Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Engine Redirects (Google/Bing)


  • Please log in to reply
8 replies to this topic

#1 pwcapell

pwcapell

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 03 June 2012 - 09:35 PM

A few weeks ago I started noticing the search results from Google would redirect to suspicious websites unrelated to my search terms. I was using Firefox, so I then started using IE and searching via Bing. A few days ago the problem started with Bing as well.

I am running Windows 7 64-bit. I use AVG Free antivirus, and keep the Windows firewall on.

I have run Malwarebytes quick scan, which found and quarantined Trojan.Happili (twice) and Exploit.Drop.9 (also twice) both located in the AppData\Local\Temp\ folder.

Even after removal of these, the problem persists.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:03 PM

Posted 03 June 2012 - 09:42 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Edited by narenxp, 03 June 2012 - 09:43 PM.


#3 pwcapell

pwcapell
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 06 June 2012 - 11:59 PM

01:28:18.0762 3148 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
01:28:19.0168 3148 ============================================================
01:28:19.0168 3148 Current date / time: 2012/06/04 01:28:19.0168
01:28:19.0168 3148 SystemInfo:
01:28:19.0168 3148
01:28:19.0168 3148 OS Version: 6.1.7600 ServicePack: 0.0
01:28:19.0168 3148 Product type: Workstation
01:28:19.0168 3148 ComputerName: PCLAPTOP
01:28:19.0168 3148 UserName: Phil
01:28:19.0169 3148 Windows directory: C:\Windows
01:28:19.0169 3148 System windows directory: C:\Windows
01:28:19.0169 3148 Running under WOW64
01:28:19.0169 3148 Processor architecture: Intel x64
01:28:19.0169 3148 Number of processors: 2
01:28:19.0169 3148 Page size: 0x1000
01:28:19.0169 3148 Boot type: Normal boot
01:28:19.0169 3148 ============================================================
01:28:20.0981 3148 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:28:20.0993 3148 ============================================================
01:28:20.0993 3148 \Device\Harddisk0\DR0:
01:28:20.0994 3148 MBR partitions:
01:28:20.0994 3148 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
01:28:20.0994 3148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x32334030
01:28:21.0017 3148 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x33AD7800, BlocksNum 0x68AE000
01:28:21.0017 3148 ============================================================
01:28:21.0062 3148 C: <-> \Device\Harddisk0\DR0\Partition1
01:28:21.0102 3148 E: <-> \Device\Harddisk0\DR0\Partition2
01:28:21.0102 3148 ============================================================
01:28:21.0102 3148 Initialize success
01:28:21.0102 3148 ============================================================
01:28:40.0668 3924 ============================================================
01:28:40.0668 3924 Scan started
01:28:40.0668 3924 Mode: Manual; TDLFS;
01:28:40.0668 3924 ============================================================
01:28:42.0557 3924 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
01:28:42.0565 3924 1394ohci - ok
01:28:42.0699 3924 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
01:28:42.0709 3924 ACPI - ok
01:28:42.0754 3924 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
01:28:42.0758 3924 AcpiPmi - ok
01:28:42.0904 3924 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:28:42.0908 3924 AdobeARMservice - ok
01:28:43.0073 3924 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
01:28:43.0085 3924 adp94xx - ok
01:28:43.0198 3924 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
01:28:43.0208 3924 adpahci - ok
01:28:43.0270 3924 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
01:28:43.0276 3924 adpu320 - ok
01:28:43.0327 3924 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
01:28:43.0330 3924 AeLookupSvc - ok
01:28:43.0490 3924 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
01:28:43.0539 3924 AFD - ok
01:28:43.0593 3924 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
01:28:43.0598 3924 agp440 - ok
01:28:43.0635 3924 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
01:28:43.0639 3924 ALG - ok
01:28:43.0703 3924 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
01:28:43.0705 3924 aliide - ok
01:28:43.0783 3924 AMD External Events Utility (f238be4fa4e55eb67f17281fadf69851) C:\Windows\system32\atiesrxx.exe
01:28:43.0789 3924 AMD External Events Utility - ok
01:28:43.0880 3924 AMD FUEL Service - ok
01:28:43.0966 3924 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
01:28:43.0982 3924 amdide - ok
01:28:44.0020 3924 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
01:28:44.0022 3924 amdiox64 - ok
01:28:44.0191 3924 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
01:28:44.0196 3924 AmdK8 - ok
01:28:44.0291 3924 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
01:28:44.0293 3924 AmdPPM - ok
01:28:44.0395 3924 amdsata (12a5062c06e03ff70db47800f91c7a13) C:\Windows\system32\DRIVERS\amdsata.sys
01:28:44.0397 3924 amdsata - ok
01:28:44.0481 3924 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
01:28:44.0485 3924 amdsbs - ok
01:28:44.0530 3924 amdxata (8a7f289b45ceacac761e14d5fac59eb9) C:\Windows\system32\DRIVERS\amdxata.sys
01:28:44.0532 3924 amdxata - ok
01:28:44.0599 3924 Andbus (60257f0a7ed9781719a6b7b6f661a5b6) C:\Windows\system32\DRIVERS\lgandbus64.sys
01:28:44.0601 3924 Andbus - ok
01:28:44.0654 3924 androidusb (27466e519371c6fc3a39b1f7b8a297fc) C:\Windows\system32\Drivers\androidusb.sys
01:28:44.0675 3924 androidusb - ok
01:28:44.0734 3924 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
01:28:44.0736 3924 AODDriver4.01 - ok
01:28:44.0805 3924 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
01:28:44.0808 3924 AppID - ok
01:28:44.0842 3924 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
01:28:44.0844 3924 AppIDSvc - ok
01:28:44.0880 3924 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
01:28:44.0882 3924 Appinfo - ok
01:28:45.0021 3924 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:28:45.0039 3924 Apple Mobile Device - ok
01:28:45.0094 3924 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
01:28:45.0097 3924 arc - ok
01:28:45.0125 3924 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
01:28:45.0129 3924 arcsas - ok
01:28:45.0280 3924 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:28:45.0321 3924 aspnet_state - ok
01:28:45.0360 3924 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
01:28:45.0363 3924 AsyncMac - ok
01:28:45.0424 3924 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
01:28:45.0429 3924 atapi - ok
01:28:45.0824 3924 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
01:28:45.0889 3924 athr - ok
01:28:46.0216 3924 AtiHdmiService (3b9014fb7ce9e20fd726321c7db7d8b0) C:\Windows\system32\drivers\AtiHdmi.sys
01:28:46.0220 3924 AtiHdmiService - ok
01:28:47.0754 3924 atikmdag (2db9047aac9d981f59ce06d04d70c4d8) C:\Windows\system32\DRIVERS\atikmdag.sys
01:28:47.0875 3924 atikmdag - ok
01:28:48.0181 3924 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
01:28:48.0185 3924 AtiPcie - ok
01:28:48.0410 3924 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
01:28:48.0426 3924 AudioEndpointBuilder - ok
01:28:48.0437 3924 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
01:28:48.0443 3924 AudioSrv - ok
01:28:49.0851 3924 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
01:28:49.0915 3924 AVGIDSAgent - ok
01:28:50.0231 3924 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
01:28:50.0237 3924 AVGIDSDriver - ok
01:28:50.0271 3924 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
01:28:50.0274 3924 AVGIDSFilter - ok
01:28:50.0324 3924 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
01:28:50.0328 3924 AVGIDSHA - ok
01:28:50.0454 3924 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
01:28:50.0462 3924 Avgldx64 - ok
01:28:50.0499 3924 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
01:28:50.0503 3924 Avgmfx64 - ok
01:28:50.0577 3924 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
01:28:50.0582 3924 Avgrkx64 - ok
01:28:50.0708 3924 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
01:28:50.0718 3924 Avgtdia - ok
01:28:50.0955 3924 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
01:28:50.0961 3924 avgwd - ok
01:28:51.0025 3924 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
01:28:51.0030 3924 AxInstSV - ok
01:28:51.0174 3924 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
01:28:51.0186 3924 b06bdrv - ok
01:28:51.0281 3924 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
01:28:51.0289 3924 b57nd60a - ok
01:28:51.0625 3924 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
01:28:51.0653 3924 BCM43XX - ok
01:28:52.0204 3924 BCMH43XX (e49110a58a32e9450356686a95dd7763) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
01:28:52.0230 3924 BCMH43XX - ok
01:28:52.0296 3924 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
01:28:52.0301 3924 BDESVC - ok
01:28:52.0338 3924 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
01:28:52.0342 3924 Beep - ok
