Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected computer


  • Please log in to reply
8 replies to this topic

#1 klassic

klassic

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 27 May 2012 - 07:56 AM

I am trying to clear up infections on a computer for a friend. It was running generally slow and giving lots of error messages. Unfortunately I don't have any of those error messages. I have run malwarebytes, superantispyware, sbybot and avast scans. All have found infections. And I am still finding stuff. I don't feel these scans are going to fully get rid of the problem. I could use some help from the experts to finish cleaning up this computer.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:24 AM

Posted 27 May 2012 - 10:24 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 klassic

klassic
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 27 May 2012 - 11:08 AM

Sorry I forgot to mention it is a 64bit system so I couldn't run GMER.

11:47:08.0775 0828 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
11:47:09.0238 0828 ============================================================
11:47:09.0238 0828 Current date / time: 2012/05/27 11:47:09.0238
11:47:09.0238 0828 SystemInfo:
11:47:09.0238 0828
11:47:09.0238 0828 OS Version: 6.1.7601 ServicePack: 1.0
11:47:09.0238 0828 Product type: Workstation
11:47:09.0239 0828 ComputerName: JENNIFER-PC
11:47:09.0241 0828 UserName: Jennifer
11:47:09.0241 0828 Windows directory: C:\windows
11:47:09.0241 0828 System windows directory: C:\windows
11:47:09.0241 0828 Running under WOW64
11:47:09.0241 0828 Processor architecture: Intel x64
11:47:09.0241 0828 Number of processors: 1
11:47:09.0241 0828 Page size: 0x1000
11:47:09.0241 0828 Boot type: Normal boot
11:47:09.0241 0828 ============================================================
11:47:12.0205 0828 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:47:12.0244 0828 ============================================================
11:47:12.0244 0828 \Device\Harddisk0\DR0:
11:47:12.0244 0828 MBR partitions:
11:47:12.0244 0828 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BCF2800
11:47:12.0244 0828 ============================================================
11:47:12.0294 0828 C: <-> \Device\Harddisk0\DR0\Partition0
11:47:12.0294 0828 ============================================================
11:47:12.0294 0828 Initialize success
11:47:12.0294 0828 ============================================================
11:47:30.0244 5096 ============================================================
11:47:30.0244 5096 Scan started
11:47:30.0244 5096 Mode: Manual; TDLFS;
11:47:30.0244 5096 ============================================================
11:47:31.0732 5096 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
11:47:31.0736 5096 !SASCORE - ok
11:47:32.0378 5096 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
11:47:32.0382 5096 1394ohci - ok
11:47:32.0497 5096 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
11:47:32.0502 5096 ACPI - ok
11:47:32.0633 5096 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
11:47:32.0634 5096 AcpiPmi - ok
11:47:33.0032 5096 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:47:33.0034 5096 AdobeARMservice - ok
11:47:33.0218 5096 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
11:47:33.0238 5096 adp94xx - ok
11:47:33.0323 5096 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
11:47:33.0328 5096 adpahci - ok
11:47:33.0678 5096 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
11:47:33.0681 5096 adpu320 - ok
11:47:33.0762 5096 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
11:47:33.0763 5096 AeLookupSvc - ok
11:47:33.0946 5096 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
11:47:33.0952 5096 AFD - ok
11:47:34.0010 5096 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
11:47:34.0013 5096 agp440 - ok
11:47:34.0094 5096 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
11:47:34.0096 5096 ALG - ok
11:47:34.0138 5096 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
11:47:34.0140 5096 aliide - ok
11:47:34.0185 5096 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
11:47:34.0195 5096 amdide - ok
11:47:34.0276 5096 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
11:47:34.0278 5096 AmdK8 - ok
11:47:34.0287 5096 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
11:47:34.0289 5096 AmdPPM - ok
11:47:34.0355 5096 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
11:47:34.0357 5096 amdsata - ok
11:47:34.0478 5096 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
11:47:34.0481 5096 amdsbs - ok
11:47:34.0605 5096 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
11:47:34.0607 5096 amdxata - ok
11:47:34.0715 5096 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
11:47:34.0718 5096 AppID - ok
11:47:34.0750 5096 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
11:47:34.0752 5096 AppIDSvc - ok
11:47:34.0895 5096 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
11:47:35.0137 5096 Appinfo - ok
11:47:35.0201 5096 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
11:47:35.0204 5096 arc - ok
11:47:35.0214 5096 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
11:47:35.0216 5096 arcsas - ok
11:47:35.0562 5096 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:47:35.0581 5096 aspnet_state - ok
11:47:35.0657 5096 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\windows\system32\drivers\aswFsBlk.sys
11:47:35.0659 5096 aswFsBlk - ok
11:47:35.0731 5096 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\windows\system32\drivers\aswMonFlt.sys
11:47:35.0734 5096 aswMonFlt - ok
11:47:35.0772 5096 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\windows\System32\Drivers\aswrdr2.sys
11:47:35.0774 5096 aswRdr - ok
11:47:35.0913 5096 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\windows\system32\drivers\aswSnx.sys
11:47:35.0923 5096 aswSnx - ok
11:47:35.0986 5096 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\windows\system32\drivers\aswSP.sys
11:47:35.0990 5096 aswSP - ok
11:47:36.0043 5096 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\windows\system32\drivers\aswTdi.sys
11:47:36.0045 5096 aswTdi - ok
11:47:36.0147 5096 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
11:47:36.0148 5096 AsyncMac - ok
11:47:36.0260 5096 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
11:47:36.0262 5096 atapi - ok
11:47:36.0960 5096 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\windows\system32\DRIVERS\athrx.sys
11:47:37.0020 5096 athr - ok
11:47:37.0462 5096 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
11:47:37.0470 5096 AudioEndpointBuilder - ok
11:47:37.0486 5096 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
11:47:37.0492 5096 AudioSrv - ok
11:47:37.0978 5096 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:47:37.0980 5096 avast! Antivirus - ok
11:47:38.0212 5096 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
11:47:38.0215 5096 AxInstSV - ok
11:47:38.0409 5096 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
11:47:38.0416 5096 b06bdrv - ok
11:47:38.0491 5096 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
11:47:38.0495 5096 b57nd60a - ok
11:47:38.0701 5096 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
11:47:38.0703 5096 BDESVC - ok
11:47:38.0746 5096 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
11:47:38.0747 5096 Beep - ok
11:47:38.0883 5096 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
11:47:38.0891 5096 BFE - ok
11:47:38.0992 5096 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
11:47:39.0005 5096 BITS - ok
11:47:39.0082 5096 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
11:47:39.0084 5096 blbdrive - ok
11:47:39.0224 5096 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
11:47:39.0226 5096 bowser - ok
11:47:39.0360 5096 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
11:47:39.0362 5096 BrFiltLo - ok
11:47:39.0376 5096 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
11:47:39.0378 5096 BrFiltUp - ok
11:47:39.0499 5096 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
11:47:39.0632 5096 Browser - ok
11:47:39.0845 5096 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
11:47:39.0849 5096 Brserid - ok
11:47:39.0964 5096 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
11:47:39.0968 5096 BrSerWdm - ok
11:47:39.0984 5096 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
11:47:39.0986 5096 BrUsbMdm - ok
11:47:40.0008 5096 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
11:47:40.0010 5096 BrUsbSer - ok
11:47:40.0046 5096 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
11:47:40.0048 5096 BTHMODEM - ok
11:47:40.0161 5096 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
11:47:40.0164 5096 bthserv - ok
11:47:40.0260 5096 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
11:47:40.0262 5096 cdfs - ok
11:47:40.0314 5096 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
11:47:40.0317 5096 cdrom - ok
11:47:40.0631 5096 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
11:47:40.0633 5096 CertPropSvc - ok
11:47:40.0688 5096 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
11:47:40.0690 5096 circlass - ok
11:47:40.0785 5096 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
11:47:40.0794 5096 CLFS - ok
11:47:40.0950 5096 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:47:40.0952 5096 clr_optimization_v2.0.50727_32 - ok
11:47:41.0076 5096 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:47:41.0079 5096 clr_optimization_v2.0.50727_64 - ok
