:32:04.0930 4204 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
15:32:04.0961 4204 srvnet - ok
15:32:05.0008 4204 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
15:32:05.0024 4204 SSDPSRV - ok
15:32:05.0086 4204 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
15:32:05.0102 4204 SstpSvc - ok
15:32:05.0117 4204 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
15:32:05.0117 4204 StillCam - ok
15:32:05.0195 4204 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
15:32:05.0227 4204 stisvc - ok
15:32:05.0258 4204 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
15:32:05.0258 4204 swenum - ok
15:32:05.0320 4204 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
15:32:05.0367 4204 swprv - ok
15:32:05.0383 4204 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
15:32:05.0398 4204 Symc8xx - ok
15:32:05.0414 4204 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
15:32:05.0414 4204 Sym_hi - ok
15:32:05.0445 4204 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
15:32:05.0445 4204 Sym_u3 - ok
15:32:05.0523 4204 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
15:32:05.0554 4204 SysMain - ok
15:32:05.0585 4204 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
15:32:05.0601 4204 TabletInputService - ok
15:32:05.0648 4204 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
15:32:05.0679 4204 TapiSrv - ok
15:32:05.0695 4204 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
15:32:05.0695 4204 TBS - ok
15:32:05.0851 4204 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
15:32:05.0882 4204 Tcpip - ok
15:32:06.0053 4204 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
15:32:06.0053 4204 Tcpip6 - ok
15:32:06.0178 4204 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
15:32:06.0178 4204 tcpipreg - ok
15:32:06.0225 4204 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
15:32:06.0225 4204 TDPIPE - ok
15:32:06.0256 4204 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
15:32:06.0256 4204 TDTCP - ok
15:32:06.0287 4204 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
15:32:06.0287 4204 tdx - ok
15:32:06.0319 4204 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
15:32:06.0334 4204 TermDD - ok
15:32:06.0397 4204 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
15:32:06.0428 4204 TermService - ok
15:32:06.0459 4204 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
15:32:06.0475 4204 Themes - ok
15:32:06.0490 4204 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
15:32:06.0506 4204 THREADORDER - ok
15:32:06.0537 4204 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
15:32:06.0553 4204 TrkWks - ok
15:32:06.0599 4204 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
15:32:06.0599 4204 TrustedInstaller - ok
15:32:06.0631 4204 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:32:06.0631 4204 tssecsrv - ok
15:32:06.0646 4204 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
15:32:06.0646 4204 tunmp - ok
15:32:06.0677 4204 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
15:32:06.0677 4204 tunnel - ok
15:32:06.0709 4204 uagp35 (e4722dfbd6232acf17543ef2c2dce8d2) C:\Windows\system32\drivers\uagp35.sys
15:32:06.0709 4204 uagp35 - ok
15:32:06.0771 4204 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
15:32:06.0787 4204 udfs - ok
15:32:06.0818 4204 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
15:32:06.0833 4204 UI0Detect - ok
15:32:06.0849 4204 uliagpkx (5663d7696abbe71f8c9d915c5374118a) C:\Windows\system32\drivers\uliagpkx.sys
15:32:06.0865 4204 uliagpkx - ok
15:32:06.0896 4204 uliahci (6030b68e86a30d1b315b51c4d7778b16) C:\Windows\system32\drivers\uliahci.sys
15:32:06.0927 4204 uliahci - ok
15:32:06.0943 4204 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
15:32:06.0958 4204 UlSata - ok
15:32:06.0989 4204 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
15:32:07.0005 4204 ulsata2 - ok
