Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirected


  • Please log in to reply
12 replies to this topic

#1 BettiFelon

BettiFelon

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Escondido CA
  • Local time:07:19 AM

Posted 10 May 2012 - 10:29 AM

I think there is something wrong with my computer! I keep getting redirected when I click on links from any search! It doesn't happen every time, but I know it's not a glitch. For instance, when I searched for Bleeping Computer and clicked on link bleepingcomputer.com, I got redirected to something about mom's needing time to relax. Is this a new kind of spam?? I've run Malwearbytes and avast and they don't pick up anything. What is gong on!? I JUST had it checked out because I fell for some stupid phone scam where someone claiming to be from windows conned me. Anyway, that's another story. Nothing came of that. So, any ideas?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:19 AM

Posted 10 May 2012 - 10:59 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 BettiFelon

BettiFelon
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Escondido CA
  • Local time:07:19 AM

Posted 10 May 2012 - 11:57 AM

09:09:38.0951 4788 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
09:09:40.0036 4788 ============================================================
09:09:40.0036 4788 Current date / time: 2012/05/10 09:09:40.0036
09:09:40.0036 4788 SystemInfo:
09:09:40.0036 4788
09:09:40.0036 4788 OS Version: 6.1.7601 ServicePack: 1.0
09:09:40.0036 4788 Product type: Workstation
09:09:40.0037 4788 ComputerName: KELLI-PC
09:09:40.0037 4788 UserName: kelly
09:09:40.0037 4788 Windows directory: C:\Windows
09:09:40.0037 4788 System windows directory: C:\Windows
09:09:40.0037 4788 Running under WOW64
09:09:40.0037 4788 Processor architecture: Intel x64
09:09:40.0037 4788 Number of processors: 4
09:09:40.0037 4788 Page size: 0x1000
09:09:40.0037 4788 Boot type: Normal boot
09:09:40.0037 4788 ============================================================
09:09:41.0206 4788 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:09:41.0217 4788 ============================================================
09:09:41.0217 4788 \Device\Harddisk0\DR0:
09:09:41.0233 4788 MBR partitions:
09:09:41.0234 4788 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:09:41.0234 4788 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
09:09:41.0234 4788 ============================================================
09:09:41.0275 4788 C: <-> \Device\Harddisk0\DR0\Partition1
09:09:41.0276 4788 ============================================================
09:09:41.0276 4788 Initialize success
09:09:41.0276 4788 ============================================================
09:10:04.0874 3464 ============================================================
09:10:04.0874 3464 Scan started
09:10:04.0874 3464 Mode: Manual; TDLFS;
09:10:04.0874 3464 ============================================================
09:10:05.0231 3464 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:10:05.0239 3464 1394ohci - ok
09:10:05.0291 3464 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:10:05.0300 3464 ACPI - ok
09:10:05.0320 3464 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:10:05.0322 3464 AcpiPmi - ok
09:10:05.0408 3464 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:10:05.0412 3464 AdobeARMservice - ok
09:10:05.0543 3464 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:10:05.0548 3464 AdobeFlashPlayerUpdateSvc - ok
09:10:05.0601 3464 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
09:10:05.0613 3464 adp94xx - ok
09:10:05.0642 3464 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
09:10:05.0650 3464 adpahci - ok
09:10:05.0672 3464 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
09:10:05.0677 3464 adpu320 - ok
09:10:05.0709 3464 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:10:05.0712 3464 AeLookupSvc - ok
09:10:05.0771 3464 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:10:05.0782 3464 AFD - ok
09:10:05.0807 3464 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:10:05.0811 3464 agp440 - ok
09:10:05.0826 3464 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:10:05.0829 3464 ALG - ok
09:10:05.0845 3464 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:10:05.0847 3464 aliide - ok
09:10:05.0862 3464 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:10:05.0864 3464 amdide - ok
09:10:05.0890 3464 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
09:10:05.0893 3464 AmdK8 - ok
09:10:05.0909 3464 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
09:10:05.0911 3464 AmdPPM - ok
09:10:05.0929 3464 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:10:05.0933 3464 amdsata - ok
09:10:05.0950 3464 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
09:10:05.0955 3464 amdsbs - ok
09:10:05.0971 3464 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:10:05.0972 3464 amdxata - ok
09:10:06.0000 3464 anodlwf (4ccf421e6c4b2a4cbce000715911f7cc) C:\Windows\system32\DRIVERS\anodlwfx.sys
09:10:06.0002 3464 anodlwf - ok
09:10:06.0030 3464 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:10:06.0033 3464 AppID - ok
09:10:06.0055 3464 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:10:06.0058 3464 AppIDSvc - ok
09:10:06.0083 3464 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:10:06.0086 3464 Appinfo - ok
09:10:06.0118 3464 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
09:10:06.0123 3464 AppMgmt - ok
09:10:06.0162 3464 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
09:10:06.0165 3464 arc - ok
09:10:06.0178 3464 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
09:10:06.0181 3464 arcsas - ok
09:10:06.0224 3464 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
09:10:06.0227 3464 aswFsBlk - ok
09:10:06.0244 3464 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
09:10:06.0247 3464 aswMonFlt - ok
09:10:06.0282 3464 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
09:10:06.0285 3464 aswRdr - ok
09:10:06.0332 3464 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
09:10:06.0344 3464 aswSnx - ok
09:10:06.0368 3464 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
09:10:06.0373 3464 aswSP - ok
09:10:06.0384 3464 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
09:10:06.0386 3464 aswTdi - ok
09:10:06.0398 3464 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:10:06.0399 3464 AsyncMac - ok
09:10:06.0416 3464 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:10:06.0417 3464 atapi - ok
09:10:06.0453 3464 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:10:06.0462 3464 AudioEndpointBuilder - ok
09:10:06.0474 3464 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:10:06.0480 3464 AudioSrv - ok
09:10:06.0549 3464 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:10:06.0551 3464 avast! Antivirus - ok
09:10:06.0577 3464 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:10:06.0581 3464 AxInstSV - ok
09:10:06.0616 3464 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
09:10:06.0640 3464 b06bdrv - ok
09:10:06.0666 3464 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:10:06.0672 3464 b57nd60a - ok
09:10:06.0739 3464 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:10:06.0743 3464 BDESVC - ok
09:10:06.0756 3464 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:10:06.0758 3464 Beep - ok
09:10:06.0807 3464 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:10:06.0822 3464 BFE - ok
09:10:06.0884 3464 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
09:10:06.0901 3464 BITS - ok
09:10:06.0939 3464 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:10:06.0942 3464 blbdrive - ok