11:47:41.0285 5096 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:47:41.0305 5096 clr_optimization_v4.0.30319_32 - ok
11:47:41.0548 5096 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:47:41.0670 5096 clr_optimization_v4.0.30319_64 - ok
11:47:41.0722 5096 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
11:47:41.0724 5096 CmBatt - ok
11:47:41.0824 5096 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
11:47:41.0825 5096 cmdide - ok
11:47:41.0994 5096 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
11:47:42.0028 5096 CNG - ok
11:47:42.0198 5096 CnxtHdAudService (7247a4d0875f5f28919e0787e11b7b57) C:\windows\system32\drivers\CHDRT64.sys
11:47:42.0207 5096 CnxtHdAudService - ok
11:47:42.0292 5096 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
11:47:42.0294 5096 Compbatt - ok
11:47:42.0339 5096 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
11:47:42.0341 5096 CompositeBus - ok
11:47:42.0373 5096 COMSysApp - ok
11:47:42.0389 5096 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
11:47:42.0391 5096 crcdisk - ok
11:47:42.0501 5096 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
11:47:42.0505 5096 CryptSvc - ok
11:47:42.0619 5096 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
11:47:42.0629 5096 DcomLaunch - ok
11:47:42.0696 5096 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
11:47:42.0701 5096 defragsvc - ok
11:47:42.0812 5096 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
11:47:42.0814 5096 DfsC - ok
11:47:42.0928 5096 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
11:47:42.0970 5096 Dhcp - ok
11:47:43.0078 5096 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
11:47:43.0080 5096 discache - ok
11:47:43.0095 5096 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
11:47:43.0097 5096 Disk - ok
11:47:43.0179 5096 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
11:47:43.0183 5096 Dnscache - ok
11:47:43.0265 5096 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
11:47:43.0271 5096 dot3svc - ok
11:47:43.0306 5096 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
11:47:43.0310 5096 DPS - ok
11:47:43.0371 5096 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
11:47:43.0372 5096 drmkaud - ok
11:47:43.0492 5096 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
11:47:43.0581 5096 DXGKrnl - ok
11:47:43.0629 5096 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
11:47:43.0632 5096 EapHost - ok
11:47:43.0875 5096 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
11:47:43.0972 5096 ebdrv - ok
11:47:44.0164 5096 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
11:47:44.0167 5096 EFS - ok
11:47:44.0309 5096 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
11:47:44.0322 5096 ehRecvr - ok
11:47:44.0377 5096 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
11:47:44.0380 5096 ehSched - ok
11:47:44.0611 5096 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
11:47:44.0635 5096 elxstor - ok
11:47:44.0691 5096 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
11:47:44.0692 5096 ErrDev - ok
11:47:44.0774 5096 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
11:47:44.0780 5096 EventSystem - ok
11:47:44.0855 5096 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
11:47:44.0859 5096 exfat - ok
11:47:44.0882 5096 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
11:47:44.0887 5096 fastfat - ok
11:47:45.0026 5096 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
11:47:45.0106 5096 Fax - ok
11:47:45.0410 5096 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
11:47:45.0412 5096 fdc - ok
11:47:45.0577 5096 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
11:47:45.0579 5096 fdPHost - ok
11:47:45.0639 5096 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
11:47:45.0642 5096 FDResPub - ok
11:47:45.0687 5096 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
11:47:45.0689 5096 FileInfo - ok
11:47:45.0703 5096 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
11:47:45.0704 5096 Filetrace - ok
11:47:45.0763 5096 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
11:47:45.0766 5096 flpydisk - ok
11:47:45.0914 5096 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
11:47:45.0919 5096 FltMgr - ok
11:47:46.0059 5096 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
11:47:46.0072 5096 FontCache - ok
11:47:46.0178 5096 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:47:46.0180 5096 FontCache3.0.0.0 - ok
11:47:46.0297 5096 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
11:47:46.0299 5096 FsDepends - ok
11:47:46.0358 5096 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
11:47:46.0360 5096 Fs_Rec - ok
11:47:46.0444 5096 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
11:47:46.0448 5096 fvevol - ok
11:47:46.0530 5096 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys
11:47:46.0532 5096 FwLnk - ok
11:47:46.0637 5096 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
11:47:46.0639 5096 gagp30kx - ok
11:47:46.0750 5096 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
11:47:46.0760 5096 gpsvc - ok
11:47:47.0079 5096 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:47.0082 5096 gupdate - ok
11:47:47.0200 5096 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:47.0201 5096 gupdatem - ok
11:47:47.0264 5096 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
11:47:47.0267 5096 hcw85cir - ok
11:47:47.0363 5096 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
11:47:47.0368 5096 HdAudAddService - ok
11:47:47.0417 5096 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
11:47:47.0419 5096 HDAudBus - ok
11:47:47.0556 5096 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
11:47:47.0558 5096 HidBatt - ok
11:47:47.0693 5096 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
11:47:47.0705 5096 HidBth - ok
11:47:47.0731 5096 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
11:47:47.0733 5096 HidIr - ok
11:47:47.0786 5096 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
11:47:47.0789 5096 hidserv - ok
11:47:47.0857 5096 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
11:47:47.0859 5096 HidUsb - ok
11:47:47.0908 5096 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
11:47:47.0912 5096 hkmsvc - ok
11:47:48.0047 5096 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
11:47:48.0052 5096 HomeGroupListener - ok
11:47:48.0120 5096 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
11:47:48.0126 5096 HomeGroupProvider - ok
11:47:48.0174 5096 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
11:47:48.0176 5096 HpSAMD - ok
11:47:48.0361 5096 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
11:47:48.0370 5096 HTTP - ok
11:47:48.0427 5096 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
11:47:48.0428 5096 hwpolicy - ok
11:47:48.0529 5096 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
11:47:48.0531 5096 i8042prt - ok
11:47:48.0719 5096 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\windows\system32\DRIVERS\iaStor.sys
11:47:48.0723 5096 iaStor - ok
11:47:48.0836 5096 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
11:47:48.0842 5096 iaStorV - ok
11:47:49.0065 5096 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:47:49.0132 5096 idsvc - ok
11:47:50.0381 5096 igfx (898ab5bfed7040d7ab07af01885eb944) C:\windows\system32\DRIVERS\igdkmd64.sys
11:47:50.0693 5096 igfx - ok
11:47:51.0005 5096 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
11:47:51.0008 5096 iirsp - ok
11:47:51.0120 5096 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
11:47:51.0162 5096 IKEEXT - ok
11:47:51.0198 5096 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
11:47:51.0199 5096 intelide - ok
11:47:51.0355 5096 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
11:47:51.0356 5096 intelppm - ok
11:47:51.0429 5096 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
11:47:51.0433 5096 IPBusEnum - ok
11:47:51.0504 5096 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
11:47:51.0507 5096 IpFilterDriver - ok
11:47:51.0555 5096 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
11:47:51.0563 5096 iphlpsvc - ok
11:47:51.0707 5096 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
11:47:51.0709 5096 IPMIDRV - ok
11:47:51.0801 5096 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
11:47:51.0803 5096 IPNAT - ok
11:47:51.0833 5096 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
11:47:51.0835 5096 IRENUM - ok
11:47:51.0910 5096 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
11:47:51.0911 5096 isapnp - ok
11:47:51.0973 5096 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
11:47:51.0978 5096 iScsiPrt - ok
11:47:52.0064 5096 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
11:47:52.0066 5096 kbdclass - ok
11:47:52.0269 5096 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
11:47:52.0271 5096 kbdhid - ok
11:47:52.0398 5096 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
11:47:52.0401 5096 KeyIso - ok
11:47:52.0485 5096 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
11:47:52.0488 5096 KSecDD - ok
11:47:52.0541 5096 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
11:47:52.0544 5096 KSecPkg - ok
11:47:52.0618 5096 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
11:47:52.0619 5096 ksthunk - ok
11:47:52.0739 5096 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
11:47:52.0746 5096 KtmRm - ok
11:47:52.0881 5096 L1C (48686c29856f46443952a831424f8d6f) C:\windows\system32\DRIVERS\L1C62x64.sys
11:47:52.0894 5096 L1C - ok
11:47:52.0974 5096 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