15:32:07.0021 4204 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
15:32:07.0021 4204 umbus - ok
15:32:07.0067 4204 UmRdpService (dc5e34f189b827199b9cc8481c648269) C:\Windows\System32\umrdp.dll
15:32:07.0099 4204 UmRdpService - ok
15:32:07.0239 4204 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
15:32:07.0239 4204 UMVPFSrv - ok
15:32:07.0301 4204 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
15:32:07.0317 4204 upnphost - ok
15:32:07.0364 4204 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
15:32:07.0379 4204 USBAAPL64 - ok
15:32:07.0395 4204 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
15:32:07.0411 4204 usbaudio - ok
15:32:07.0457 4204 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
15:32:07.0473 4204 usbccgp - ok
15:32:07.0489 4204 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
15:32:07.0489 4204 usbcir - ok
15:32:07.0535 4204 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
15:32:07.0535 4204 usbehci - ok
15:32:07.0582 4204 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
15:32:07.0613 4204 usbhub - ok
15:32:07.0629 4204 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
15:32:07.0629 4204 usbohci - ok
15:32:07.0660 4204 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
15:32:07.0660 4204 usbprint - ok
15:32:07.0707 4204 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
15:32:07.0723 4204 usbscan - ok
15:32:07.0754 4204 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:32:07.0754 4204 USBSTOR - ok
15:32:07.0785 4204 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
15:32:07.0785 4204 usbuhci - ok
15:32:07.0816 4204 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
15:32:07.0832 4204 usbvideo - ok
15:32:07.0879 4204 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
15:32:07.0879 4204 usb_rndisx - ok
15:32:07.0894 4204 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
15:32:07.0910 4204 UxSms - ok
15:32:07.0972 4204 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
15:32:08.0003 4204 vds - ok
15:32:08.0035 4204 vga (2998dc48905e9b4821ad8fd75b3e070c) C:\Windows\system32\DRIVERS\vgapnp.sys
15:32:08.0035 4204 vga - ok
15:32:08.0050 4204 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
15:32:08.0050 4204 VgaSave - ok
15:32:08.0066 4204 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
15:32:08.0066 4204 viaide - ok
15:32:08.0097 4204 VNUSB (3f63fa4a5d8a7c1b1a87e342569fba53) C:\Windows\system32\Drivers\VNUSB.sys
15:32:08.0097 4204 VNUSB - ok
15:32:08.0128 4204 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
15:32:08.0128 4204 volmgr - ok
15:32:08.0191 4204 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
15:32:08.0206 4204 volmgrx - ok
15:32:08.0253 4204 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
15:32:08.0269 4204 volsnap - ok
15:32:08.0331 4204 Vsdatant (1b6892429cb452f4434f1b51cf921369) C:\Windows\system32\DRIVERS\vsdatant.sys
15:32:08.0347 4204 Vsdatant - ok
15:32:08.0471 4204 vsmon - ok
15:32:08.0518 4204 vsmraid (410ae2c141142c58bc617fc2c677f8b0) C:\Windows\system32\drivers\vsmraid.sys
15:32:08.0518 4204 vsmraid - ok
15:32:08.0643 4204 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
15:32:08.0659 4204 VSS - ok
15:32:08.0815 4204 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
15:32:08.0830 4204 vToolbarUpdater10.2.0 - ok
15:32:08.0955 4204 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
15:32:08.0986 4204 W32Time - ok
15:32:09.0033 4204 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
15:32:09.0049 4204 WacomPen - ok
15:32:09.0080 4204 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
15:32:09.0095 4204 Wanarp - ok
15:32:09.0095 4204 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
15:32:09.0095 4204 Wanarpv6 - ok
15:32:09.0189 4204 wbengine (48eee289df9e4989128b2283f3eeacc6) C:\Windows\system32\wbengine.exe