01:28:52.0536 3924 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
01:28:52.0552 3924 BFE - ok
01:28:52.0783 3924 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
01:28:52.0850 3924 BITS - ok
01:28:52.0944 3924 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
01:28:52.0947 3924 blbdrive - ok
01:28:53.0022 3924 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
01:28:53.0026 3924 bowser - ok
01:28:53.0049 3924 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:28:53.0053 3924 BrFiltLo - ok
01:28:53.0062 3924 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:28:53.0069 3924 BrFiltUp - ok
01:28:53.0181 3924 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
01:28:53.0186 3924 Browser - ok
01:28:53.0272 3924 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
01:28:53.0282 3924 Brserid - ok
01:28:53.0300 3924 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
01:28:53.0304 3924 BrSerWdm - ok
01:28:53.0317 3924 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
01:28:53.0321 3924 BrUsbMdm - ok
01:28:53.0330 3924 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
01:28:53.0332 3924 BrUsbSer - ok
01:28:53.0406 3924 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
01:28:53.0410 3924 BthEnum - ok
01:28:53.0445 3924 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
01:28:53.0449 3924 BTHMODEM - ok
01:28:53.0518 3924 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
01:28:53.0523 3924 BthPan - ok
01:28:53.0704 3924 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
01:28:53.0723 3924 BTHPORT - ok
01:28:53.0797 3924 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
01:28:53.0802 3924 bthserv - ok
01:28:53.0847 3924 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
01:28:53.0852 3924 BTHUSB - ok
01:28:53.0929 3924 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
01:28:53.0952 3924 btusbflt - ok
01:28:54.0034 3924 btwaudio (af838d8029ae7c27470862d63fa54d24) C:\Windows\system32\drivers\btwaudio.sys
01:28:54.0039 3924 btwaudio - ok
01:28:54.0120 3924 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys
01:28:54.0123 3924 btwavdt - ok
01:28:54.0460 3924 btwdins (dcf8d8f1f87743509d9c0207cb28637d) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
01:28:54.0474 3924 btwdins - ok
01:28:54.0515 3924 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
01:28:54.0518 3924 btwl2cap - ok
01:28:54.0533 3924 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
01:28:54.0535 3924 btwrchid - ok
01:28:54.0642 3924 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
01:28:54.0650 3924 CAXHWAZL - ok
01:28:54.0699 3924 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
01:28:54.0703 3924 cdfs - ok
01:28:54.0767 3924 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
01:28:54.0772 3924 cdrom - ok
01:28:54.0835 3924 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
01:28:54.0839 3924 CertPropSvc - ok
01:28:54.0865 3924 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
01:28:54.0870 3924 circlass - ok
01:28:54.0974 3924 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
01:28:54.0984 3924 CLFS - ok
01:28:55.0067 3924 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:28:55.0077 3924 clr_optimization_v2.0.50727_32 - ok
01:28:55.0127 3924 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:28:55.0130 3924 clr_optimization_v2.0.50727_64 - ok
01:28:55.0268 3924 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:28:55.0368 3924 clr_optimization_v4.0.30319_32 - ok
01:28:55.0469 3924 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:28:55.0480 3924 clr_optimization_v4.0.30319_64 - ok
01:28:55.0520 3924 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
01:28:55.0523 3924 CmBatt - ok
01:28:55.0553 3924 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
01:28:55.0557 3924 cmdide - ok
01:28:55.0696 3924 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
01:28:55.0709 3924 CNG - ok
01:28:55.0930 3924 CnxtHdAudService (20f3f8674d7dee5d90a352b775d5d5ba) C:\Windows\system32\drivers\CHDRT64.sys
01:28:55.0946 3924 CnxtHdAudService - ok
01:28:55.0994 3924 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
01:28:55.0999 3924 Compbatt - ok
01:28:56.0037 3924 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
01:28:56.0041 3924 CompositeBus - ok
01:28:56.0059 3924 COMSysApp - ok
01:28:56.0087 3924 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
01:28:56.0091 3924 crcdisk - ok
01:28:56.0173 3924 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
01:28:56.0179 3924 CryptSvc - ok
01:28:56.0336 3924 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
01:28:56.0350 3924 DcomLaunch - ok
01:28:56.0444 3924 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
01:28:56.0453 3924 defragsvc - ok
01:28:56.0521 3924 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
01:28:56.0525 3924 DfsC - ok
01:28:56.0626 3924 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
01:28:56.0635 3924 Dhcp - ok
01:28:56.0669 3924 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
01:28:56.0673 3924 discache - ok
01:28:56.0728 3924 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
01:28:56.0733 3924 Disk - ok
01:28:56.0962 3924 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys
01:28:56.0965 3924 DKbFltr - ok
01:28:57.0052 3924 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
01:28:57.0059 3924 Dnscache - ok
01:28:57.0137 3924 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
01:28:57.0146 3924 dot3svc - ok
01:28:57.0194 3924 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
01:28:57.0197 3924 DPS - ok
01:28:57.0281 3924 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
01:28:57.0284 3924 drmkaud - ok
01:28:57.0575 3924 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
01:28:57.0591 3924 DXGKrnl - ok
01:28:57.0678 3924 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
01:28:57.0683 3924 EapHost - ok
01:28:58.0480 3924 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
01:28:58.0543 3924 ebdrv - ok
01:28:58.0803 3924 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
01:28:58.0807 3924 EFS - ok
01:28:59.0071 3924 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
01:28:59.0137 3924 ehRecvr - ok
01:28:59.0191 3924 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
01:28:59.0221 3924 ehSched - ok
01:28:59.0439 3924 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
01:28:59.0452 3924 elxstor - ok
01:28:59.0741 3924 ePowerSvc (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
01:28:59.0759 3924 ePowerSvc - ok
01:29:00.0016 3924 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
01:29:00.0019 3924 ErrDev - ok
01:29:00.0169 3924 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
01:29:00.0180 3924 EventSystem - ok
01:29:00.0245 3924 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
01:29:00.0249 3924 exfat - ok
01:29:00.0305 3924 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
01:29:00.0309 3924 fastfat - ok
01:29:00.0506 3924 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
01:29:00.0521 3924 Fax - ok
01:29:00.0533 3924 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
01:29:00.0537 3924 fdc - ok
01:29:00.0584 3924 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
01:29:00.0586 3924 fdPHost - ok
01:29:00.0606 3924 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
01:29:00.0609 3924 FDResPub - ok
01:29:00.0636 3924 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
01:29:00.0639 3924 FileInfo - ok
01:29:00.0666 3924 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
01:29:00.0668 3924 Filetrace - ok
01:29:00.0939 3924 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
01:29:00.0962 3924 FLEXnet Licensing Service - ok
01:29:00.0987 3924 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
01:29:00.0991 3924 flpydisk - ok
01:29:01.0098 3924 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
01:29:01.0106 3924 FltMgr - ok
01:29:01.0438 3924 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
01:29:01.0457 3924 FontCache - ok
01:29:01.0532 3924 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:29:01.0536 3924 FontCache3.0.0.0 - ok
01:29:01.0618 3924 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
01:29:01.0622 3924 FsDepends - ok
01:29:01.0662 3924 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
01:29:01.0666 3924 Fs_Rec - ok
01:29:01.0785 3924 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
01:29:01.0795 3924 fvevol - ok
01:29:01.0837 3924 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
01:29:01.0840 3924 gagp30kx - ok
01:29:01.0889 3924 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:29:01.0926 3924 GEARAspiWDM - ok
01:29:02.0162 3924 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
01:29:02.0173 3924 gpsvc - ok
01:29:02.0217 3924 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
01:29:02.0240 3924 hamachi - ok
01:29:02.0302 3924 hcmon (d5fa01185a7d5a65724fd87b34e53f5b) C:\Windows\system32\drivers\hcmon.sys
01:29:02.0322 3924 hcmon - ok
01:29:02.0358 3924 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
01:29:02.0360 3924 hcw85cir - ok