11:47:52.0981 5096 LanmanServer - ok
11:47:53.0036 5096 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
11:47:53.0042 5096 LanmanWorkstation - ok
11:47:53.0197 5096 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
11:47:53.0199 5096 lltdio - ok
11:47:53.0296 5096 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
11:47:53.0304 5096 lltdsvc - ok
11:47:53.0317 5096 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
11:47:53.0321 5096 lmhosts - ok
11:47:53.0773 5096 LMIGuardianSvc (d55a7d0553c7102f63872936c7a9d9db) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
11:47:53.0776 5096 LMIGuardianSvc - ok
11:47:53.0907 5096 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
11:47:53.0908 5096 LMIInfo - ok
11:47:54.0013 5096 LMIMaint (a7d256c8847df6e88bddb55f87e54f46) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
11:47:54.0015 5096 LMIMaint - ok
11:47:54.0127 5096 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\windows\system32\DRIVERS\lmimirr.sys
11:47:54.0128 5096 lmimirr - ok
11:47:54.0204 5096 LMIRfsClientNP - ok
11:47:54.0316 5096 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\windows\system32\drivers\LMIRfsDriver.sys
11:47:54.0318 5096 LMIRfsDriver - ok
11:47:54.0449 5096 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
11:47:54.0454 5096 LogMeIn - ok
11:47:54.0502 5096 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
11:47:54.0504 5096 LSI_FC - ok
11:47:54.0522 5096 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
11:47:54.0524 5096 LSI_SAS - ok
11:47:54.0551 5096 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
11:47:54.0552 5096 LSI_SAS2 - ok
11:47:54.0587 5096 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
11:47:54.0590 5096 LSI_SCSI - ok
11:47:54.0607 5096 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
11:47:54.0609 5096 luafv - ok
11:47:54.0685 5096 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
11:47:54.0690 5096 Mcx2Svc - ok
11:47:54.0767 5096 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
11:47:54.0769 5096 megasas - ok
11:47:54.0879 5096 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
11:47:54.0883 5096 MegaSR - ok
11:47:54.0981 5096 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
11:47:54.0985 5096 MMCSS - ok
11:47:55.0087 5096 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
11:47:55.0090 5096 Modem - ok
11:47:55.0105 5096 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
11:47:55.0107 5096 monitor - ok
11:47:55.0177 5096 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
11:47:55.0179 5096 mouclass - ok
11:47:55.0290 5096 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
11:47:55.0292 5096 mouhid - ok
11:47:55.0437 5096 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
11:47:55.0439 5096 mountmgr - ok
11:47:55.0490 5096 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
11:47:55.0493 5096 mpio - ok
11:47:55.0556 5096 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
11:47:55.0558 5096 mpsdrv - ok
11:47:55.0764 5096 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
11:47:55.0821 5096 MpsSvc - ok
11:47:55.0891 5096 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
11:47:55.0894 5096 MRxDAV - ok
11:47:55.0981 5096 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
11:47:55.0984 5096 mrxsmb - ok
11:47:56.0060 5096 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
11:47:56.0064 5096 mrxsmb10 - ok
11:47:56.0136 5096 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
11:47:56.0138 5096 mrxsmb20 - ok
11:47:56.0193 5096 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
11:47:56.0195 5096 msahci - ok
11:47:56.0253 5096 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
11:47:56.0257 5096 msdsm - ok
11:47:56.0306 5096 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
11:47:56.0310 5096 MSDTC - ok
11:47:56.0371 5096 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
11:47:56.0373 5096 Msfs - ok
11:47:56.0440 5096 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
11:47:56.0441 5096 mshidkmdf - ok
11:47:56.0493 5096 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
11:47:56.0495 5096 msisadrv - ok
11:47:56.0549 5096 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
11:47:56.0554 5096 MSiSCSI - ok
11:47:56.0566 5096 msiserver - ok
11:47:56.0656 5096 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
11:47:56.0659 5096 MSKSSRV - ok
11:47:56.0689 5096 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
11:47:56.0691 5096 MSPCLOCK - ok
11:47:56.0728 5096 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
11:47:56.0731 5096 MSPQM - ok
11:47:56.0843 5096 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
11:47:56.0849 5096 MsRPC - ok
11:47:56.0914 5096 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
11:47:56.0915 5096 mssmbios - ok
11:47:56.0999 5096 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
11:47:57.0001 5096 MSTEE - ok
11:47:57.0022 5096 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
11:47:57.0023 5096 MTConfig - ok
11:47:57.0081 5096 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
11:47:57.0083 5096 Mup - ok
11:47:57.0152 5096 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
11:47:57.0161 5096 napagent - ok
11:47:57.0290 5096 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
11:47:57.0295 5096 NativeWifiP - ok
11:47:57.0502 5096 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
11:47:57.0514 5096 NDIS - ok
11:47:57.0595 5096 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
11:47:57.0597 5096 NdisCap - ok
11:47:57.0633 5096 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
11:47:57.0635 5096 NdisTapi - ok
11:47:57.0698 5096 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
11:47:57.0700 5096 Ndisuio - ok
11:47:57.0761 5096 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
11:47:57.0765 5096 NdisWan - ok
11:47:57.0850 5096 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
11:47:57.0852 5096 NDProxy - ok
11:47:57.0936 5096 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
11:47:57.0938 5096 NetBIOS - ok
11:47:57.0990 5096 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
11:47:57.0995 5096 NetBT - ok
11:47:58.0044 5096 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
11:47:58.0048 5096 Netlogon - ok
11:47:58.0136 5096 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
11:47:58.0148 5096 Netman - ok
11:47:58.0439 5096 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:58.0494 5096 NetMsmqActivator - ok
11:47:58.0587 5096 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:58.0589 5096 NetPipeActivator - ok
11:47:58.0653 5096 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
11:47:58.0662 5096 netprofm - ok
11:47:58.0729 5096 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:58.0732 5096 NetTcpActivator - ok
11:47:58.0745 5096 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:58.0747 5096 NetTcpPortSharing - ok
11:47:58.0867 5096 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
11:47:58.0869 5096 nfrd960 - ok
11:47:59.0022 5096 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
11:47:59.0055 5096 NlaSvc - ok
11:47:59.0402 5096 nosGetPlusHelper (0e58f99692802c501454eac3d2ac3394) C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
11:47:59.0404 5096 nosGetPlusHelper - ok
11:47:59.0440 5096 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
11:47:59.0442 5096 Npfs - ok
11:47:59.0483 5096 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
11:47:59.0487 5096 nsi - ok
11:47:59.0601 5096 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
11:47:59.0602 5096 nsiproxy - ok
11:47:59.0829 5096 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
11:47:59.0900 5096 Ntfs - ok
11:48:00.0099 5096 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
11:48:00.0101 5096 Null - ok
11:48:00.0169 5096 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
11:48:00.0173 5096 nvraid - ok
11:48:00.0287 5096 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
11:48:00.0318 5096 nvstor - ok
11:48:00.0355 5096 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
11:48:00.0358 5096 nv_agp - ok
11:48:00.0516 5096 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:48:00.0524 5096 odserv - ok
11:48:00.0597 5096 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
11:48:00.0599 5096 ohci1394 - ok
11:48:00.0648 5096 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:48:00.0651 5096 ose - ok
11:48:00.0760 5096 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
11:48:00.0767 5096 p2pimsvc - ok
11:48:00.0836 5096 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
11:48:00.0844 5096 p2psvc - ok
11:48:00.0915 5096 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
11:48:00.0917 5096 Parport - ok
11:48:00.0978 5096 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
11:48:00.0980 5096 partmgr - ok
11:48:01.0059 5096 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
11:48:01.0065 5096 PcaSvc - ok
11:48:01.0119 5096 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
11:48:01.0123 5096 pci - ok
11:48:01.0189 5096 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
11:48:01.0191 5096 pciide - ok
11:48:01.0244 5096 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
11:48:01.0249 5096 pcmcia - ok
11:48:01.0266 5096 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
11:48:01.0268 5096 pcw - ok
11:48:01.0353 5096 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
11:48:01.0406 5096 PEAUTH - ok
11:48:01.0512 5096 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