15:32:09.0236 4204 wbengine - ok
15:32:09.0329 4204 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
15:32:09.0345 4204 WcesComm - ok
15:32:09.0485 4204 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
15:32:09.0532 4204 wcncsvc - ok
15:32:09.0548 4204 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
15:32:09.0563 4204 WcsPlugInService - ok
15:32:09.0610 4204 Wd (59b501b0a04c9672142b7ffa2bdbf663) C:\Windows\system32\drivers\wd.sys
15:32:09.0610 4204 Wd - ok
15:32:09.0704 4204 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
15:32:09.0735 4204 Wdf01000 - ok
15:32:09.0766 4204 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
15:32:09.0782 4204 WdiServiceHost - ok
15:32:09.0782 4204 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
15:32:09.0797 4204 WdiSystemHost - ok
15:32:09.0860 4204 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
15:32:09.0875 4204 WebClient - ok
15:32:09.0922 4204 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
15:32:09.0938 4204 Wecsvc - ok
15:32:09.0953 4204 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
15:32:09.0985 4204 wercplsupport - ok
15:32:10.0016 4204 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
15:32:10.0031 4204 WerSvc - ok
15:32:10.0078 4204 WinDefend - ok
15:32:10.0094 4204 WinHttpAutoProxySvc - ok
15:32:10.0156 4204 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
15:32:10.0172 4204 Winmgmt - ok
15:32:10.0297 4204 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
15:32:10.0375 4204 WinRM - ok
15:32:10.0437 4204 winusb (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\winusb.sys
15:32:10.0453 4204 winusb - ok
15:32:10.0531 4204 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
15:32:10.0562 4204 Wlansvc - ok
15:32:10.0577 4204 WmiAcpi (ae34218455d5dc12d1e45de85f160346) C:\Windows\system32\drivers\wmiacpi.sys
15:32:10.0577 4204 WmiAcpi - ok
15:32:10.0655 4204 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
15:32:10.0671 4204 wmiApSrv - ok
15:32:10.0718 4204 WMPNetworkSvc - ok
15:32:10.0780 4204 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
15:32:10.0796 4204 WPCSvc - ok
15:32:10.0843 4204 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
15:32:10.0858 4204 WPDBusEnum - ok
15:32:10.0889 4204 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
15:32:10.0905 4204 WpdUsb - ok
15:32:11.0061 4204 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:32:11.0092 4204 WPFFontCache_v0400 - ok
15:32:11.0139 4204 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
15:32:11.0155 4204 ws2ifsl - ok
15:32:11.0186 4204 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
15:32:11.0186 4204 wscsvc - ok
15:32:11.0186 4204 WSearch - ok
15:32:11.0342 4204 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
15:32:11.0420 4204 wuauserv - ok
15:32:11.0545 4204 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:32:11.0560 4204 WUDFRd - ok
15:32:11.0591 4204 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
15:32:11.0623 4204 wudfsvc - ok
15:32:11.0685 4204 yukonx64 (2ae06b41b36549fabf0886b2af89a599) C:\Windows\system32\DRIVERS\yk60x64.sys
15:32:11.0701 4204 yukonx64 - ok
15:32:11.0763 4204 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:32:11.0919 4204 \Device\Harddisk0\DR0 - ok
15:32:11.0935 4204 Boot (0x1200) (c1b4c0f7f68e6a2c091d3a805f5698d5) \Device\Harddisk0\DR0\Partition0
15:32:11.0935 4204 \Device\Harddisk0\DR0\Partition0 - ok
15:32:11.0966 4204 Boot (0x1200) (a1d24c0abd1baffaf8655474317a96bb) \Device\Harddisk0\DR0\Partition1
15:32:11.0966 4204 \Device\Harddisk0\DR0\Partition1 - ok
15:32:11.0966 4204 ============================================================
15:32:11.0966 4204 Scan finished
15:32:11.0966 4204 ============================================================
15:32:11.0966 4860 Detected object count: 0
15:32:11.0966 4860 Actual detected object count: 0