01:29:02.0457 3924 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
01:29:02.0466 3924 HdAudAddService - ok
01:29:02.0516 3924 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
01:29:02.0521 3924 HDAudBus - ok
01:29:02.0534 3924 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
01:29:02.0538 3924 HidBatt - ok
01:29:02.0574 3924 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
01:29:02.0579 3924 HidBth - ok
01:29:02.0597 3924 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
01:29:02.0602 3924 HidIr - ok
01:29:02.0639 3924 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
01:29:02.0643 3924 hidserv - ok
01:29:02.0705 3924 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
01:29:02.0708 3924 HidUsb - ok
01:29:02.0760 3924 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
01:29:02.0765 3924 hkmsvc - ok
01:29:02.0829 3924 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
01:29:02.0837 3924 HomeGroupListener - ok
01:29:02.0908 3924 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
01:29:02.0916 3924 HomeGroupProvider - ok
01:29:02.0963 3924 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
01:29:02.0967 3924 HpSAMD - ok
01:29:03.0286 3924 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
01:29:03.0299 3924 HsfXAudioService - ok
01:29:03.0719 3924 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
01:29:03.0742 3924 HSF_DPV - ok
01:29:04.0219 3924 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
01:29:04.0237 3924 HTTP - ok
01:29:04.0257 3924 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
01:29:04.0259 3924 hwpolicy - ok
01:29:04.0315 3924 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
01:29:04.0318 3924 i8042prt - ok
01:29:04.0454 3924 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
01:29:04.0494 3924 iaStorV - ok
01:29:04.0637 3924 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
01:29:04.0643 3924 IDriverT - ok
01:29:04.0915 3924 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:29:04.0932 3924 idsvc - ok
01:29:06.0540 3924 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
01:29:06.0663 3924 igfx - ok
01:29:06.0988 3924 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
01:29:06.0992 3924 iirsp - ok
01:29:07.0232 3924 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
01:29:07.0251 3924 IKEEXT - ok
01:29:07.0278 3924 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
01:29:07.0280 3924 intelide - ok
01:29:07.0312 3924 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
01:29:07.0315 3924 intelppm - ok
01:29:07.0357 3924 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
01:29:07.0361 3924 IPBusEnum - ok
01:29:07.0382 3924 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:29:07.0385 3924 IpFilterDriver - ok
01:29:07.0546 3924 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
01:29:07.0560 3924 iphlpsvc - ok
01:29:07.0585 3924 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
01:29:07.0587 3924 IPMIDRV - ok
01:29:07.0617 3924 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
01:29:07.0620 3924 IPNAT - ok
01:29:07.0907 3924 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe
01:29:07.0928 3924 iPod Service - ok
01:29:07.0961 3924 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
01:29:07.0964 3924 IRENUM - ok
01:29:07.0982 3924 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
01:29:07.0986 3924 isapnp - ok
01:29:08.0061 3924 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
01:29:08.0068 3924 iScsiPrt - ok
01:29:08.0212 3924 JLTECH0227 (81581bf6ad60a571a2a7d9756b7776aa) C:\Windows\system32\Drivers\jl2005c.sys
01:29:08.0216 3924 JLTECH0227 - ok
01:29:08.0334 3924 k57nd60a (249ee2d26cb1530f3bede0ac8b9e3099) C:\Windows\system32\DRIVERS\k57nd60a.sys
01:29:08.0366 3924 k57nd60a - ok
01:29:08.0414 3924 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
01:29:08.0417 3924 kbdclass - ok
01:29:08.0455 3924 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
01:29:08.0458 3924 kbdhid - ok
01:29:08.0501 3924 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
01:29:08.0503 3924 KeyIso - ok
01:29:08.0695 3924 Kodak AiO Network Discovery Service (1a8d8cb042e2724385227f1a19a8decc) C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe
01:29:08.0705 3924 Kodak AiO Network Discovery Service - ok
01:29:08.0739 3924 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
01:29:08.0744 3924 KSecDD - ok
01:29:08.0811 3924 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
01:29:08.0819 3924 KSecPkg - ok
01:29:08.0860 3924 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
01:29:08.0863 3924 ksthunk - ok
01:29:08.0977 3924 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
01:29:08.0990 3924 KtmRm - ok
01:29:09.0046 3924 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
01:29:09.0050 3924 L1E - ok
01:29:09.0138 3924 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
01:29:09.0147 3924 LanmanServer - ok
01:29:09.0202 3924 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
01:29:09.0209 3924 LanmanWorkstation - ok
01:29:09.0252 3924 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
01:29:09.0256 3924 lltdio - ok
01:29:09.0352 3924 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
01:29:09.0362 3924 lltdsvc - ok
01:29:09.0380 3924 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
01:29:09.0383 3924 lmhosts - ok
01:29:09.0457 3924 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
01:29:09.0463 3924 LSI_FC - ok
01:29:09.0499 3924 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
01:29:09.0505 3924 LSI_SAS - ok
01:29:09.0527 3924 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:29:09.0531 3924 LSI_SAS2 - ok
01:29:09.0560 3924 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:29:09.0564 3924 LSI_SCSI - ok
01:29:09.0596 3924 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
01:29:09.0600 3924 luafv - ok
01:29:09.0654 3924 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
01:29:09.0661 3924 Mcx2Svc - ok
01:29:09.0687 3924 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
01:29:09.0691 3924 mdmxsdk - ok
01:29:09.0720 3924 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
01:29:09.0724 3924 megasas - ok
01:29:09.0799 3924 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
01:29:09.0808 3924 MegaSR - ok
01:29:09.0946 3924 Microsoft SharePoint Workspace Audit Service - ok
01:29:10.0004 3924 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:29:10.0010 3924 MMCSS - ok
01:29:10.0050 3924 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
01:29:10.0055 3924 Modem - ok
01:29:10.0092 3924 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
01:29:10.0096 3924 monitor - ok
01:29:10.0156 3924 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
01:29:10.0160 3924 mouclass - ok
01:29:10.0185 3924 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
01:29:10.0188 3924 mouhid - ok
01:29:10.0224 3924 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
01:29:10.0231 3924 mountmgr - ok
01:29:10.0324 3924 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:29:10.0329 3924 MozillaMaintenance - ok
01:29:10.0383 3924 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
01:29:10.0389 3924 mpio - ok
01:29:10.0423 3924 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
01:29:10.0426 3924 mpsdrv - ok
01:29:10.0661 3924 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
01:29:10.0681 3924 MpsSvc - ok
01:29:10.0730 3924 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
01:29:10.0734 3924 MRxDAV - ok
01:29:10.0812 3924 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
01:29:10.0817 3924 mrxsmb - ok
01:29:10.0931 3924 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:29:10.0939 3924 mrxsmb10 - ok
01:29:10.0988 3924 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:29:10.0993 3924 mrxsmb20 - ok
01:29:11.0019 3924 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
01:29:11.0022 3924 msahci - ok
01:29:11.0076 3924 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
01:29:11.0084 3924 msdsm - ok
01:29:11.0153 3924 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
01:29:11.0160 3924 MSDTC - ok
01:29:11.0199 3924 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
01:29:11.0203 3924 Msfs - ok
01:29:11.0234 3924 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
01:29:11.0238 3924 mshidkmdf - ok
01:29:11.0262 3924 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
01:29:11.0264 3924 msisadrv - ok
01:29:11.0328 3924 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
01:29:11.0336 3924 MSiSCSI - ok
01:29:11.0343 3924 msiserver - ok
01:29:11.0369 3924 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
01:29:11.0372 3924 MSKSSRV - ok
01:29:11.0387 3924 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
01:29:11.0390 3924 MSPCLOCK - ok
01:29:11.0402 3924 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
01:29:11.0405 3924 MSPQM - ok
01:29:11.0507 3924 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
01:29:11.0517 3924 MsRPC - ok
01:29:11.0550 3924 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
01:29:11.0553 3924 mssmbios - ok