11:48:01.0515 5096 PerfHost - ok
11:48:01.0769 5096 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
11:48:01.0847 5096 pla - ok
11:48:01.0969 5096 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
11:48:01.0977 5096 PlugPlay - ok
11:48:02.0034 5096 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
11:48:02.0039 5096 PNRPAutoReg - ok
11:48:02.0100 5096 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
11:48:02.0108 5096 PNRPsvc - ok
11:48:02.0261 5096 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
11:48:02.0314 5096 PolicyAgent - ok
11:48:02.0382 5096 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
11:48:02.0388 5096 Power - ok
11:48:02.0505 5096 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
11:48:02.0512 5096 PptpMiniport - ok
11:48:02.0591 5096 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
11:48:02.0593 5096 Processor - ok
11:48:02.0705 5096 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
11:48:02.0711 5096 ProfSvc - ok
11:48:02.0755 5096 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
11:48:02.0758 5096 ProtectedStorage - ok
11:48:02.0869 5096 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
11:48:02.0872 5096 Psched - ok
11:48:03.0049 5096 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
11:48:03.0093 5096 ql2300 - ok
11:48:03.0336 5096 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
11:48:03.0339 5096 ql40xx - ok
11:48:03.0398 5096 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
11:48:03.0405 5096 QWAVE - ok
11:48:03.0421 5096 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
11:48:03.0423 5096 QWAVEdrv - ok
11:48:03.0437 5096 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
11:48:03.0439 5096 RasAcd - ok
11:48:03.0495 5096 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
11:48:03.0497 5096 RasAgileVpn - ok
11:48:03.0544 5096 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
11:48:03.0550 5096 RasAuto - ok
11:48:03.0653 5096 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
11:48:03.0656 5096 Rasl2tp - ok
11:48:03.0779 5096 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
11:48:03.0823 5096 RasMan - ok
11:48:03.0953 5096 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
11:48:03.0956 5096 RasPppoe - ok
11:48:03.0971 5096 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
11:48:03.0974 5096 RasSstp - ok
11:48:04.0063 5096 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
11:48:04.0084 5096 rdbss - ok
11:48:04.0120 5096 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
11:48:04.0122 5096 rdpbus - ok
11:48:04.0136 5096 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
11:48:04.0137 5096 RDPCDD - ok
11:48:04.0175 5096 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
11:48:04.0180 5096 RDPENCDD - ok
11:48:04.0201 5096 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
11:48:04.0202 5096 RDPREFMP - ok
11:48:04.0271 5096 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
11:48:04.0275 5096 RDPWD - ok
11:48:04.0381 5096 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
11:48:04.0385 5096 rdyboost - ok
11:48:04.0451 5096 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
11:48:04.0455 5096 RemoteAccess - ok
11:48:04.0584 5096 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
11:48:04.0606 5096 RemoteRegistry - ok
11:48:04.0748 5096 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
11:48:04.0753 5096 RpcEptMapper - ok
11:48:04.0834 5096 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
11:48:04.0837 5096 RpcLocator - ok
11:48:04.0909 5096 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
11:48:04.0916 5096 RpcSs - ok
11:48:04.0988 5096 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
11:48:04.0991 5096 rspndr - ok
11:48:05.0070 5096 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\windows\system32\Drivers\RtsUStor.sys
11:48:05.0076 5096 RSUSBSTOR - ok
11:48:05.0155 5096 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
11:48:05.0158 5096 SamSs - ok
11:48:05.0393 5096 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
11:48:05.0395 5096 SASDIFSV - ok
11:48:05.0429 5096 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
11:48:05.0430 5096 SASKUTIL - ok
11:48:05.0493 5096 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
11:48:05.0495 5096 sbp2port - ok
11:48:05.0555 5096 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
11:48:05.0561 5096 SCardSvr - ok
11:48:05.0668 5096 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
11:48:05.0670 5096 scfilter - ok
11:48:05.0849 5096 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
11:48:05.0901 5096 Schedule - ok
11:48:05.0955 5096 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
11:48:05.0957 5096 SCPolicySvc - ok
11:48:06.0051 5096 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
11:48:06.0058 5096 SDRSVC - ok
11:48:06.0404 5096 SDScannerService (e1f35f902b825c7b18236271f398dda2) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
11:48:06.0417 5096 SDScannerService - ok
11:48:06.0563 5096 SDUpdateService (2db434f4ce96b3fb65d44b3ad5a4de3e) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:48:06.0573 5096 SDUpdateService - ok
11:48:06.0714 5096 SDWSCService (59dce6783f9ed27eb72c81466e363bf8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:48:06.0716 5096 SDWSCService - ok
11:48:07.0018 5096 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
11:48:07.0020 5096 secdrv - ok
11:48:07.0090 5096 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
11:48:07.0094 5096 seclogon - ok
11:48:07.0155 5096 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
11:48:07.0160 5096 SENS - ok
11:48:07.0212 5096 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
11:48:07.0216 5096 SensrSvc - ok
11:48:07.0318 5096 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
11:48:07.0320 5096 Serenum - ok
11:48:07.0351 5096 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
11:48:07.0353 5096 Serial - ok
11:48:07.0485 5096 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
11:48:07.0487 5096 sermouse - ok
11:48:07.0630 5096 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
11:48:07.0642 5096 SessionEnv - ok
11:48:07.0701 5096 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
11:48:07.0703 5096 sffdisk - ok
11:48:07.0726 5096 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
11:48:07.0728 5096 sffp_mmc - ok
11:48:07.0808 5096 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
11:48:07.0809 5096 sffp_sd - ok
11:48:07.0848 5096 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
11:48:07.0849 5096 sfloppy - ok
11:48:07.0946 5096 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
11:48:07.0952 5096 SharedAccess - ok
11:48:08.0053 5096 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
11:48:08.0061 5096 ShellHWDetection - ok
11:48:08.0084 5096 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
11:48:08.0086 5096 SiSRaid2 - ok
11:48:08.0126 5096 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
11:48:08.0129 5096 SiSRaid4 - ok
11:48:08.0162 5096 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
11:48:08.0165 5096 Smb - ok
11:48:08.0276 5096 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
11:48:08.0281 5096 SNMPTRAP - ok
11:48:08.0332 5096 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
11:48:08.0334 5096 spldr - ok
11:48:08.0479 5096 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
11:48:08.0489 5096 Spooler - ok
11:48:08.0844 5096 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
11:48:08.0958 5096 sppsvc - ok
11:48:09.0162 5096 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
11:48:09.0167 5096 sppuinotify - ok
11:48:09.0301 5096 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
11:48:09.0336 5096 srv - ok
11:48:09.0397 5096 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
11:48:09.0403 5096 srv2 - ok
11:48:09.0471 5096 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
11:48:09.0499 5096 srvnet - ok
11:48:09.0574 5096 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
11:48:09.0580 5096 SSDPSRV - ok
11:48:09.0628 5096 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
11:48:09.0633 5096 SstpSvc - ok
11:48:09.0690 5096 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
11:48:09.0692 5096 stexstor - ok
11:48:09.0878 5096 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
11:48:09.0907 5096 stisvc - ok
11:48:09.0961 5096 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
11:48:09.0963 5096 swenum - ok
11:48:10.0034 5096 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
11:48:10.0044 5096 swprv - ok
11:48:10.0133 5096 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
11:48:10.0138 5096 SynTP - ok
11:48:10.0376 5096 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
11:48:10.0452 5096 SysMain - ok
11:48:10.0765 5096 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
11:48:10.0771 5096 TabletInputService - ok
11:48:10.0880 5096 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
11:48:10.0888 5096 TapiSrv - ok
11:48:10.0955 5096 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
11:48:10.0959 5096 TBS - ok
11:48:11.0213 5096 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
11:48:11.0257 5096 Tcpip - ok
11:48:11.0721 5096 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
11:48:11.0737 5096 TCPIP6 - ok
11:48:11.0986 5096 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
11:48:11.0988 5096 tcpipreg - ok
11:48:12.0075 5096 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