+++++++++++++++++++++++++++++++++++


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.26.03

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Alex :: VIDEDIT [administrator]

4/27/2012 3:35:39 PM
mbam-log-2012-04-27 (15-35-39).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231002
Time elapsed: 3 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:35 AM

Posted 27 April 2012 - 06:33 PM

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Reinstall CHROME and let me know if you have redirects?

#3 alamode635

alamode635
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:35 AM

Posted 29 April 2012 - 11:37 PM

Thanks for your help. I did exactly as you said and after the reinstall of Chrome it appears to be fixed!! Thank you so much for the help. Are there any steps I should take going forward based on these logs?
Thanks again.



here are the log results:
aswMRB

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-29 17:50:08
-----------------------------
17:50:08.252 OS Version: Windows x64 6.0.6002 Service Pack 2
17:50:08.252 Number of processors: 4 586 0xF0B
17:50:08.252 ComputerName: VIDEDIT UserName: Alex
17:50:09.578 Initialize success
17:50:09.750 AVAST engine defs: 12042800
17:51:04.521 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:51:04.521 Disk 0 Vendor: Intel___ 1.0. Size: 715418MB BusType: 8
17:51:04.537 Disk 0 MBR read successfully
17:51:04.537 Disk 0 MBR scan
17:51:04.537 Disk 0 Windows VISTA default MBR code
17:51:04.553 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200027 MB offset 2048
17:51:04.568 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 511914 MB offset 416758224
17:51:04.599 Disk 0 scanning C:\Windows\system32\drivers
17:51:12.477 Service scanning
17:51:36.767 Modules scanning
17:51:36.767 Disk 0 trace - called modules:
17:51:36.782 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:51:36.782 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009c59790]
17:51:36.798 3 CLASSPNP.SYS[fffffa6000da4c33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800817d050]
17:51:37.687 AVAST engine scan C:\Windows
17:51:40.542 AVAST engine scan C:\Windows\system32
17:54:51.689 AVAST engine scan C:\Windows\system32\drivers
17:55:13.653 AVAST engine scan C:\Users\Alex
18:15:09.783 File: C:\Users\Alex\AppData\Local\Temp\DB82.tmp **INFECTED** Win32:Alureon-ASZ [Rtk]
18:15:47.723 File: C:\Users\Alex\AppData\Local\Temp\nsn9B1F.tmp\ezbdzgg.dll **INFECTED** Win32:Crypt-MKC [Trj]
18:25:39.744 File: C:\Users\Alex\AppData\Roaming\ICAClient\ICAClient\ezbdzgg.dll **INFECTED** Win32:Crypt-MKC [Trj]
18:34:14.827 AVAST engine scan C:\ProgramData
18:36:33.137 File: C:\ProgramData\Microsoft\Windows\DRM\4A3A.tmp **INFECTED** Win32:Alureon-ASZ [Rtk]
18:36:33.262 File: C:\ProgramData\Microsoft\Windows\DRM\DB51.tmp.dat **INFECTED** Win32:Alureon-ASZ [Rtk]
18:37:22.230 Scan finished successfully
20:29:13.241 Disk 0 MBR has been saved successfully to "C:\Users\Alex\Desktop\MBR.dat"
20:29:13.257 The log file has been saved successfully to "C:\Users\Alex\Desktop\aswMBR.



ESET online scanner:

C:\Program Files (x86)\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting (after the next restart) - quarantined
C:\ProgramData\Microsoft\Windows\DRM\4A3A.tmp Win32/Olmarik.AYD trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\DB51.tmp.dat Win32/Olmarik.AYD trojan cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Alex\AppData\Local\Temp\DB82.tmp Win32/Olmarik.AYD trojan cleaned by deleting - quarantined
C:\Users\Alex\AppData\Local\Temp\NOD3AD1.tmp a variant of Win32/Adware.Yontoo.A application cleaned by deleting (after the next restart) - quarantined
C:\Users\Alex\AppData\Local\Temp\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\Users\Alex\AppData\Local\Temp\YontooSetup-Silent.exe Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Users\Alex\AppData\Local\Temp\ICReinstall\cnet2_AllFiveXP_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\AppData\Local\Temp\ICReinstall\cnet2_MoffFreeCalcSetup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\AppData\Local\Temp\ICReinstall\cnet2_openyahtzee-1_9_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\AppData\Local\Temp\ICReinstall\cnet2_PDFill_PDF_Writer_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\AppData\Local\Temp\ICReinstall\cnet2_SafeguardPDFViewer_v25_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\AppData\Local\Temp\ICReinstall\cnet2_solidpdfcreator_free_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\Downloads\cnet2_AllFiveXP_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\Downloads\cnet2_MoffFreeCalcSetup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\Downloads\cnet2_openyahtzee-1_9_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\Downloads\cnet2_SafeguardPDFViewer_v25_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\Downloads\cnet2_solidpdfcreator_free_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\Downloads\cnet_InternationalPrimoPDF_exe(1).exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\Downloads\cnet_InternationalPrimoPDF_exe(2).exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\Downloads\cnet_InternationalPrimoPDF_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\Downloads\cnet_openyahtzee-1_9_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Alex\Downloads\movie_player_1280 (1).exe Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Alex\Downloads\movie_player_1280.exe Win32/InstallIQ application cleaned by deleting - quarantined
V:\Nero-8.2.8.0_eng_update.exe Win32/Toolbar.AskSBar application deleted - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:35 AM