09:10:06.0961 3464 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:10:06.0965 3464 bowser - ok
09:10:06.0986 3464 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:10:06.0988 3464 BrFiltLo - ok
09:10:07.0002 3464 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:10:07.0004 3464 BrFiltUp - ok
09:10:07.0035 3464 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:10:07.0040 3464 Browser - ok
09:10:07.0067 3464 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:10:07.0075 3464 Brserid - ok
09:10:07.0090 3464 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:10:07.0093 3464 BrSerWdm - ok
09:10:07.0110 3464 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:10:07.0112 3464 BrUsbMdm - ok
09:10:07.0126 3464 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:10:07.0128 3464 BrUsbSer - ok
09:10:07.0137 3464 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:10:07.0141 3464 BTHMODEM - ok
09:10:07.0165 3464 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:10:07.0169 3464 bthserv - ok
09:10:07.0196 3464 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:10:07.0200 3464 cdfs - ok
09:10:07.0231 3464 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
09:10:07.0236 3464 cdrom - ok
09:10:07.0265 3464 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:10:07.0269 3464 CertPropSvc - ok
09:10:07.0284 3464 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
09:10:07.0286 3464 circlass - ok
09:10:07.0348 3464 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:10:07.0356 3464 CLFS - ok
09:10:07.0431 3464 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:10:07.0435 3464 clr_optimization_v2.0.50727_32 - ok
09:10:07.0478 3464 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:10:07.0482 3464 clr_optimization_v2.0.50727_64 - ok
09:10:07.0575 3464 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:10:07.0606 3464 clr_optimization_v4.0.30319_32 - ok
09:10:07.0639 3464 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:10:07.0644 3464 clr_optimization_v4.0.30319_64 - ok
09:10:07.0708 3464 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:10:07.0710 3464 CmBatt - ok
09:10:07.0728 3464 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:10:07.0731 3464 cmdide - ok
09:10:07.0771 3464 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:10:07.0782 3464 CNG - ok
09:10:07.0789 3464 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:10:07.0791 3464 Compbatt - ok
09:10:07.0820 3464 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:10:07.0822 3464 CompositeBus - ok
09:10:07.0829 3464 COMSysApp - ok
09:10:07.0853 3464 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:10:07.0856 3464 crcdisk - ok
09:10:07.0886 3464 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:10:07.0891 3464 CryptSvc - ok
09:10:07.0937 3464 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
09:10:07.0949 3464 CSC - ok
09:10:07.0995 3464 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
09:10:08.0011 3464 CscService - ok
09:10:08.0115 3464 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:10:08.0128 3464 cvhsvc - ok
09:10:08.0237 3464 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:10:08.0254 3464 DcomLaunch - ok
09:10:08.0291 3464 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:10:08.0299 3464 defragsvc - ok
09:10:08.0338 3464 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:10:08.0342 3464 DfsC - ok
09:10:08.0379 3464 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:10:08.0388 3464 Dhcp - ok
09:10:08.0415 3464 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:10:08.0418 3464 discache - ok
09:10:08.0433 3464 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:10:08.0437 3464 Disk - ok
09:10:08.0468 3464 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:10:08.0475 3464 Dnscache - ok
09:10:08.0505 3464 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:10:08.0513 3464 dot3svc - ok
09:10:08.0547 3464 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:10:08.0553 3464 DPS - ok
09:10:08.0581 3464 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:10:08.0583 3464 drmkaud - ok
09:10:08.0654 3464 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:10:08.0668 3464 DXGKrnl - ok
09:10:08.0712 3464 D_Link_DWA-525 (f195fbc375342bd25c936982245a8fb0) C:\Program Files (x86)\D-Link\DWA-525 revA\ANIWZCSdS.exe
09:10:08.0714 3464 D_Link_DWA-525 - ok
09:10:08.0743 3464 D_Link_DWA-525_WPS (4db0907d750e0810309f8d8fa36625a6) C:\Program Files (x86)\D-Link\DWA-525 revA\ANIWConnService.exe
09:10:08.0745 3464 D_Link_DWA-525_WPS - ok
09:10:08.0780 3464 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:10:08.0785 3464 EapHost - ok
09:10:08.0940 3464 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:10:08.0980 3464 ebdrv - ok
09:10:09.0071 3464 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:10:09.0078 3464 EFS - ok
09:10:09.0152 3464 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:10:09.0167 3464 ehRecvr - ok
09:10:09.0191 3464 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:10:09.0194 3464 ehSched - ok
09:10:09.0247 3464 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:10:09.0259 3464 elxstor - ok
09:10:09.0279 3464 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:10:09.0280 3464 ErrDev - ok
09:10:09.0355 3464 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:10:09.0366 3464 EventSystem - ok
09:10:09.0392 3464 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:10:09.0395 3464 exfat - ok
09:10:09.0411 3464 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:10:09.0414 3464 fastfat - ok
09:10:09.0460 3464 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:10:09.0470 3464 Fax - ok
09:10:09.0487 3464 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:10:09.0489 3464 fdc - ok
09:10:09.0506 3464 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:10:09.0509 3464 fdPHost - ok
09:10:09.0524 3464 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:10:09.0527 3464 FDResPub - ok
09:10:09.0548 3464 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:10:09.0550 3464 FileInfo - ok
09:10:09.0566 3464 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:10:09.0567 3464 Filetrace - ok
09:10:09.0588 3464 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:10:09.0590 3464 flpydisk - ok
09:10:09.0617 3464 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:10:09.0624 3464 FltMgr - ok
09:10:09.0699 3464 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:10:09.0718 3464 FontCache - ok
09:10:09.0772 3464 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:10:09.0776 3464 FontCache3.0.0.0 - ok
09:10:09.0826 3464 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:10:09.0829 3464 FsDepends - ok
09:10:09.0854 3464 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:10:09.0856 3464 Fs_Rec - ok
09:10:09.0885 3464 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:10:09.0891 3464 fvevol - ok
09:10:09.0912 3464 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:10:09.0916 3464 gagp30kx - ok
09:10:09.0966 3464 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:10:09.0982 3464 gpsvc - ok
09:10:10.0063 3464 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:10:10.0067 3464 gupdate - ok
09:10:10.0087 3464 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:10:10.0090 3464 gupdatem - ok
09:10:10.0107 3464 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:10:10.0111 3464 hcw85cir - ok
09:10:10.0149 3464 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
09:10:10.0157 3464 HdAudAddService - ok
09:10:10.0190 3464 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:10:10.0193 3464 HDAudBus - ok
09:10:10.0211 3464 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
09:10:10.0214 3464 HidBatt - ok