01:29:11.0567 3924 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
01:29:11.0569 3924 MSTEE - ok
01:29:11.0577 3924 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
01:29:11.0579 3924 MTConfig - ok
01:29:11.0611 3924 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
01:29:11.0613 3924 Mup - ok
01:29:11.0755 3924 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
01:29:11.0768 3924 napagent - ok
01:29:11.0871 3924 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
01:29:11.0879 3924 NativeWifiP - ok
01:29:12.0121 3924 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
01:29:12.0142 3924 NDIS - ok
01:29:12.0169 3924 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
01:29:12.0172 3924 NdisCap - ok
01:29:12.0196 3924 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
01:29:12.0198 3924 NdisTapi - ok
01:29:12.0244 3924 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
01:29:12.0246 3924 Ndisuio - ok
01:29:12.0298 3924 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
01:29:12.0302 3924 NdisWan - ok
01:29:12.0325 3924 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
01:29:12.0328 3924 NDProxy - ok
01:29:12.0353 3924 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
01:29:12.0356 3924 NetBIOS - ok
01:29:12.0423 3924 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
01:29:12.0430 3924 NetBT - ok
01:29:12.0479 3924 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
01:29:12.0481 3924 Netlogon - ok
01:29:12.0608 3924 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
01:29:12.0619 3924 Netman - ok
01:29:12.0782 3924 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:29:12.0793 3924 NetMsmqActivator - ok
01:29:12.0802 3924 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:29:12.0806 3924 NetPipeActivator - ok
01:29:12.0933 3924 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
01:29:12.0946 3924 netprofm - ok
01:29:13.0144 3924 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys
01:29:13.0158 3924 netr28x - ok
01:29:13.0392 3924 netr7364 (621559a521682a888d83db34c6ec0bf8) C:\Windows\system32\DRIVERS\netr7364.sys
01:29:13.0417 3924 netr7364 - ok
01:29:13.0572 3924 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:29:13.0575 3924 NetTcpActivator - ok
01:29:13.0584 3924 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:29:13.0588 3924 NetTcpPortSharing - ok
01:29:13.0625 3924 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
01:29:13.0629 3924 nfrd960 - ok
01:29:13.0725 3924 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
01:29:13.0735 3924 NlaSvc - ok
01:29:13.0812 3924 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\DRIVERS\npf.sys
01:29:13.0815 3924 NPF - ok
01:29:13.0837 3924 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
01:29:13.0840 3924 Npfs - ok
01:29:13.0859 3924 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
01:29:13.0862 3924 nsi - ok
01:29:13.0872 3924 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
01:29:13.0875 3924 nsiproxy - ok
01:29:14.0328 3924 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
01:29:14.0355 3924 Ntfs - ok
01:29:14.0616 3924 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
01:29:14.0619 3924 Null - ok
01:29:14.0696 3924 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
01:29:14.0710 3924 nvraid - ok
01:29:14.0789 3924 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
01:29:14.0795 3924 nvstor - ok
01:29:14.0850 3924 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
01:29:14.0855 3924 nv_agp - ok
01:29:14.0886 3924 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
01:29:14.0890 3924 ohci1394 - ok
01:29:15.0030 3924 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:29:15.0036 3924 ose - ok
01:29:16.0240 3924 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:29:16.0376 3924 osppsvc - ok
01:29:16.0704 3924 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:29:16.0714 3924 p2pimsvc - ok
01:29:16.0856 3924 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
01:29:16.0868 3924 p2psvc - ok
01:29:16.0945 3924 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
01:29:16.0950 3924 Parport - ok
01:29:17.0018 3924 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
01:29:17.0024 3924 partmgr - ok
01:29:17.0092 3924 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
01:29:17.0097 3924 PcaSvc - ok
01:29:17.0155 3924 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
01:29:17.0159 3924 pci - ok
01:29:17.0171 3924 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
01:29:17.0173 3924 pciide - ok
01:29:17.0239 3924 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
01:29:17.0245 3924 pcmcia - ok
01:29:17.0275 3924 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
01:29:17.0278 3924 pcw - ok
01:29:17.0454 3924 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
01:29:17.0464 3924 PEAUTH - ok
01:29:17.0665 3924 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
01:29:17.0668 3924 PerfHost - ok
01:29:18.0280 3924 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
01:29:18.0331 3924 pla - ok
01:29:18.0494 3924 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
01:29:18.0506 3924 PlugPlay - ok
01:29:18.0607 3924 pneteth (8ac5649c9070674d4607301c180ab10b) C:\Windows\system32\DRIVERS\pneteth.sys
01:29:18.0610 3924 pneteth - ok
01:29:18.0661 3924 pnetmdm (06841f5cd8410b6bdc0b5a631b8f8787) C:\Windows\system32\DRIVERS\pnetmdm64.sys
01:29:18.0664 3924 pnetmdm - ok
01:29:18.0704 3924 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
01:29:18.0710 3924 PNRPAutoReg - ok
01:29:18.0806 3924 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:29:18.0811 3924 PNRPsvc - ok
01:29:18.0946 3924 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
01:29:18.0958 3924 PolicyAgent - ok
01:29:19.0032 3924 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
01:29:19.0040 3924 Power - ok
01:29:19.0101 3924 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
01:29:19.0106 3924 PptpMiniport - ok
01:29:19.0132 3924 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
01:29:19.0138 3924 Processor - ok
01:29:19.0224 3924 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
01:29:19.0232 3924 ProfSvc - ok
01:29:19.0279 3924 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
01:29:19.0282 3924 ProtectedStorage - ok
01:29:19.0344 3924 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
01:29:19.0350 3924 Psched - ok
01:29:19.0402 3924 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
01:29:19.0406 3924 PxHlpa64 - ok
01:29:19.0767 3924 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
01:29:19.0799 3924 ql2300 - ok
01:29:20.0098 3924 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
01:29:20.0105 3924 ql40xx - ok
01:29:20.0209 3924 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
01:29:20.0219 3924 QWAVE - ok
01:29:20.0276 3924 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
01:29:20.0280 3924 QWAVEdrv - ok
01:29:20.0318 3924 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
01:29:20.0321 3924 RasAcd - ok
01:29:20.0387 3924 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
01:29:20.0391 3924 RasAgileVpn - ok
01:29:20.0440 3924 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
01:29:20.0447 3924 RasAuto - ok
01:29:20.0531 3924 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:29:20.0537 3924 Rasl2tp - ok
01:29:20.0645 3924 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
01:29:20.0653 3924 RasMan - ok
01:29:20.0690 3924 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
01:29:20.0693 3924 RasPppoe - ok
01:29:20.0722 3924 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
01:29:20.0725 3924 RasSstp - ok
01:29:20.0811 3924 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
01:29:20.0820 3924 rdbss - ok
01:29:20.0838 3924 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
01:29:20.0841 3924 rdpbus - ok
01:29:20.0855 3924 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:29:20.0858 3924 RDPCDD - ok
01:29:20.0886 3924 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
01:29:20.0888 3924 RDPENCDD - ok
01:29:20.0912 3924 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
01:29:20.0914 3924 RDPREFMP - ok
01:29:21.0001 3924 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
01:29:21.0008 3924 RDPWD - ok
01:29:21.0079 3924 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
01:29:21.0086 3924 rdyboost - ok
01:29:21.0132 3924 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
01:29:21.0139 3924 RemoteAccess - ok
01:29:21.0202 3924 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
01:29:21.0210 3924 RemoteRegistry - ok
01:29:21.0306 3924 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
01:29:21.0313 3924 RFCOMM - ok
01:29:21.0366 3924 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
01:29:21.0370 3924 ROOTMODEM - ok
01:29:21.0409 3924 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
01:29:21.0413 3924 RpcEptMapper - ok
01:29:21.0432 3924 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
01:29:21.0435 3924 RpcLocator - ok
01:29:21.0568 3924 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
01:29:21.0579 3924 RpcSs - ok