Posted 29 April 2012 - 11:53 PM

C:\Users\Alex\AppData\Roaming\ICAClient\ICAClient\ezbdzgg.dll

This was the infection that caused the happili redirect

Press Windows+R key and type

notepad and click ok

Now copy this script


@echo off
del /f /s /q "C:\Users\Alex\AppData\Local\Temp\nsn9B1F.tmp\ezbdzgg.dll"
del /f /s /q "C:\Users\Alex\AppData\Roaming\ICAClient\ICAClient\ezbdzgg.dll"
del %0

Save it as Remove.bat

Run the bat file

Run aswmbr and again and post the new log

Run mini toolbox log again and post it.Previous toolbox log was incomplete

good luck

Edited by narenxp, 30 April 2012 - 12:24 AM.


#5 alamode635

alamode635
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:35 AM

Posted 30 April 2012 - 11:24 AM

I did run the script and the two scans:

++++++++++++++++++++++++


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-30 10:30:40
-----------------------------
10:30:40.427 OS Version: Windows x64 6.0.6002 Service Pack 2
10:30:40.427 Number of processors: 4 586 0xF0B
10:30:40.427 ComputerName: VIDEDIT UserName: Alex
10:30:41.425 Initialize success
10:30:41.519 AVAST engine defs: 12043000
10:30:46.136 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:30:46.136 Disk 0 Vendor: Intel___ 1.0. Size: 715418MB BusType: 8
10:30:46.152 Disk 0 MBR read successfully
10:30:46.152 Disk 0 MBR scan
10:30:46.152 Disk 0 Windows VISTA default MBR code
10:30:46.168 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200027 MB offset 2048
10:30:46.183 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 511914 MB offset 416758224
10:30:46.214 Disk 0 scanning C:\Windows\system32\drivers
10:30:54.170 Service scanning
10:31:19.645 Modules scanning
10:31:19.645 Disk 0 trace - called modules:
10:31:19.661 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:31:19.661 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009c23060]
10:31:20.176 3 CLASSPNP.SYS[fffffa6000d9bc33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007a1e050]
10:31:21.002 AVAST engine scan C:\Windows
10:31:23.795 AVAST engine scan C:\Windows\system32
10:33:54.460 AVAST engine scan C:\Windows\system32\drivers
10:34:06.269 AVAST engine scan C:\Users\Alex
11:07:10.685 AVAST engine scan C:\ProgramData
11:09:00.947 Scan finished successfully
11:12:49.019 Disk 0 MBR has been saved successfully to "C:\Users\Alex\Desktop\MBR.dat"
11:12:49.019 The log file has been saved successfully to "C:\Users\Alex\Desktop\aswMBR_2.txt"