11:48:12.0078 5096 tdcmdpst - ok
11:48:12.0114 5096 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
11:48:12.0116 5096 TDPIPE - ok
11:48:12.0165 5096 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
11:48:12.0168 5096 TDTCP - ok
11:48:12.0251 5096 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
11:48:12.0254 5096 tdx - ok
11:48:12.0301 5096 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
11:48:12.0303 5096 TermDD - ok
11:48:12.0467 5096 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
11:48:12.0478 5096 TermService - ok
11:48:12.0524 5096 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
11:48:12.0539 5096 Themes - ok
11:48:12.0605 5096 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
11:48:12.0608 5096 THREADORDER - ok
11:48:12.0831 5096 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:48:12.0833 5096 TMachInfo - ok
11:48:12.0898 5096 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
11:48:12.0904 5096 TODDSrv - ok
11:48:13.0075 5096 TosCoSrv (98c864481d62f86ec8af65be3419a95b) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
11:48:13.0080 5096 TosCoSrv - ok
11:48:13.0234 5096 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
11:48:13.0235 5096 TOSHIBA HDD SSD Alert Service - ok
11:48:13.0294 5096 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
11:48:13.0300 5096 TrkWks - ok
11:48:13.0415 5096 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
11:48:13.0418 5096 TrustedInstaller - ok
11:48:13.0541 5096 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
11:48:13.0543 5096 tssecsrv - ok
11:48:13.0660 5096 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
11:48:13.0663 5096 TsUsbFlt - ok
11:48:13.0771 5096 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
11:48:13.0774 5096 tunnel - ok
11:48:13.0864 5096 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
11:48:13.0866 5096 TVALZ - ok
11:48:13.0925 5096 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
11:48:13.0927 5096 uagp35 - ok
11:48:14.0066 5096 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
11:48:14.0071 5096 udfs - ok
11:48:14.0137 5096 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
11:48:14.0143 5096 UI0Detect - ok
11:48:14.0246 5096 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
11:48:14.0266 5096 uliagpkx - ok
11:48:14.0357 5096 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
11:48:14.0359 5096 umbus - ok
11:48:14.0402 5096 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
11:48:14.0404 5096 UmPass - ok
11:48:14.0506 5096 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
11:48:14.0514 5096 upnphost - ok
11:48:14.0608 5096 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\drivers\usbccgp.sys
11:48:14.0611 5096 usbccgp - ok
11:48:14.0658 5096 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
11:48:14.0661 5096 usbcir - ok
11:48:14.0706 5096 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
11:48:14.0708 5096 usbehci - ok
11:48:14.0839 5096 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
11:48:14.0845 5096 usbhub - ok
11:48:14.0929 5096 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
11:48:14.0931 5096 usbohci - ok
11:48:14.0968 5096 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
11:48:14.0970 5096 usbprint - ok
11:48:15.0041 5096 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\drivers\USBSTOR.SYS
11:48:15.0044 5096 USBSTOR - ok
11:48:15.0098 5096 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys
11:48:15.0101 5096 usbuhci - ok
11:48:15.0188 5096 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
11:48:15.0191 5096 usbvideo - ok
11:48:15.0245 5096 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
11:48:15.0250 5096 UxSms - ok
11:48:15.0301 5096 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
11:48:15.0305 5096 VaultSvc - ok
11:48:15.0411 5096 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
11:48:15.0414 5096 vdrvroot - ok
11:48:15.0521 5096 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
11:48:15.0531 5096 vds - ok
11:48:15.0613 5096 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
11:48:15.0615 5096 vga - ok
11:48:15.0629 5096 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
11:48:15.0631 5096 VgaSave - ok
11:48:15.0692 5096 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
11:48:15.0696 5096 vhdmp - ok
11:48:15.0756 5096 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
11:48:15.0758 5096 viaide - ok
11:48:15.0819 5096 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
11:48:15.0821 5096 volmgr - ok
11:48:15.0904 5096 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
11:48:15.0909 5096 volmgrx - ok
11:48:16.0035 5096 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
11:48:16.0040 5096 volsnap - ok
11:48:16.0116 5096 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
11:48:16.0119 5096 vsmraid - ok
11:48:16.0468 5096 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
11:48:16.0521 5096 VSS - ok
11:48:16.0734 5096 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
11:48:16.0736 5096 vwifibus - ok
11:48:16.0767 5096 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
11:48:16.0769 5096 vwififlt - ok
11:48:16.0936 5096 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
11:48:16.0945 5096 W32Time - ok
11:48:17.0082 5096 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
11:48:17.0084 5096 WacomPen - ok
11:48:17.0187 5096 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
11:48:17.0189 5096 WANARP - ok
11:48:17.0220 5096 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
11:48:17.0222 5096 Wanarpv6 - ok
11:48:17.0591 5096 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
11:48:17.0644 5096 WatAdminSvc - ok
11:48:17.0940 5096 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
11:48:18.0034 5096 wbengine - ok
11:48:18.0315 5096 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
11:48:18.0357 5096 WbioSrvc - ok
11:48:18.0510 5096 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
11:48:18.0518 5096 wcncsvc - ok
11:48:18.0603 5096 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
11:48:18.0609 5096 WcsPlugInService - ok
11:48:18.0750 5096 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
11:48:18.0752 5096 Wd - ok
11:48:18.0830 5096 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
11:48:18.0854 5096 Wdf01000 - ok
11:48:18.0935 5096 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
11:48:18.0941 5096 WdiServiceHost - ok
11:48:18.0953 5096 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
11:48:18.0958 5096 WdiSystemHost - ok
11:48:19.0020 5096 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
11:48:19.0027 5096 WebClient - ok
11:48:19.0079 5096 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
11:48:19.0087 5096 Wecsvc - ok
11:48:19.0150 5096 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
11:48:19.0165 5096 wercplsupport - ok
11:48:19.0336 5096 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
11:48:19.0342 5096 WerSvc - ok
11:48:19.0451 5096 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
11:48:19.0453 5096 WfpLwf - ok
11:48:19.0467 5096 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
11:48:19.0501 5096 WIMMount - ok
11:48:19.0604 5096 WinDefend - ok
11:48:19.0629 5096 WinHttpAutoProxySvc - ok
11:48:19.0735 5096 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
11:48:19.0743 5096 Winmgmt - ok
11:48:20.0049 5096 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
11:48:20.0198 5096 WinRM - ok
11:48:20.0745 5096 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
11:48:20.0747 5096 WinUsb - ok
11:48:21.0088 5096 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
11:48:21.0102 5096 Wlansvc - ok
11:48:21.0232 5096 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
11:48:21.0234 5096 WmiAcpi - ok
11:48:21.0841 5096 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
11:48:21.0844 5096 wmiApSrv - ok
11:48:22.0908 5096 WMPNetworkSvc - ok
11:48:23.0132 5096 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
11:48:23.0137 5096 WPCSvc - ok
11:48:23.0203 5096 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
11:48:23.0209 5096 WPDBusEnum - ok
11:48:23.0342 5096 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
11:48:23.0344 5096 ws2ifsl - ok
11:48:23.0473 5096 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
11:48:23.0478 5096 wscsvc - ok
11:48:23.0492 5096 WSearch - ok
11:48:24.0029 5096 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
11:48:24.0163 5096 wuauserv - ok
11:48:24.0509 5096 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
11:48:24.0512 5096 WudfPf - ok
11:48:24.0557 5096 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
11:48:24.0560 5096 WUDFRd - ok
11:48:24.0602 5096 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
11:48:24.0607 5096 wudfsvc - ok
11:48:24.0677 5096 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
11:48:24.0684 5096 WwanSvc - ok
11:48:24.0736 5096 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
11:48:25.0577 5096 \Device\Harddisk0\DR0 - ok
11:48:25.0617 5096 Boot (0x1200) (12ed94b2a4568d7a52620f742ad8b077) \Device\Harddisk0\DR0\Partition0
11:48:25.0619 5096 \Device\Harddisk0\DR0\Partition0 - ok
11:48:25.0623 5096 ============================================================
11:48:25.0623 5096 Scan finished
11:48:25.0623 5096 ============================================================
11:48:25.0643 3060 Detected object count: 0
11:48:25.0643 3060 Actual detected object count: 0
11:55:46.0559 4960 Deinitialize success







aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-27 11:56:21
-----------------------------
11:56:21.643 OS Version: Windows x64 6.1.7601 Service Pack 1
11:56:21.643 Number of processors: 1 586 0x170A
11:56:21.645 ComputerName: JENNIFER-PC UserName: Jennifer
11:56:24.409 Initialize success
11:56:25.500 AVAST engine defs: 12052700
11:56:54.399 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:56:54.404 Disk 0 Vendor: TOSHIBA_ GJ00 Size: 238475MB BusType: 3
11:56:54.422 Disk 0 MBR read successfully
11:56:54.425 Disk 0 MBR scan
11:56:54.450 Disk 0 Windows VISTA default MBR code
11:56:54.479 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
11:56:54.490 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 227813 MB offset 3074048
11:56:54.523 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 9161 MB offset 469635072
11:56:54.602 Disk 0 scanning C:\windows\system32\drivers
11:57:08.487 Service scanning
11:58:00.370 Modules scanning
11:58:00.382 Disk 0 trace - called modules:
11:58:00.405 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
11:58:00.419 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002637060]
11:58:00.432 3 CLASSPNP.SYS[fffff88001ba043f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80020ef050]
11:58:01.531 AVAST engine scan C:\windows
11:58:03.877 AVAST engine scan C:\windows\system32
12:01:22.401 AVAST engine scan C:\windows\system32\drivers
12:01:33.102 AVAST engine scan C:\Users\Jennifer
12:04:25.756 AVAST engine scan C:\ProgramData
12:05:11.794 Scan finished successfully
12:05:40.948 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
12:05:40.955 The log file has been saved successfully to "C:\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:24 AM