01:29:21.0618 3924 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
01:29:21.0623 3924 rspndr - ok
01:29:21.0732 3924 RSUSBSTOR (db30aa4daa0d492fa5d7717d8181ffa1) C:\Windows\system32\Drivers\RtsUStor.sys
01:29:21.0740 3924 RSUSBSTOR - ok
01:29:21.0790 3924 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
01:29:21.0793 3924 SamSs - ok
01:29:21.0859 3924 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
01:29:21.0871 3924 sbp2port - ok
01:29:21.0944 3924 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
01:29:21.0954 3924 SCardSvr - ok
01:29:21.0981 3924 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
01:29:21.0985 3924 scfilter - ok
01:29:22.0337 3924 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
01:29:22.0361 3924 Schedule - ok
01:29:22.0423 3924 SCMNdisP (6011cdf54bb6f4c69f38faccdad73d7e) C:\Windows\system32\DRIVERS\scmndisp.sys
01:29:22.0427 3924 SCMNdisP - ok
01:29:22.0465 3924 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
01:29:22.0468 3924 SCPolicySvc - ok
01:29:22.0538 3924 ScreamBAudioSvc (490b0b68bb938d5c628ec4a67277be75) C:\Windows\system32\drivers\ScreamingBAudio64.sys
01:29:22.0542 3924 ScreamBAudioSvc - ok
01:29:22.0610 3924 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
01:29:22.0618 3924 SDRSVC - ok
01:29:22.0689 3924 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
01:29:22.0692 3924 secdrv - ok
01:29:22.0728 3924 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
01:29:22.0731 3924 seclogon - ok
01:29:22.0757 3924 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
01:29:22.0761 3924 SENS - ok
01:29:22.0801 3924 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
01:29:22.0805 3924 SensrSvc - ok
01:29:22.0823 3924 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
01:29:22.0825 3924 Serenum - ok
01:29:22.0864 3924 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
01:29:22.0867 3924 Serial - ok
01:29:22.0879 3924 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
01:29:22.0882 3924 sermouse - ok
01:29:22.0935 3924 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
01:29:22.0942 3924 SessionEnv - ok
01:29:22.0992 3924 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
01:29:22.0996 3924 sffdisk - ok
01:29:23.0019 3924 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
01:29:23.0022 3924 sffp_mmc - ok
01:29:23.0036 3924 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
01:29:23.0040 3924 sffp_sd - ok
01:29:23.0055 3924 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
01:29:23.0058 3924 sfloppy - ok
01:29:23.0261 3924 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
01:29:23.0272 3924 SharedAccess - ok
01:29:23.0373 3924 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
01:29:23.0384 3924 ShellHWDetection - ok
01:29:23.0425 3924 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:29:23.0429 3924 SiSRaid2 - ok
01:29:23.0467 3924 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
01:29:23.0473 3924 SiSRaid4 - ok
01:29:23.0527 3924 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
01:29:23.0532 3924 Smb - ok
01:29:23.0573 3924 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
01:29:23.0579 3924 SNMPTRAP - ok
01:29:23.0599 3924 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
01:29:23.0602 3924 spldr - ok
01:29:23.0775 3924 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
01:29:23.0799 3924 Spooler - ok
01:29:24.0675 3924 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
01:29:24.0717 3924 sppsvc - ok
01:29:24.0977 3924 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
01:29:24.0983 3924 sppuinotify - ok
01:29:25.0210 3924 sptd (d519ad2de7968cd2b47fea807c5b29b2) C:\Windows\System32\Drivers\sptd.sys
01:29:25.0212 3924 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: d519ad2de7968cd2b47fea807c5b29b2
01:29:25.0217 3924 sptd ( LockedFile.Multi.Generic ) - warning
01:29:25.0217 3924 sptd - detected LockedFile.Multi.Generic (1)
01:29:25.0363 3924 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
01:29:25.0375 3924 srv - ok
01:29:25.0477 3924 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
01:29:25.0488 3924 srv2 - ok
01:29:25.0601 3924 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
01:29:25.0609 3924 SrvHsfHDA - ok
01:29:25.0980 3924 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
01:29:26.0003 3924 SrvHsfV92 - ok
01:29:26.0423 3924 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
01:29:26.0443 3924 SrvHsfWinac - ok
01:29:26.0515 3924 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
01:29:26.0519 3924 srvnet - ok
01:29:26.0592 3924 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
01:29:26.0600 3924 SSDPSRV - ok
01:29:26.0631 3924 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
01:29:26.0637 3924 SstpSvc - ok
01:29:26.0714 3924 Steam Client Service - ok
01:29:26.0746 3924 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
01:29:26.0750 3924 stexstor - ok
01:29:26.0919 3924 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
01:29:26.0935 3924 stisvc - ok
01:29:26.0953 3924 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
01:29:26.0957 3924 swenum - ok
01:29:27.0086 3924 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
01:29:27.0101 3924 swprv - ok
01:29:27.0214 3924 SynTP (ed6d1424e5b0c21a57b28dd8508d6843) C:\Windows\system32\DRIVERS\SynTP.sys
01:29:27.0223 3924 SynTP - ok
01:29:27.0708 3924 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
01:29:27.0747 3924 SysMain - ok
01:29:28.0009 3924 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
01:29:28.0016 3924 TabletInputService - ok
01:29:28.0112 3924 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
01:29:28.0122 3924 TapiSrv - ok
01:29:28.0157 3924 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
01:29:28.0167 3924 TBS - ok
01:29:28.0721 3924 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
01:29:28.0752 3924 Tcpip - ok
01:29:29.0490 3924 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
01:29:29.0508 3924 TCPIP6 - ok
01:29:29.0773 3924 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
01:29:29.0777 3924 tcpipreg - ok
01:29:29.0807 3924 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
01:29:29.0813 3924 TDPIPE - ok
01:29:29.0854 3924 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
01:29:29.0856 3924 TDTCP - ok
01:29:29.0893 3924 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
01:29:29.0896 3924 tdx - ok
01:29:29.0926 3924 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
01:29:29.0929 3924 TermDD - ok
01:29:30.0120 3924 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
01:29:30.0138 3924 TermService - ok
01:29:30.0172 3924 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
01:29:30.0175 3924 Themes - ok
01:29:30.0214 3924 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:29:30.0216 3924 THREADORDER - ok
01:29:30.0260 3924 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
01:29:30.0264 3924 TrkWks - ok
01:29:30.0346 3924 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
01:29:30.0352 3924 TrustedInstaller - ok
01:29:30.0387 3924 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:29:30.0389 3924 tssecsrv - ok
01:29:30.0467 3924 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
01:29:30.0472 3924 tunnel - ok
01:29:30.0506 3924 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
01:29:30.0511 3924 uagp35 - ok
01:29:30.0605 3924 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
01:29:30.0615 3924 udfs - ok
01:29:30.0752 3924 ufad-ws60 (215462ae7e6a897d675e84dd1e3b3b56) C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe
01:29:30.0760 3924 ufad-ws60 - ok
01:29:30.0813 3924 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
01:29:30.0818 3924 UI0Detect - ok
01:29:30.0847 3924 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
01:29:30.0850 3924 uliagpkx - ok
01:29:30.0890 3924 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
01:29:30.0904 3924 umbus - ok
01:29:30.0911 3924 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
01:29:30.0914 3924 UmPass - ok
01:29:31.0067 3924 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
01:29:31.0074 3924 Updater Service - ok
01:29:31.0193 3924 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
01:29:31.0204 3924 upnphost - ok
01:29:31.0283 3924 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
01:29:31.0288 3924 usbaudio - ok
01:29:31.0349 3924 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
01:29:31.0395 3924 usbccgp - ok
01:29:31.0453 3924 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
01:29:31.0459 3924 usbcir - ok
01:29:31.0507 3924 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
01:29:31.0511 3924 usbehci - ok
01:29:31.0567 3924 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
01:29:31.0571 3924 usbfilter - ok
01:29:31.0699 3924 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
01:29:31.0709 3924 usbhub - ok
01:29:31.0736 3924 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
01:29:31.0738 3924 usbohci - ok
01:29:31.0767 3924 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
01:29:31.0770 3924 usbprint - ok