09:10:10.0237 3464 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
09:10:10.0241 3464 HidBth - ok
09:10:10.0263 3464 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
09:10:10.0266 3464 HidIr - ok
09:10:10.0293 3464 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:10:10.0298 3464 hidserv - ok
09:10:10.0312 3464 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
09:10:10.0315 3464 HidUsb - ok
09:10:10.0346 3464 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:10:10.0353 3464 hkmsvc - ok
09:10:10.0378 3464 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:10:10.0387 3464 HomeGroupListener - ok
09:10:10.0414 3464 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:10:10.0425 3464 HomeGroupProvider - ok
09:10:10.0458 3464 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:10:10.0462 3464 HpSAMD - ok
09:10:10.0519 3464 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:10:10.0536 3464 HTTP - ok
09:10:10.0551 3464 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:10:10.0553 3464 hwpolicy - ok
09:10:10.0576 3464 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
09:10:10.0579 3464 i8042prt - ok
09:10:10.0620 3464 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:10:10.0630 3464 iaStorV - ok
09:10:10.0733 3464 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:10:10.0752 3464 idsvc - ok
09:10:10.0779 3464 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
09:10:10.0781 3464 iirsp - ok
09:10:10.0839 3464 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:10:10.0855 3464 IKEEXT - ok
09:10:10.0878 3464 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:10:10.0880 3464 intelide - ok
09:10:10.0897 3464 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:10:10.0899 3464 intelppm - ok
09:10:10.0918 3464 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:10:10.0922 3464 IPBusEnum - ok
09:10:10.0945 3464 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:10:10.0947 3464 IpFilterDriver - ok
09:10:10.0985 3464 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
09:10:10.0994 3464 iphlpsvc - ok
09:10:11.0024 3464 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:10:11.0027 3464 IPMIDRV - ok
09:10:11.0060 3464 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:10:11.0064 3464 IPNAT - ok
09:10:11.0079 3464 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:10:11.0082 3464 IRENUM - ok
09:10:11.0097 3464 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:10:11.0099 3464 isapnp - ok
09:10:11.0120 3464 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:10:11.0127 3464 iScsiPrt - ok
09:10:11.0146 3464 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
09:10:11.0149 3464 kbdclass - ok
09:10:11.0155 3464 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:10:11.0158 3464 kbdhid - ok
09:10:11.0188 3464 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:10:11.0193 3464 KeyIso - ok
09:10:11.0206 3464 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:10:11.0210 3464 KSecDD - ok
09:10:11.0227 3464 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:10:11.0232 3464 KSecPkg - ok
09:10:11.0258 3464 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:10:11.0261 3464 ksthunk - ok
09:10:11.0308 3464 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:10:11.0322 3464 KtmRm - ok
09:10:11.0371 3464 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:10:11.0384 3464 LanmanServer - ok
09:10:11.0404 3464 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:10:11.0424 3464 LanmanWorkstation - ok
09:10:11.0443 3464 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:10:11.0447 3464 lltdio - ok
09:10:11.0471 3464 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:10:11.0483 3464 lltdsvc - ok
09:10:11.0501 3464 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:10:11.0507 3464 lmhosts - ok
09:10:11.0537 3464 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:10:11.0541 3464 LSI_FC - ok
09:10:11.0554 3464 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:10:11.0558 3464 LSI_SAS - ok
09:10:11.0573 3464 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:10:11.0576 3464 LSI_SAS2 - ok
09:10:11.0598 3464 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:10:11.0602 3464 LSI_SCSI - ok
09:10:11.0634 3464 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:10:11.0638 3464 luafv - ok
09:10:11.0665 3464 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
09:10:11.0667 3464 MBAMProtector - ok
09:10:11.0733 3464 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:10:11.0743 3464 MBAMService - ok
09:10:11.0768 3464 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:10:11.0773 3464 Mcx2Svc - ok
09:10:11.0786 3464 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
09:10:11.0787 3464 megasas - ok
09:10:11.0825 3464 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
09:10:11.0832 3464 MegaSR - ok
09:10:11.0859 3464 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:10:11.0866 3464 MMCSS - ok
09:10:11.0884 3464 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:10:11.0886 3464 Modem - ok
09:10:11.0904 3464 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:10:11.0906 3464 monitor - ok
09:10:11.0926 3464 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
09:10:11.0929 3464 mouclass - ok
09:10:11.0945 3464 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:10:11.0948 3464 mouhid - ok
09:10:11.0966 3464 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:10:11.0970 3464 mountmgr - ok
09:10:12.0025 3464 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:10:12.0029 3464 MozillaMaintenance - ok
09:10:12.0049 3464 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:10:12.0054 3464 mpio - ok
09:10:12.0077 3464 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:10:12.0081 3464 mpsdrv - ok
09:10:12.0129 3464 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
09:10:12.0143 3464 MpsSvc - ok
09:10:12.0175 3464 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:10:12.0178 3464 MRxDAV - ok
09:10:12.0214 3464 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:10:12.0218 3464 mrxsmb - ok
09:10:12.0255 3464 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:10:12.0262 3464 mrxsmb10 - ok
09:10:12.0279 3464 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:10:12.0283 3464 mrxsmb20 - ok
09:10:12.0321 3464 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:10:12.0324 3464 msahci - ok
09:10:12.0348 3464 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:10:12.0352 3464 msdsm - ok
09:10:12.0381 3464 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:10:12.0390 3464 MSDTC - ok
09:10:12.0437 3464 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:10:12.0440 3464 Msfs - ok
09:10:12.0456 3464 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:10:12.0459 3464 mshidkmdf - ok
09:10:12.0474 3464 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:10:12.0477 3464 msisadrv - ok
09:10:12.0505 3464 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:10:12.0513 3464 MSiSCSI - ok
09:10:12.0519 3464 msiserver - ok
09:10:12.0529 3464 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:10:12.0531 3464 MSKSSRV - ok
09:10:12.0543 3464 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:10:12.0544 3464 MSPCLOCK - ok
09:10:12.0556 3464 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:10:12.0558 3464 MSPQM - ok
09:10:12.0593 3464 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:10:12.0602 3464 MsRPC - ok
09:10:12.0627 3464 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:10:12.0629 3464 mssmbios - ok
09:10:12.0655 3464 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:10:12.0658 3464 MSTEE - ok
09:10:12.0670 3464 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
09:10:12.0673 3464 MTConfig - ok