++++++++++++++++++++++++

MiniToolBox by Farbar Version: 18-01-2012
Ran by Alex (administrator) on 30-04-2012 at 11:16:20
Microsoft® Windows Vista™ Ultimate Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Cisco Systems VPN Adapter for 64-bit Windows = Local Area Connection 3 (Disconnected)
Edimax 802.11n Wireless USB Adapter = Wireless Network Connection 6 (Connected)
Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 2" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 3" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 4" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 5" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 6" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection 3" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
add address name="Local Area Connection 3" address=0.0.0.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : vidEdit
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 6:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Edimax 802.11n Wireless USB Adapter #6
Physical Address. . . . . . . . . : 00-1F-1F-55-87-BD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2508:9eba:a0b9:7dbe%19(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, April 30, 2012 9:43:33 AM
Lease Expires . . . . . . . . . . : Tuesday, May 01, 2012 9:45:41 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 402661151
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-22-1A-87-00-1E-8C-3F-74-0E
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 00-1E-8C-3F-74-0E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{F712B3B9-CEEC-4F3A-ABAF-396E43D337FE}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{EAF00674-83B2-4ADE-9424-DB5693DBA043}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 26:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{EAF00674-83B2-4ADE-9424-DB5693DBA043}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 27:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{EAF00674-83B2-4ADE-9424-DB5693DBA043}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 30:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 31:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 32:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 33:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 34:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 35:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 37:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #17
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.227.65
74.125.227.64
74.125.227.67
74.125.227.70
74.125.227.78
74.125.227.66
74.125.227.69
74.125.227.72
74.125.227.73
74.125.227.68
74.125.227.71



Pinging google.com [74.125.227.98] with 32 bytes of data:

Reply from 74.125.227.98: bytes=32 time=34ms TTL=54

Reply from 74.125.227.98: bytes=32 time=56ms TTL=54



Ping statistics for 74.125.227.98:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 34ms, Maximum = 56ms, Average = 45ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=200ms TTL=48

Reply from 98.139.183.24: bytes=32 time=112ms TTL=48



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 112ms, Maximum = 200ms, Average = 156ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=12ms TTL=128

Reply from 127.0.0.1: bytes=32 time=2ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 2ms, Maximum = 12ms, Average = 7ms

===========================================================================
Interface List
19 ...00 1f 1f 55 87 bd ...... Edimax 802.11n Wireless USB Adapter #6
8 ...00 1e 8c 3f 74 0e ...... Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
1 ........................... Software Loopback Interface 1
32 ...00 00 00 00 00 00 00 e0 isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
17 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
44 ...00 00 00 00 00 00 00 e0 isatap.{F712B3B9-CEEC-4F3A-ABAF-396E43D337FE}
33 ...00 00 00 00 00 00 00 e0 isatap.{EAF00674-83B2-4ADE-9424-DB5693DBA043}
38 ...00 00 00 00 00 00 00 e0 isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
34 ...00 00 00 00 00 00 00 e0 isatap.{EAF00674-83B2-4ADE-9424-DB5693DBA043}
35 ...00 00 00 00 00 00 00 e0 isatap.{EAF00674-83B2-4ADE-9424-DB5693DBA043}
39 ...00 00 00 00 00 00 00 e0 isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
40 ...00 00 00 00 00 00 00 e0 isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
41 ...00 00 00 00 00 00 00 e0 isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
42 ...00 00 00 00 00 00 00 e0 isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
43 ...00 00 00 00 00 00 00 e0 isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
45 ...00 00 00 00 00 00 00 e0 isatap.{D8116543-9279-4CC6-9E83-CC05B04915AD}
58 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #17
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
19 281 fe80::/64 On-link
19 281 fe80::2508:9eba:a0b9:7dbe/128
On-link
1 306 ff00::/8 On-link
19 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/30/2012 09:45:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/30/2012 09:45:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/29/2012 11:25:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/29/2012 08:29:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/29/2012 08:29:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/29/2012 08:29:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/29/2012 08:29:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/29/2012 03:15:19 PM) (Source: Google Update) (User: Alex)Alex
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7

Error: (04/29/2012 00:39:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/28/2012 08:56:49 AM) (Source: Bonjour Service) (User: )
Description: Double NAT (external NAT gateway address 10.0.0.7 is also a private RFC 1918 address)


System errors:
=============
Error: (04/30/2012 09:44:35 AM) (Source: Service Control Manager) (User: )
Description: GoToMyPC%%1053

Error: (04/30/2012 09:44:35 AM) (Source: Service Control Manager) (User: )
Description: 30000GoToMyPC

Error: (04/30/2012 09:43:30 AM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.5 for the Network Card with network address 001F1F5587BD has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (04/30/2012 09:42:17 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (04/30/2012 09:42:17 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\ASAPIW2k.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (04/29/2012 10:53:49 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer HARRIS-83DAB2D5
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D8116543-9279-4CC6-9E83-CC05B04915AD}.
The master browser is stopping or an election is being forced.