Posted 27 May 2012 - 02:20 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 klassic

klassic
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 27 May 2012 - 04:25 PM

C:\Program Files (x86)\WhiteSmokeTranslator\WSRegistrationDictMode.exe probably a variant of Win32/WhiteSmoke application cleaned by deleting - quarantined
C:\Program Files (x86)\WhiteSmokeTranslator\html\english\dictClientDic\index.html HTML/WhiteSmoke application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined





MiniToolBox by Farbar Version: 14-01-2012
Ran by Jennifer (administrator) on 27-05-2012 at 17:15:27
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15211 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jennifer-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : H3C
Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-6C-51-71-DB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 00-26-B6-EA-A0-FE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::18cb:3a93:3902:aa3e%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, May 27, 2012 12:18:36 PM
Lease Expires . . . . . . . . . . : Sunday, May 27, 2012 6:18:47 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 234890934
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-B3-2E-B1-00-26-B6-EA-A0-FE
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:c8d:254e:b5b2:79a5(Preferred)
Link-local IPv6 Address . . . . . : fe80::c8d:254e:b5b2:79a5%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{8263530D-2C2D-4D2D-B152-1B74C2916D95}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 74.125.228.34
74.125.228.35
74.125.228.36
74.125.228.37
74.125.228.38
74.125.228.39
74.125.228.40
74.125.228.41
74.125.228.46
74.125.228.32
74.125.228.33