09:10:12.0690 3464 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:10:12.0694 3464 Mup - ok
09:10:12.0723 3464 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:10:12.0739 3464 napagent - ok
09:10:12.0764 3464 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:10:12.0769 3464 NativeWifiP - ok
09:10:12.0836 3464 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:10:12.0856 3464 NDIS - ok
09:10:12.0872 3464 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:10:12.0874 3464 NdisCap - ok
09:10:12.0894 3464 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:10:12.0896 3464 NdisTapi - ok
09:10:12.0933 3464 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:10:12.0936 3464 Ndisuio - ok
09:10:12.0960 3464 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:10:12.0966 3464 NdisWan - ok
09:10:12.0991 3464 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:10:12.0995 3464 NDProxy - ok
09:10:13.0016 3464 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:10:13.0020 3464 NetBIOS - ok
09:10:13.0060 3464 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:10:13.0068 3464 NetBT - ok
09:10:13.0096 3464 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:10:13.0102 3464 Netlogon - ok
09:10:13.0184 3464 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:10:13.0198 3464 Netman - ok
09:10:13.0239 3464 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:10:13.0254 3464 netprofm - ok
09:10:13.0310 3464 netr28x (620c2306bab5c79ce4b440121ac5c688) C:\Windows\system32\DRIVERS\Dnetr28x.sys
09:10:13.0330 3464 netr28x - ok
09:10:13.0397 3464 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:10:13.0401 3464 NetTcpPortSharing - ok
09:10:13.0430 3464 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
09:10:13.0433 3464 nfrd960 - ok
09:10:13.0471 3464 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:10:13.0483 3464 NlaSvc - ok
09:10:13.0494 3464 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:10:13.0496 3464 Npfs - ok
09:10:13.0516 3464 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:10:13.0520 3464 nsi - ok
09:10:13.0529 3464 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:10:13.0531 3464 nsiproxy - ok
09:10:13.0600 3464 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:10:13.0623 3464 Ntfs - ok
09:10:13.0705 3464 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:10:13.0708 3464 Null - ok
09:10:14.0166 3464 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:10:14.0433 3464 nvlddmkm - ok
09:10:14.0535 3464 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:10:14.0539 3464 nvraid - ok
09:10:14.0561 3464 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:10:14.0565 3464 nvstor - ok
09:10:14.0594 3464 nvsvc (43bc8151893ae6afe42e149d663c2221) C:\Windows\system32\nvvsvc.exe
09:10:14.0604 3464 nvsvc - ok
09:10:14.0622 3464 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:10:14.0627 3464 nv_agp - ok
09:10:14.0639 3464 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:10:14.0643 3464 ohci1394 - ok
09:10:14.0706 3464 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:10:14.0711 3464 ose - ok
09:10:14.0918 3464 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:10:14.0955 3464 osppsvc - ok
09:10:15.0054 3464 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:10:15.0067 3464 p2pimsvc - ok
09:10:15.0094 3464 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:10:15.0103 3464 p2psvc - ok
09:10:15.0134 3464 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
09:10:15.0137 3464 Parport - ok
09:10:15.0167 3464 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
09:10:15.0171 3464 partmgr - ok
09:10:15.0201 3464 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:10:15.0211 3464 PcaSvc - ok
09:10:15.0263 3464 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:10:15.0268 3464 pci - ok
09:10:15.0282 3464 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:10:15.0285 3464 pciide - ok
09:10:15.0309 3464 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
09:10:15.0313 3464 pcmcia - ok
09:10:15.0336 3464 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:10:15.0338 3464 pcw - ok
09:10:15.0388 3464 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:10:15.0414 3464 PEAUTH - ok
09:10:15.0516 3464 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
09:10:15.0541 3464 PeerDistSvc - ok
09:10:15.0591 3464 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:10:15.0598 3464 PerfHost - ok
09:10:15.0731 3464 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:10:15.0756 3464 pla - ok
09:10:15.0791 3464 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:10:15.0801 3464 PlugPlay - ok
09:10:15.0829 3464 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:10:15.0837 3464 PNRPAutoReg - ok
09:10:15.0871 3464 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:10:15.0882 3464 PNRPsvc - ok
09:10:15.0910 3464 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:10:15.0919 3464 PolicyAgent - ok
09:10:15.0956 3464 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:10:15.0968 3464 Power - ok
09:10:16.0007 3464 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:10:16.0010 3464 PptpMiniport - ok
09:10:16.0039 3464 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
09:10:16.0043 3464 Processor - ok
09:10:16.0077 3464 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
09:10:16.0089 3464 ProfSvc - ok
09:10:16.0113 3464 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:10:16.0116 3464 ProtectedStorage - ok
09:10:16.0151 3464 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:10:16.0154 3464 Psched - ok
09:10:16.0218 3464 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
09:10:16.0238 3464 ql2300 - ok
09:10:16.0336 3464 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
09:10:16.0340 3464 ql40xx - ok
09:10:16.0381 3464 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:10:16.0393 3464 QWAVE - ok
09:10:16.0405 3464 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:10:16.0407 3464 QWAVEdrv - ok
09:10:16.0425 3464 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:10:16.0427 3464 RasAcd - ok
09:10:16.0446 3464 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:10:16.0448 3464 RasAgileVpn - ok
09:10:16.0467 3464 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:10:16.0473 3464 RasAuto - ok
09:10:16.0492 3464 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:10:16.0496 3464 Rasl2tp - ok
09:10:16.0528 3464 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:10:16.0537 3464 RasMan - ok
09:10:16.0566 3464 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:10:16.0568 3464 RasPppoe - ok
09:10:16.0582 3464 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:10:16.0585 3464 RasSstp - ok
09:10:16.0616 3464 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:10:16.0620 3464 rdbss - ok
09:10:16.0633 3464 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:10:16.0635 3464 rdpbus - ok
09:10:16.0654 3464 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:10:16.0656 3464 RDPCDD - ok
09:10:16.0695 3464 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
09:10:16.0699 3464 RDPDR - ok
09:10:16.0716 3464 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:10:16.0719 3464 RDPENCDD - ok
09:10:16.0733 3464 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:10:16.0735 3464 RDPREFMP - ok
09:10:16.0774 3464 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
09:10:16.0777 3464 RdpVideoMiniport - ok
09:10:16.0808 3464 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:10:16.0814 3464 RDPWD - ok
09:10:16.0852 3464 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:10:16.0858 3464 rdyboost - ok
09:10:16.0890 3464 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:10:16.0898 3464 RemoteAccess - ok