01:29:31.0829 3924 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:29:31.0833 3924 USBSTOR - ok
01:29:31.0873 3924 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
01:29:31.0876 3924 usbuhci - ok
01:29:31.0973 3924 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
01:29:31.0981 3924 usbvideo - ok
01:29:32.0014 3924 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
01:29:32.0019 3924 UxSms - ok
01:29:32.0068 3924 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
01:29:32.0072 3924 VaultSvc - ok
01:29:32.0143 3924 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
01:29:32.0145 3924 vdrvroot - ok
01:29:32.0296 3924 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
01:29:32.0311 3924 vds - ok
01:29:32.0344 3924 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
01:29:32.0347 3924 vga - ok
01:29:32.0371 3924 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
01:29:32.0375 3924 VgaSave - ok
01:29:32.0426 3924 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
01:29:32.0431 3924 vhdmp - ok
01:29:32.0453 3924 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
01:29:32.0455 3924 viaide - ok
01:29:32.0593 3924 VMAuthdService (11dcd7a2a0b1f8532b80f5aa98f9903e) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
01:29:32.0598 3924 VMAuthdService - ok
01:29:32.0653 3924 vmci (4c8a14dbd410b510a88f77cb645f2c2a) C:\Windows\system32\drivers\vmci.sys
01:29:32.0682 3924 vmci - ok
01:29:32.0757 3924 vmkbd (ffc30caeeb2fc5fee8568cff74edeaed) C:\Windows\system32\drivers\VMkbd.sys
01:29:32.0761 3924 vmkbd - ok
01:29:32.0779 3924 VMnetAdapter (9d54f1339e78c95bf3d9939ebcb66378) C:\Windows\system32\DRIVERS\vmnetadapter.sys
01:29:32.0782 3924 VMnetAdapter - ok
01:29:32.0810 3924 VMnetBridge (fb54ef3aa613d2832fd3812e7cb2fc75) C:\Windows\system32\DRIVERS\vmnetbridge.sys
01:29:32.0813 3924 VMnetBridge - ok
01:29:32.0817 3924 VMnetDHCP - ok
01:29:32.0842 3924 VMnetuserif (d0b809f6a9fb437c2b880c3ca8c10780) C:\Windows\system32\drivers\vmnetuserif.sys
01:29:32.0845 3924 VMnetuserif - ok
01:29:33.0049 3924 VMUSBArbService (19368f7c4dc6ef444b826249fc8a0e30) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
01:29:33.0062 3924 VMUSBArbService - ok
01:29:33.0095 3924 VMware NAT Service - ok
01:29:33.0127 3924 vmx86 (541a6d6536710fd0602ec3aa24a81756) C:\Windows\system32\drivers\vmx86.sys
01:29:33.0130 3924 vmx86 - ok
01:29:33.0169 3924 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
01:29:33.0172 3924 volmgr - ok
01:29:33.0276 3924 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
01:29:33.0286 3924 volmgrx - ok
01:29:33.0377 3924 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
01:29:33.0386 3924 volsnap - ok
01:29:33.0479 3924 vpcbus (abd9b4a7e2d0ae51a3b8df1af3152d61) C:\Windows\system32\DRIVERS\vpchbus.sys
01:29:33.0486 3924 vpcbus - ok
01:29:33.0543 3924 vpcnfltr (8acda395841538ce9713a67fe8b2a3eb) C:\Windows\system32\DRIVERS\vpcnfltr.sys
01:29:33.0548 3924 vpcnfltr - ok
01:29:33.0608 3924 vpcusb (31924e31bc315773e6d149b157db46d5) C:\Windows\system32\DRIVERS\vpcusb.sys
01:29:33.0613 3924 vpcusb - ok
01:29:33.0794 3924 vpcvmm (510d250a08c09850f5c78ca2011b3b62) C:\Windows\system32\drivers\vpcvmm.sys
01:29:33.0850 3924 vpcvmm - ok
01:29:33.0926 3924 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
01:29:33.0930 3924 vsmraid - ok
01:29:34.0365 3924 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
01:29:34.0409 3924 VSS - ok
01:29:34.0505 3924 vstor2-ws60 (e61c910e2ddf4797c1b1f9239636e894) C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys
01:29:34.0509 3924 vstor2-ws60 - ok
01:29:34.0772 3924 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
01:29:34.0775 3924 vwifibus - ok
01:29:34.0804 3924 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
01:29:34.0808 3924 vwififlt - ok
01:29:34.0829 3924 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
01:29:34.0833 3924 vwifimp - ok
01:29:34.0947 3924 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
01:29:34.0959 3924 W32Time - ok
01:29:34.0987 3924 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
01:29:34.0990 3924 WacomPen - ok
01:29:35.0037 3924 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
01:29:35.0040 3924 WANARP - ok
01:29:35.0045 3924 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
01:29:35.0047 3924 Wanarpv6 - ok
01:29:35.0415 3924 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
01:29:35.0440 3924 WatAdminSvc - ok
01:29:35.0808 3924 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
01:29:35.0835 3924 wbengine - ok
01:29:36.0095 3924 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
01:29:36.0104 3924 WbioSrvc - ok
01:29:36.0232 3924 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
01:29:36.0245 3924 wcncsvc - ok
01:29:36.0276 3924 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
01:29:36.0283 3924 WcsPlugInService - ok
01:29:36.0341 3924 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
01:29:36.0346 3924 Wd - ok
01:29:36.0530 3924 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
01:29:36.0546 3924 Wdf01000 - ok
01:29:36.0598 3924 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:29:36.0604 3924 WdiServiceHost - ok
01:29:36.0611 3924 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:29:36.0614 3924 WdiSystemHost - ok
01:29:36.0709 3924 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
01:29:36.0719 3924 WebClient - ok
01:29:36.0804 3924 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
01:29:36.0811 3924 Wecsvc - ok
01:29:36.0845 3924 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
01:29:36.0850 3924 wercplsupport - ok
01:29:36.0912 3924 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
01:29:36.0935 3924 WerSvc - ok
01:29:37.0017 3924 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
01:29:37.0021 3924 WfpLwf - ok
01:29:37.0043 3924 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
01:29:37.0047 3924 WIMMount - ok
01:29:37.0281 3924 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
01:29:37.0298 3924 winachsf - ok
01:29:37.0330 3924 WinDefend - ok
01:29:37.0353 3924 WinHttpAutoProxySvc - ok
01:29:37.0486 3924 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
01:29:37.0492 3924 Winmgmt - ok
01:29:38.0066 3924 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
01:29:38.0114 3924 WinRM - ok
01:29:38.0582 3924 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
01:29:38.0604 3924 Wlansvc - ok
01:29:39.0251 3924 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:29:39.0278 3924 wlidsvc - ok
01:29:39.0535 3924 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
01:29:39.0539 3924 WmiAcpi - ok
01:29:39.0632 3924 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
01:29:39.0637 3924 wmiApSrv - ok
01:29:39.0673 3924 WMPNetworkSvc - ok
01:29:39.0705 3924 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
01:29:39.0711 3924 WPCSvc - ok
01:29:39.0753 3924 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
01:29:39.0757 3924 WPDBusEnum - ok
01:29:39.0791 3924 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
01:29:39.0793 3924 ws2ifsl - ok
01:29:39.0853 3924 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
01:29:39.0857 3924 wscsvc - ok
01:29:39.0893 3924 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
01:29:39.0896 3924 WSDPrintDevice - ok
01:29:39.0902 3924 WSearch - ok
01:29:40.0069 3924 WSWNDA3100 (2a7db6a6f2c2e7cb40311d5b9340060d) C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
01:29:40.0076 3924 WSWNDA3100 - ok
01:29:40.0738 3924 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
01:29:40.0771 3924 wuauserv - ok
01:29:41.0073 3924 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
01:29:41.0079 3924 WudfPf - ok
01:29:41.0160 3924 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:29:41.0166 3924 WUDFRd - ok
01:29:41.0220 3924 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
01:29:41.0227 3924 wudfsvc - ok
01:29:41.0298 3924 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
01:29:41.0308 3924 WwanSvc - ok
01:29:41.0347 3924 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
01:29:41.0350 3924 XAudio - ok
01:29:41.0510 3924 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
01:29:42.0546 3924 \Device\Harddisk0\DR0 - ok
01:29:42.0554 3924 Boot (0x1200) (c9462c34bd835b0ea21f893dde30a12f) \Device\Harddisk0\DR0\Partition0
01:29:42.0559 3924 \Device\Harddisk0\DR0\Partition0 - ok
01:29:42.0593 3924 Boot (0x1200) (9da6d000ec83d20bc05184f80190a8c3) \Device\Harddisk0\DR0\Partition1
01:29:42.0597 3924 \Device\Harddisk0\DR0\Partition1 - ok
01:29:42.0626 3924 Boot (0x1200) (73ffb7a77fa6e9205646e44785ec9121) \Device\Harddisk0\DR0\Partition2
01:29:42.0630 3924 \Device\Harddisk0\DR0\Partition2 - ok
01:29:42.0630 3924 ============================================================
01:29:42.0630 3924 Scan finished
01:29:42.0630 3924 ============================================================
01:29:42.0643 3780 Detected object count: 1
01:29:42.0643 3780 Actual detected object count: 1
01:31:38.0773 3780 sptd ( LockedFile.Multi.Generic ) - skipped by user
01:31:38.0773 3780 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