Pinging google.com [74.125.228.4] with 32 bytes of data:
Reply from 74.125.228.4: bytes=32 time=48ms TTL=52
Reply from 74.125.228.4: bytes=32 time=51ms TTL=52

Ping statistics for 74.125.228.4:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 48ms, Maximum = 51ms, Average = 49ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=75ms TTL=52
Reply from 209.191.122.70: bytes=32 time=72ms TTL=52

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 72ms, Maximum = 75ms, Average = 73ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 26 6c 51 71 db ......Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
10...00 26 b6 ea a0 fe ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.10 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.10 281
192.168.0.10 255.255.255.255 On-link 192.168.0.10 281
192.168.0.255 255.255.255.255 On-link 192.168.0.10 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.10 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.10 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:5ef5:79fd:c8d:254e:b5b2:79a5/128
On-link
10 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::c8d:254e:b5b2:79a5/128
On-link
10 281 fe80::18cb:3a93:3902:aa3e/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/27/2012 03:41:35 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: Accessibility, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil . Error code = 0x80070005

Error: (05/27/2012 03:17:41 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/27/2012 02:12:30 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/27/2012 02:12:25 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/27/2012 01:51:18 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/27/2012 01:41:16 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/27/2012 01:41:16 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/27/2012 01:40:24 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: XamlBuildTask, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06

Error: (05/27/2012 01:40:24 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: XamlBuildTask, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06

Error: (05/27/2012 01:40:23 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06


System errors:
=============
Error: (05/27/2012 11:51:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB976422).

Error: (05/27/2012 11:51:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2656372).

Error: (05/27/2012 11:41:34 AM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/27/2012 11:39:08 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (05/27/2012 11:39:08 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (05/27/2012 11:33:59 AM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/27/2012 11:33:01 AM) (Source: DCOM) (User: )
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (05/27/2012 04:37:50 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (05/27/2012 04:37:50 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (05/26/2012 11:16:14 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe Download Manager (Version: 1.6.2.100)
Adobe Flash Player 10 ActiveX (Version: 10.2.159.1)
Adobe Flash Player 10 Plugin (Version: 10.3.183.10)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Angry Birds Rio (Version: 1.2.2)
ASPCA Tri Reminder by We-Care.com v4.0.9.5 (Version: 4.0.9.5)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.27)
Atheros Driver Installation Program (Version: 5.2)
Audacity 1.2.6
avast! Free Antivirus (Version: 7.0.1426.0)
Best Buy pc app (Version: 3.0.1.2)
Best Buy pc app (Version: 3.1.0.0)
CCleaner (Version: 3.19)
COLLAPSE! Unlimited
Compatibility Pack for the 2007 Office system (Version: 12.0.4518.1014)
Conduit Engine (Version: )
Conexant HD Audio (Version: 4.111.0.64)
DealScout for Google Chrome (Version: 1.0.31.0)
Fantapper Browser Plugin (Version: 1.0.0)
Google Chrome (Version: 19.0.1084.52)
Google Earth (Version: 6.1.0.4857)
Google Update Helper (Version: 1.3.21.111)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2086)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 23 (Version: 6.0.230)
Junk Mail filter update (Version: 14.0.8089.726)
Label@Once 1.0 (Version: 1.0)
LogMeIn (Version: 4.1.2450)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MegaBonus Slot Machine 1.0 (Version: 1.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 3.0.40624.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 5.0 (x86 en-US) (Version: 5.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Octoshape add-in for Adobe Flash Player
ooVoo (Version: 3.0.7008)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PriceGong 2.5.0 (Version: 2.5.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30111)
RealUpgrade 1.1 (Version: 1.1.0)
SocialRibbons LP 1
Spybot - Search & Destroy (Version: 2.0.8)
SpywareBlaster 4.6 (Version: 4.6.0)
SUPERAntiSpyware (Version: 5.0.1150)
Swag Bucks Toolbar (Version: 6.3.3.3)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
The Weather Channel App
TOSHIBA Application Installer (Version: 9.0.1.0)
TOSHIBA Assist (Version: 3.00.10)
TOSHIBA Bulletin Board (Version: 1.6.07.64)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA Hardware Setup (Version: 2.00.04)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
TOSHIBA Media Controller (Version: 1.0.80.3.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.4.9)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.6.06.64)
TOSHIBA Service Station (Version: 2.1.40)
TOSHIBA Supervisor Password (Version: 2.00.03)
TOSHIBA Value Added Package (Version: 1.3.3.64)
ToshibaRegistration (Version: 1.0.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office Word 2007 (KB974631)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)

========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 1915.98 MB
Available physical RAM: 847.81 MB
Total Pagefile: 3831.95 MB
Available Pagefile: 2198.17 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.39 MB

========================= Partitions: =====================================

1 Drive c: (TI105847W0F) (Fixed) (Total:222.47 GB) (Free:191.09 GB) NTFS

========================= Users: ========================================

User accounts for \\JENNIFER-PC

Administrator Guest Jennifer
LogMeInRemoteUser


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:24 AM

Posted 27 May 2012 - 07:24 PM

What are your current issues?

#7 klassic

klassic
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 27 May 2012 - 07:29 PM

No issues that I can notice. I am just trying to give the computer a clean bill of health. It seemed every time I ran a scan something was found.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:24 AM

Posted 27 May 2012 - 08:07 PM

Download

Hosts fixit

Run it,


Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your adobe reader and flash player.

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 klassic

klassic
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 27 May 2012 - 09:48 PM

Thanks for your help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users