09:10:16.0932 3464 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:10:16.0943 3464 RemoteRegistry - ok
09:10:16.0962 3464 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:10:16.0971 3464 RpcEptMapper - ok
09:10:16.0989 3464 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:10:16.0995 3464 RpcLocator - ok
09:10:17.0038 3464 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:10:17.0053 3464 RpcSs - ok
09:10:17.0081 3464 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:10:17.0084 3464 rspndr - ok
09:10:17.0105 3464 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
09:10:17.0109 3464 RTL8167 - ok
09:10:17.0131 3464 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
09:10:17.0134 3464 s3cap - ok
09:10:17.0163 3464 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:10:17.0169 3464 SamSs - ok
09:10:17.0203 3464 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:10:17.0207 3464 sbp2port - ok
09:10:17.0244 3464 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:10:17.0256 3464 SCardSvr - ok
09:10:17.0278 3464 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:10:17.0280 3464 scfilter - ok
09:10:17.0378 3464 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:10:17.0401 3464 Schedule - ok
09:10:17.0431 3464 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:10:17.0433 3464 SCPolicySvc - ok
09:10:17.0455 3464 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:10:17.0462 3464 SDRSVC - ok
09:10:17.0512 3464 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:10:17.0515 3464 secdrv - ok
09:10:17.0538 3464 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:10:17.0547 3464 seclogon - ok
09:10:17.0570 3464 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:10:17.0580 3464 SENS - ok
09:10:17.0595 3464 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:10:17.0602 3464 SensrSvc - ok
09:10:17.0620 3464 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
09:10:17.0622 3464 Serenum - ok
09:10:17.0641 3464 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
09:10:17.0643 3464 Serial - ok
09:10:17.0672 3464 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
09:10:17.0674 3464 sermouse - ok
09:10:17.0720 3464 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:10:17.0730 3464 SessionEnv - ok
09:10:17.0746 3464 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:10:17.0749 3464 sffdisk - ok
09:10:17.0764 3464 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:10:17.0766 3464 sffp_mmc - ok
09:10:17.0773 3464 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:10:17.0774 3464 sffp_sd - ok
09:10:17.0802 3464 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
09:10:17.0804 3464 sfloppy - ok
09:10:17.0853 3464 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
09:10:17.0870 3464 Sftfs - ok
09:10:17.0958 3464 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:10:17.0968 3464 sftlist - ok
09:10:18.0002 3464 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:10:18.0009 3464 Sftplay - ok
09:10:18.0021 3464 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:10:18.0024 3464 Sftredir - ok
09:10:18.0052 3464 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
09:10:18.0055 3464 Sftvol - ok
09:10:18.0088 3464 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:10:18.0093 3464 sftvsa - ok
09:10:18.0135 3464 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:10:18.0146 3464 SharedAccess - ok
09:10:18.0187 3464 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:10:18.0202 3464 ShellHWDetection - ok
09:10:18.0232 3464 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:10:18.0235 3464 SiSRaid2 - ok
09:10:18.0251 3464 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
09:10:18.0254 3464 SiSRaid4 - ok
09:10:18.0271 3464 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:10:18.0275 3464 Smb - ok
09:10:18.0312 3464 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:10:18.0320 3464 SNMPTRAP - ok
09:10:18.0332 3464 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:10:18.0335 3464 spldr - ok
09:10:18.0360 3464 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:10:18.0371 3464 Spooler - ok
09:10:18.0501 3464 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:10:18.0547 3464 sppsvc - ok
09:10:18.0630 3464 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:10:18.0641 3464 sppuinotify - ok
09:10:18.0710 3464 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:10:18.0720 3464 srv - ok
09:10:18.0749 3464 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:10:18.0759 3464 srv2 - ok
09:10:18.0776 3464 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:10:18.0779 3464 srvnet - ok
09:10:18.0809 3464 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:10:18.0816 3464 SSDPSRV - ok
09:10:18.0828 3464 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:10:18.0833 3464 SstpSvc - ok
09:10:18.0853 3464 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
09:10:18.0855 3464 stexstor - ok
09:10:18.0898 3464 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:10:18.0918 3464 stisvc - ok
09:10:18.0940 3464 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
09:10:18.0943 3464 storflt - ok
09:10:18.0962 3464 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
09:10:18.0964 3464 storvsc - ok
09:10:18.0980 3464 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:10:18.0983 3464 swenum - ok
09:10:19.0077 3464 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:10:19.0089 3464 SwitchBoard - ok
09:10:19.0130 3464 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:10:19.0141 3464 swprv - ok
09:10:19.0158 3464 Synth3dVsc - ok
09:10:19.0232 3464 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:10:19.0259 3464 SysMain - ok
09:10:19.0339 3464 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:10:19.0350 3464 TabletInputService - ok
09:10:19.0386 3464 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:10:19.0401 3464 TapiSrv - ok
09:10:19.0448 3464 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:10:19.0460 3464 TBS - ok
09:10:19.0591 3464 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
09:10:19.0620 3464 Tcpip - ok
09:10:19.0751 3464 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
09:10:19.0766 3464 TCPIP6 - ok
09:10:19.0825 3464 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:10:19.0828 3464 tcpipreg - ok
09:10:19.0856 3464 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:10:19.0859 3464 TDPIPE - ok
09:10:19.0886 3464 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:10:19.0889 3464 TDTCP - ok
09:10:19.0932 3464 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:10:19.0937 3464 tdx - ok
09:10:19.0958 3464 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:10:19.0962 3464 TermDD - ok
09:10:20.0007 3464 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:10:20.0029 3464 TermService - ok
09:10:20.0058 3464 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:10:20.0068 3464 Themes - ok
09:10:20.0087 3464 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:10:20.0093 3464 THREADORDER - ok
09:10:20.0113 3464 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:10:20.0122 3464 TrkWks - ok
09:10:20.0169 3464 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:10:20.0173 3464 TrustedInstaller - ok
09:10:20.0205 3464 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:10:20.0208 3464 tssecsrv - ok
09:10:20.0233 3464 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:10:20.0236 3464 TsUsbFlt - ok
09:10:20.0251 3464 tsusbhub - ok
09:10:20.0287 3464 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:10:20.0292 3464 tunnel - ok
09:10:20.0318 3464 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