#4 pwcapell

pwcapell
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 07 June 2012 - 12:02 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-04 23:14:35
-----------------------------
23:14:35.875 OS Version: Windows x64 6.1.7600
23:14:35.875 Number of processors: 2 586 0x602
23:14:35.875 ComputerName: PCLAPTOP UserName: Phil
23:14:42.989 Initialize success
23:14:55.063 AVAST engine defs: 12060301
23:15:06.342 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007c
23:15:06.342 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 11
23:15:06.358 Disk 0 MBR read successfully
23:15:06.373 Disk 0 MBR scan
23:15:06.373 Disk 0 Windows VISTA default MBR code
23:15:06.389 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12000 MB offset 2048
23:15:06.420 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 24578048
23:15:06.436 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 411240 MB offset 24782848
23:15:06.436 Disk 0 Partition - 00 0F Extended LBA 53597 MB offset 867004416
23:15:06.483 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 53596 MB offset 867006464
23:15:06.529 Disk 0 scanning C:\Windows\system32\drivers
23:15:21.817 Service scanning
23:15:55.935 Modules scanning
23:15:56.481 Disk 0 trace - called modules:
23:15:56.527 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa800447f2c0]<<sptd.sys amdxata.sys ACPI.sys storport.sys hal.dll amdsata.sys
23:15:56.543 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004aa7060]
23:15:56.543 3 CLASSPNP.SYS[fffff88001ae043f] -> nt!IofCallDriver -> [0xfffffa80049e9970]
23:15:56.559 \Driver\amdxata[0xfffffa800493a2b0] -> IRP_MJ_CREATE -> 0xfffffa800447f2c0
23:15:56.574 5 amdxata.sys[fffff88000e158b9] -> nt!IofCallDriver -> [0xfffffa80049e9040]
23:15:56.590 7 ACPI.sys[fffff8800119b781] -> nt!IofCallDriver -> \Device\0000007c[0xfffffa80049e5580]
23:15:56.590 \Driver\amdsata[0xfffffa800493a660] -> IRP_MJ_CREATE -> 0xfffffa80044772c0
23:16:02.518 AVAST engine scan C:\Windows
23:16:11.800 AVAST engine scan C:\Windows\system32
23:24:25.766 AVAST engine scan C:\Windows\system32\drivers
23:24:53.799 AVAST engine scan C:\Users\Phil
23:44:43.465 AVAST engine scan C:\ProgramData
23:50:20.387 File: C:\ProgramData\Microsoft\Windows\DRM\9DA6.tmp **INFECTED** Win32:Malware-gen
00:02:12.875 Scan finished successfully
00:18:03.657 Disk 0 MBR has been saved successfully to "C:\Users\Phil\Desktop\MBR.dat"
00:18:03.664 The log file has been saved successfully to "C:\Users\Phil\Desktop\aswMBR.txt"




The other scanner I ran, it took about 2 hours. I may have missed it but at the end I didn't see anything about exporting a log.
ESET found - and stated that it deleted/quarentined - 4 items:

win64/olmarik.ad
html/scrinject.b.gen
variant of win32\kryptik (twice)

If it's necessary for me to run that again I can, it just takes forever.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:03 PM

Posted 07 June 2012 - 12:38 AM

Ignore eset log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#6 pwcapell

pwcapell
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 08 June 2012 - 08:09 PM

Had a clean MalwareBytes scan the first scan.