Error: (04/29/2012 08:33:13 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (04/29/2012 05:56:30 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{D8116543-9279-4CC6-9E83-CC05B04915AD}.
The backup browser is stopping.

Error: (04/29/2012 05:52:33 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer HARRIS-83DAB2D5
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D8116543-9279-4CC6-9E83-CC05B04915AD}.
The master browser is stopping or an election is being forced.

Error: (04/29/2012 04:58:57 PM) (Source: Microsoft-Windows-Diagnostics-Networking) (User: LOCAL SERVICE)
Description: 2147942487


Microsoft Office Sessions:
=========================
Error: (04/30/2012 09:45:00 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe

Error: (04/30/2012 09:45:00 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe

Error: (04/29/2012 11:25:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Alex\Desktop\esetsmartinstaller_enu.exe

Error: (04/29/2012 08:29:50 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Alex\Desktop\esetsmartinstaller_enu.exe

Error: (04/29/2012 08:29:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Alex\Desktop\esetsmartinstaller_enu.exe

Error: (04/29/2012 08:29:38 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Alex\Desktop\esetsmartinstaller_enu.exe

Error: (04/29/2012 08:29:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Alex\Desktop\esetsmartinstaller_enu.exe

Error: (04/29/2012 03:15:19 PM) (Source: Google Update)(User: Alex)Alex
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7

Error: (04/29/2012 00:39:55 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe

Error: (04/28/2012 08:56:49 AM) (Source: Bonjour Service)(User: )
Description: Double NAT (external NAT gateway address 10.0.0.7 is also a private RFC 1918 address)


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Akamai NetSession Interface
Apple Mobile Device Support (Version: 5.1.1.4)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2411)
AVG 2012 (Version: 2012.0.1913)
Bonjour (Version: 3.0.0.10)
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7)
Google Chrome (Version: 18.0.1025.162)
HP Color LaserJet CP1210 Series
HP Color LaserJet CP1210 Series (Version: 1.0.0)
HP Color LaserJet CP1210 Series Toolbox (Version: 1.0.21)
HP LaserJet Toolbox (Version: 1.0.58)
iCloud (Version: 1.0.2.17)
Intel® Matrix Storage Manager
iTunes (Version: 10.6.1.7)
Logitech SetPoint 6.32 (Version: 6.32.20)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
LWS VideoEffects (Version: 13.30.1379.0)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Automated Troubleshooting Services Shim
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
MobileMe Control Panel (Version: 3.1.8.0)
Nitro PDF Reader 2 (Version: 2.0.0.29)
NVIDIA Control Panel 275.33 (Version: 275.33)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Graphics Driver 275.33 (Version: 275.33)
NVIDIA Install Application (Version: 2.275.78.0)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
PVSonyDll (Version: 1.00.0001)
Ultimate Extras sounds from Microsoft® Tinker™
WebEx
Windows Sound Schemes
Yontoo 1.10.02 (Version: 1.10.02)
ZoneAlarm LTD Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 8190.18 MB
Available physical RAM: 5140.44 MB
Total Pagefile: 16431.39 MB
Available Pagefile: 13101.23 MB
Total Virtual: 4095.88 MB
Available Virtual: 3989.77 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:195.34 GB) (Free:83.7 GB) NTFS
5 Drive v: (vid Zone) (Fixed) (Total:499.92 GB) (Free:274.69 GB) NTFS

========================= Users: ========================================

User accounts for \\VIDEDIT

Administrator Alex ASPNET
Guest LogMeInRemoteUser UpdatusUser


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:35 AM

Posted 30 April 2012 - 12:44 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users