09:10:20.0322 3464 uagp35 - ok
09:10:20.0365 3464 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:10:20.0373 3464 udfs - ok
09:10:20.0417 3464 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:10:20.0427 3464 UI0Detect - ok
09:10:20.0454 3464 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:10:20.0458 3464 uliagpkx - ok
09:10:20.0488 3464 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
09:10:20.0492 3464 umbus - ok
09:10:20.0508 3464 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
09:10:20.0510 3464 UmPass - ok
09:10:20.0541 3464 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
09:10:20.0554 3464 UmRdpService - ok
09:10:20.0579 3464 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:10:20.0589 3464 upnphost - ok
09:10:20.0608 3464 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:10:20.0611 3464 usbccgp - ok
09:10:20.0630 3464 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:10:20.0633 3464 usbcir - ok
09:10:20.0654 3464 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
09:10:20.0656 3464 usbehci - ok
09:10:20.0681 3464 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:10:20.0687 3464 usbhub - ok
09:10:20.0713 3464 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
09:10:20.0716 3464 usbohci - ok
09:10:20.0739 3464 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:10:20.0740 3464 usbprint - ok
09:10:20.0758 3464 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:10:20.0761 3464 USBSTOR - ok
09:10:20.0779 3464 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:10:20.0781 3464 usbuhci - ok
09:10:20.0805 3464 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:10:20.0810 3464 UxSms - ok
09:10:20.0837 3464 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:10:20.0841 3464 VaultSvc - ok
09:10:20.0847 3464 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:10:20.0849 3464 vdrvroot - ok
09:10:20.0894 3464 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:10:20.0905 3464 vds - ok
09:10:20.0912 3464 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:10:20.0914 3464 vga - ok
09:10:20.0932 3464 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:10:20.0934 3464 VgaSave - ok
09:10:20.0939 3464 VGPU - ok
09:10:20.0976 3464 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:10:20.0980 3464 vhdmp - ok
09:10:20.0995 3464 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:10:20.0996 3464 viaide - ok
09:10:21.0018 3464 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
09:10:21.0021 3464 vmbus - ok
09:10:21.0026 3464 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
09:10:21.0028 3464 VMBusHID - ok
09:10:21.0039 3464 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:10:21.0041 3464 volmgr - ok
09:10:21.0072 3464 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:10:21.0077 3464 volmgrx - ok
09:10:21.0098 3464 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:10:21.0103 3464 volsnap - ok
09:10:21.0130 3464 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
09:10:21.0133 3464 vsmraid - ok
09:10:21.0289 3464 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:10:21.0314 3464 VSS - ok
09:10:21.0437 3464 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:10:21.0440 3464 vwifibus - ok
09:10:21.0453 3464 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:10:21.0457 3464 vwififlt - ok
09:10:21.0493 3464 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:10:21.0502 3464 W32Time - ok
09:10:21.0522 3464 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
09:10:21.0524 3464 WacomPen - ok
09:10:21.0542 3464 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:10:21.0545 3464 WANARP - ok
09:10:21.0549 3464 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:10:21.0551 3464 Wanarpv6 - ok
09:10:21.0630 3464 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:10:21.0653 3464 WatAdminSvc - ok
09:10:21.0720 3464 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:10:21.0744 3464 wbengine - ok
09:10:21.0835 3464 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:10:21.0849 3464 WbioSrvc - ok
09:10:21.0889 3464 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:10:21.0906 3464 wcncsvc - ok
09:10:21.0926 3464 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:10:21.0932 3464 WcsPlugInService - ok
09:10:21.0968 3464 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
09:10:21.0970 3464 Wd - ok
09:10:22.0013 3464 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:10:22.0027 3464 Wdf01000 - ok
09:10:22.0043 3464 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:10:22.0050 3464 WdiServiceHost - ok
09:10:22.0057 3464 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:10:22.0062 3464 WdiSystemHost - ok
09:10:22.0094 3464 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:10:22.0102 3464 WebClient - ok
09:10:22.0130 3464 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:10:22.0139 3464 Wecsvc - ok
09:10:22.0156 3464 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:10:22.0163 3464 wercplsupport - ok
09:10:22.0176 3464 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:10:22.0182 3464 WerSvc - ok
09:10:22.0218 3464 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:10:22.0221 3464 WfpLwf - ok
09:10:22.0240 3464 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:10:22.0243 3464 WIMMount - ok
09:10:22.0268 3464 WinDefend - ok
09:10:22.0279 3464 WinHttpAutoProxySvc - ok
09:10:22.0337 3464 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:10:22.0343 3464 Winmgmt - ok
09:10:22.0459 3464 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:10:22.0490 3464 WinRM - ok
09:10:22.0609 3464 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
09:10:22.0612 3464 WinUsb - ok
09:10:22.0670 3464 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:10:22.0697 3464 Wlansvc - ok
09:10:22.0711 3464 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:10:22.0712 3464 WmiAcpi - ok
09:10:22.0764 3464 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:10:22.0770 3464 wmiApSrv - ok
09:10:22.0812 3464 WMPNetworkSvc - ok
09:10:22.0835 3464 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:10:22.0846 3464 WPCSvc - ok
09:10:22.0876 3464 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:10:22.0883 3464 WPDBusEnum - ok
09:10:22.0913 3464 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:10:22.0915 3464 ws2ifsl - ok
09:10:22.0941 3464 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
09:10:22.0953 3464 wscsvc - ok
09:10:22.0961 3464 WSearch - ok
09:10:23.0063 3464 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
09:10:23.0120 3464 wuauserv - ok
09:10:23.0206 3464 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:10:23.0209 3464 WudfPf - ok
09:10:23.0244 3464 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:10:23.0249 3464 WUDFRd - ok
09:10:23.0410 3464 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:10:23.0421 3464 wudfsvc - ok
09:10:23.0604 3464 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:10:23.0618 3464 WwanSvc - ok
09:10:23.0655 3464 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:10:23.0815 3464 \Device\Harddisk0\DR0 - ok
09:10:23.0826 3464 Boot (0x1200) (1b4f5a279a9b1037b8c275b2a0a24bbb) \Device\Harddisk0\DR0\Partition0
09:10:23.0827 3464 \Device\Harddisk0\DR0\Partition0 - ok
09:10:23.0844 3464 Boot (0x1200) (af2d5182fba02b941acac7d4c06205e7) \Device\Harddisk0\DR0\Partition1
09:10:23.0846 3464 \Device\Harddisk0\DR0\Partition1 - ok
09:10:23.0846 3464 ============================================================
09:10:23.0846 3464 Scan finished
09:10:23.0847 3464 ============================================================
09:10:23.0862 2128 Detected object count: 0
09:10:23.0862 2128 Actual detected object count: 0





GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-10 09:48:55
Windows 6.1.7601 Service Pack 1
Running: koj0l8yz.exe


---- Files - GMER 1.0.15 ----

File C:\avast! sandbox 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\C 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\C\Users 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\C\Users\kelly 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\C\Users\kelly\AppData 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\C\Users\kelly\AppData\Local 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\C\Users\kelly\AppData\Local\Temp 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\C\Users\kelly\AppData\Local\Temp\rks1.log 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\C\Windows 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\C\Windows\Prefetch 0 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\C\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf 11126 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\C\Windows\Prefetch\IEXPLORE.EXE-9DFE724F.pf 16870 bytes
File C:\avast! sandbox\S-1-5-21-578744241-618382231-596953195-1000\webStorage\snx_fs.dat 1206 bytes
File C:\avast! sandbox\snx_rhive 262144 bytes
File C:\avast! sandbox\snx_rhive.LOG1 13312 bytes
File C:\avast! sandbox\snx_rhive.LOG2 0 bytes
File C:\avast! sandbox\snx_rhive{310a1963-80b3-11e1-a393-6c626debb1f6}.TM.blf 65536 bytes
File C:\avast! sandbox\snx_rhive{310a1963-80b3-11e1-a393-6c626debb1f6}.TMContainer00000000000000000001.regtrans-ms 524288 bytes
File C:\avast! sandbox\snx_rhive{310a1963-80b3-11e1-a393-6c626debb1f6}.TMContainer00000000000000000002.regtrans-ms 524288 bytes
File C:\Windows\assembly\NativeImages_v4.0.30319_64\index224.dat 0 bytes
File C:\Windows\assembly\NativeImages_v4.0.30319_64\index225.dat 0 bytes

---- EOF - GMER 1.0.15 ----






aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-10 09:50:31
-----------------------------
09:50:31.035 OS Version: Windows x64 6.1.7601 Service Pack 1
09:50:31.035 Number of processors: 4 586 0x203
09:50:31.036 ComputerName: KELLI-PC UserName: kelly
09:50:32.356 Initialize success
09:50:33.348 AVAST engine defs: 12051000
09:51:37.708 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000063
09:51:37.713 Disk 0 Vendor: Hitachi_ GM4O Size: 476940MB BusType: 3
09:51:37.729 Disk 0 MBR read successfully
09:51:37.735 Disk 0 MBR scan
09:51:37.743 Disk 0 Windows 7 default MBR code
09:51:37.755 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:51:37.768 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
09:51:37.782 Disk 0 scanning C:\Windows\system32\drivers
09:51:50.290 Service scanning
09:52:08.036 Modules scanning
09:52:08.053 Disk 0 trace - called modules:
09:52:08.077 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor.sys
09:52:08.082 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002836060]
09:52:08.429 3 CLASSPNP.SYS[fffff8800161743f] -> nt!IofCallDriver -> [0xfffffa80024e5d30]
09:52:08.442 5 ACPI.sys[fffff88000f3a7a1] -> nt!IofCallDriver -> \Device\00000063[0xfffffa80024e18f0]
09:52:09.498 AVAST engine scan C:\Windows
09:52:11.849 AVAST engine scan C:\Windows\system32
09:54:38.200 AVAST engine scan C:\Windows\system32\drivers
09:54:46.462 AVAST engine scan C:\Users\kelly
09:56:26.366 Disk 0 MBR has been saved successfully to "C:\Users\kelly\Desktop\MBR.dat"
09:56:26.383 The log file has been saved successfully to "C:\Users\kelly\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:19 AM

Posted 10 May 2012 - 12:37 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 BettiFelon

BettiFelon
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Escondido CA
  • Local time:07:19 AM

Posted 10 May 2012 - 07:41 PM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
kelly :: KELLI-PC [administrator]

Protection: Enabled

5/10/2012 10:52:39 AM
mbam-log-2012-05-10 (10-52-39).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 348226
Time elapsed: 59 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Well my three year old stopped the scan for ESET, it said I had four threats, a couple were Java updaters and a couple were false windows updates. But I don't know how to find the file after my son messed with it, but it did say that the threats were removed. I've rescanned it with the eset and it came up with nothing.




MiniToolBox by Farbar Version: 18-01-2012
Ran by kelly (administrator) on 10-05-2012 at 17:39:08
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

D-Link DWA-525 Wireless N 150 Desktop Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Kelli-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : D-Link DWA-525 Wireless N 150 Desktop Adapter
Physical Address. . . . . . . . . : 14-D6-4D-50-24-46
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e4ec:9ec7:b266:666e%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, May 10, 2012 3:12:06 PM
Lease Expires . . . . . . . . . . : Thursday, May 10, 2012 6:12:12 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 320132685
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-E3-83-47-6C-62-6D-EB-B1-F6
DNS Servers . . . . . . . . . . . : 68.105.28.12
68.105.29.12
68.105.28.11
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 6C-62-6D-EB-B1-F6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B2B22CF1-1316-4CBA-98DE-F6E3B7F01312}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{74F4D8CF-6074-49DC-BB09-7A69C2EDBF79}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c0c:3743:bb90:1d57(Preferred)
Link-local IPv6 Address . . . . . : fe80::c0c:3743:bb90:1d57%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns2.cox.net
Address: 68.105.28.12

Name: google.com
Addresses: 74.125.224.165
74.125.224.166
74.125.224.167
74.125.224.168
74.125.224.169
74.125.224.174
74.125.224.160
74.125.224.161
74.125.224.162
74.125.224.163
74.125.224.164


Pinging google.com [74.125.224.231] with 32 bytes of data:
Reply from 74.125.224.231: bytes=32 time=39ms TTL=57
Reply from 74.125.224.231: bytes=32 time=51ms TTL=57

Ping statistics for 74.125.224.231:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 51ms, Average = 45ms
Server: cdns2.cox.net
Address: 68.105.28.12

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=58ms TTL=56
Reply from 209.191.122.70: bytes=32 time=58ms TTL=56

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 58ms, Maximum = 58ms, Average = 58ms
Server: cdns2.cox.net
Address: 68.105.28.12

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=8ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 8ms, Average = 6ms
===========================================================================
Interface List
11...14 d6 4d 50 24 46 ......D-Link DWA-525 Wireless N 150 Desktop Adapter
10...6c 62 6d eb b1 f6 ......Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.2 281
192.168.0.2 255.255.255.255 On-link 192.168.0.2 281
192.168.0.255 255.255.255.255 On-link 192.168.0.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:c0c:3743:bb90:1d57/128
On-link
11 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::c0c:3743:bb90:1d57/128
On-link
11 281 fe80::e4ec:9ec7:b266:666e/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/10/2012 04:18:57 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.60.0.80 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12a8

Start Time: 01cd2ed596f0af00

Termination Time: 388

Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Report Id: 775d48a1-9af6-11e1-9a92-6c626debb1f6

Error: (05/10/2012 04:01:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/10/2012 04:01:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/10/2012 04:01:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/10/2012 00:16:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/10/2012 00:15:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/10/2012 00:09:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/10/2012 00:09:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/10/2012 11:00:43 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/10/2012 07:13:20 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (05/10/2012 09:46:29 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the nvsvc service.

Error: (05/09/2012 11:29:53 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the nvsvc service.

Error: (05/07/2012 03:34:05 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{B2B22CF1-1316-4CBA-98DE-F6E3B7F01312} because another computer on the network has the same name. The server could not start.

Error: (05/07/2012 10:55:52 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the nvsvc service.

Error: (05/04/2012 06:55:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the nvsvc service.

Error: (04/17/2012 06:04:26 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer JASON-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B2B22CF1-1316-4CBA-98DE-F6E3B7F01312}.
The master browser is stopping or an election is being forced.

Error: (04/17/2012 05:52:23 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer JASON-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B2B22CF1-1316-4CBA-98DE-F6E3B7F01312}.
The master browser is stopping or an election is being forced.

Error: (04/16/2012 02:45:40 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service failed to start due to the following error:
%%1053

Error: (04/16/2012 02:45:40 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.

Error: (04/12/2012 04:13:40 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (05/10/2012 04:18:57 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.60.0.8012a801cd2ed596f0af00388C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe775d48a1-9af6-11e1-9a92-6c626debb1f6

Error: (05/10/2012 04:01:51 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kelly\Desktop\Words1\commissions\esetsmartinstaller_enu.exe

Error: (05/10/2012 04:01:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kelly\Desktop\Words1\commissions\esetsmartinstaller_enu.exe

Error: (05/10/2012 04:01:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kelly\Desktop\Words1\commissions\esetsmartinstaller_enu.exe

Error: (05/10/2012 00:16:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kelly\Desktop\Words1\commissions\esetsmartinstaller_enu.exe

Error: (05/10/2012 00:15:56 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kelly\Desktop\Words1\commissions\esetsmartinstaller_enu.exe

Error: (05/10/2012 00:09:28 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kelly\Desktop\Words1\commissions\esetsmartinstaller_enu.exe

Error: (05/10/2012 00:09:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kelly\Desktop\Words1\commissions\esetsmartinstaller_enu.exe

Error: (05/10/2012 11:00:43 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/10/2012 07:13:20 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

Adobe AIR (Version: 3.1.0.4880)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 7.0.1426.0)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Canon DIGITAL CAMERA Solution Disk Software Guide (Version: 1.1.0.2)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.7.2.11)
Canon Internet Library for ZoomBrowser EX (Version: 1.6.3.9)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.4.0.8)
Canon Personal Printing Guide (Version: 1.1.0.2)
Canon PowerShot A495 and PowerShot A490 Camera User Guide (Version: 1.0.0.2)
Canon Utilities CameraWindow (Version: 7.4.0.7)
Canon Utilities CameraWindow DC 8 (Version: 8.1.0.11)
Canon Utilities Movie Uploader for YouTube (Version: 1.0.0.11)
Canon Utilities MyCamera (Version: 7.3.0.5)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities ZoomBrowser EX (Version: 6.5.0.14)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.3.0.4)
D-Link DWA-525
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ESET Online Scanner v3
GIMP 2.6.11 (Version: 2.6.11)
Google Update Helper (Version: 1.3.21.111)
Haunted Manor: Queen of Death
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 22 (Version: 6.0.220)
JS3DPreSchool (Version: 1.01.0000)
JumpStart 3D Ages 3-5
King's Quest II: Romancing the Stones (3.1c) (Version: 3.1)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Home and Student 2010 - English (Version: 14.0.5139.5005)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Word Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery Case Files: Ravenhearst &reg;
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Drivers (Version: 1.10.62.40)
OpenOffice.org 3.3 (Version: 3.3.9567)
Pando Media Booster (Version: 2.6.0.2)
PDF Settings CS5 (Version: 10.0)
Phoenix Viewer 1.6.0.1691
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.71.80.42)
SecondLifeViewer (remove only)
Serif PagePlus Starter Edition (Version: 2.0.2.009)
Unity Web Player (Version: )
Unity Web Player (Version: 2.1.0f5_16147)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 1791.24 MB
Available physical RAM: 797.28 MB
Total Pagefile: 3582.48 MB
Available Pagefile: 1921.97 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.23 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:424.31 GB) NTFS

========================= Users: ========================================

User accounts for \\KELLI-PC

Administrator Guest kelly


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:19 AM

Posted 10 May 2012 - 07:50 PM

Do you still have redirects?

#7 BettiFelon

BettiFelon
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Escondido CA
  • Local time:07:19 AM

Posted 10 May 2012 - 08:05 PM

not so far! :)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:19 AM

Posted 10 May 2012 - 08:09 PM

:thumbup2:

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 BettiFelon

BettiFelon
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Escondido CA
  • Local time:07:19 AM

Posted 11 May 2012 - 08:40 AM

...............yes it's still redirecting. :( How the heck did I get this virus? I'm usually soooo careful! And this one is sooo slippery! I'll do the above, maybe that will fix it?

#10 BettiFelon

BettiFelon
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Escondido CA
  • Local time:07:19 AM

Posted 11 May 2012 - 08:46 AM

on second thought, I'll wait before I do the above to be sure I should! lol

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:19 AM

Posted 11 May 2012 - 09:00 AM

yes it's still redirecting. :( How the heck did I get this virus? I'm usually soooo careful! And this one is sooo slippery! I'll do the above, maybe that will fix it?

Is that on a specific browser?
Try reinstalling the browser and see if you're still redirected

#12 BettiFelon

BettiFelon
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Escondido CA
  • Local time:07:19 AM

Posted 11 May 2012 - 09:43 AM

I only use firefox. I'll try reinstalling.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:19 AM

Posted 11 May 2012 - 10:11 AM

:thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users