MiniToolBox by Farbar Version: 04-06-2012
Ran by Phil (administrator) on 08-06-2012 at 21:05:22
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Could not flush the DNS Resolver Cache: Function failed during execution.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Atheros AR5B93 Wireless Network Adapter = Wireless Network Connection (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
PdaNet Broadband Adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection 2-WFP LightWeight Filter-0000" nexthop=5.0.0.1 publish=Yes
set interface interface="Local Area Connection 2-WFP LightWeight Filter-0000" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="VMware Network Adapter VMnet1" address=192.168.217.1
add address name="VMware Network Adapter VMnet8" address=192.168.148.1


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : PCLaptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : PdaNet Broadband Adapter
Physical Address. . . . . . . . . : 00-26-37-BD-39-42
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 76-1A-04-79-8B-7C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Atheros AR5B93 Wireless Network Adapter
Physical Address. . . . . . . . . : 70-1A-04-79-8B-7C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::24c8:d626:e610:1a63%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, June 08, 2012 8:57:21 PM
Lease Expires . . . . . . . . . . : Tuesday, July 16, 2148 3:34:21 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 191896068
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-AD-ED-71-70-1A-04-79-8B-7C
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.wv.comcast.net.
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-2D-6F-73-AE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VMware Network Adapter VMnet1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::45e1:882c:c9:4f25%52(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.217.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 905990230
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-AD-ED-71-70-1A-04-79-8B-7C
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet8:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9885:9a82:9b86:dad0%53(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.148.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 1191202902
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-AD-ED-71-70-1A-04-79-8B-7C
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{D20750E7-37B9-4A9D-8FEB-62A1CB0A5108}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable Microsoft 6To4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{CF47AD5F-54FB-4430-AD53-4B5337BE3691}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 27:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #10
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 26:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B6C1660E-B6FE-4CDE-B3DF-D27DB85F618C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #10
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {8E2BE19C-14F9-4B8E-941C-0CDBBC885A8F}:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.2.2%62(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 24:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: google.com.Belkin
Address: 67.215.65.132


Pinging google.com [74.125.228.4] with 32 bytes of data:
Reply from 74.125.228.4: bytes=32 time=27ms TTL=52
Reply from 74.125.228.4: bytes=32 time=23ms TTL=52

Ping statistics for 74.125.228.4:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 27ms, Average = 25ms
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: yahoo.com.Belkin
Address: 67.215.65.132


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=64ms TTL=47
Reply from 209.191.122.70: bytes=32 time=70ms TTL=47

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 70ms, Average = 67ms
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: bleepingcomputer.com.Belkin
Address: 67.215.65.132


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
55...00 26 37 bd 39 42 ......PdaNet Broadband Adapter
16...76 1a 04 79 8b 7c ......Microsoft Virtual WiFi Miniport Adapter #2
15...70 1a 04 79 8b 7c ......Atheros AR5B93 Wireless Network Adapter
11...00 26 2d 6f 73 ae ......Broadcom NetLink ™ Gigabit Ethernet
52...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
53...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
43...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
47...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
48...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #5
51...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
54...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
60...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #10
58...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #9
59...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #10
62...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #9
56...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #7
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.2 276
192.168.2.2 255.255.255.255 On-link 192.168.2.2 276
192.168.2.255 255.255.255.255 On-link 192.168.2.2 276
192.168.148.0 255.255.255.0 On-link 192.168.148.1 276
192.168.148.1 255.255.255.255 On-link 192.168.148.1 276
192.168.148.255 255.255.255.255 On-link 192.168.148.1 276
192.168.217.0 255.255.255.0 On-link 192.168.217.1 276
192.168.217.1 255.255.255.255 On-link 192.168.217.1 276
192.168.217.255 255.255.255.255 On-link 192.168.217.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.217.1 276
224.0.0.0 240.0.0.0 On-link 192.168.148.1 276
224.0.0.0 240.0.0.0 On-link 192.168.2.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.217.1 276
255.255.255.255 255.255.255.255 On-link 192.168.148.1 276
255.255.255.255 255.255.255.255 On-link 192.168.2.2 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 5.0.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
52 276 fe80::/64 On-link
53 276 fe80::/64 On-link
15 276 fe80::/64 On-link
62 276 fe80::5efe:192.168.2.2/128
On-link
15 276 fe80::24c8:d626:e610:1a63/128
On-link
52 276 fe80::45e1:882c:c9:4f25/128
On-link
53 276 fe80::9885:9a82:9b86:dad0/128
On-link
1 306 ff00::/8 On-link
52 276 ff00::/8 On-link
53 276 ff00::/8 On-link
15 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll [346736] (VMware, Inc.)
Catalog9 13 C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll [346736] (VMware, Inc.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 12 C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll [446576] (VMware, Inc.)
x64-Catalog9 13 C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll [446576] (VMware, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/07/2012 10:50:40 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (06/08/2012 09:06:10 PM) (Source: Microsoft-Windows-DNS-Client) (User: Phil)
Description: There was an error while attempting to read the local hosts file.

Error: (06/08/2012 09:06:08 PM) (Source: Microsoft-Windows-DNS-Client) (User: Phil)
Description: There was an error while attempting to read the local hosts file.

Error: (06/08/2012 09:06:06 PM) (Source: Microsoft-Windows-DNS-Client) (User: Phil)
Description: There was an error while attempting to read the local hosts file.

Error: (06/08/2012 09:00:53 PM) (Source: Microsoft-Windows-DNS-Client) (User: SYSTEM)
Description: There was an error while attempting to read the local hosts file.

Error: (06/08/2012 09:00:50 PM) (Source: Microsoft-Windows-DNS-Client) (User: SYSTEM)
Description: There was an error while attempting to read the local hosts file.

Error: (06/08/2012 08:58:27 PM) (Source: Microsoft-Windows-DNS-Client) (User: LOCAL SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (06/08/2012 08:58:06 PM) (Source: Microsoft-Windows-DNS-Client) (User: SYSTEM)
Description: There was an error while attempting to read the local hosts file.

Error: (06/08/2012 08:57:57 PM) (Source: Microsoft-Windows-DNS-Client) (User: SYSTEM)
Description: There was an error while attempting to read the local hosts file.

Error: (06/08/2012 08:57:53 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (06/08/2012 08:57:53 PM) (Source: Microsoft-Windows-DNS-Client) (User: SYSTEM)
Description: There was an error while attempting to read the local hosts file.


Microsoft Office Sessions:
=========================
Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/08/2012 09:00:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/07/2012 10:50:40 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.228)
Adobe Reader X (10.1.3) (Version: 10.1.3)
aiofw (Version: 4.2.6.0)
aioprnt (Version: 5.3.1.0)
aioscnnr (Version: 4.2.6.0)
AMD Catalyst Install Manager (Version: 3.0.851.0)
AMD Fuel (Version: 2011.1025.2231.38573)
AMD USB Filter Driver (Version: 1.0.11.86)
AMD VISION Engine Control Center (Version: 2011.1025.2231.38573)
Android SDK Tools (Version: 1.14)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Application Profiles (Version: 2.0.4331.36041)
ArcSoft PhotoStudio 2000
AVG 2012 (Version: 12.0.2178)
AVG 2012 (Version: 12.0.2433)
AVG 2012 (Version: 2012.0.2178)
Belkin 54Mbps Wireless Network Adapter (Version: 3.00.07)
Black and White
Broadcom Gigabit NetLink Controller (Version: 12.26.02)
C4USelfUpdater (Version: 1.00.0000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.1025.2231.38573)
Catalyst Control Center InstallProxy (Version: 2009.0729.2227.38498)
Catalyst Control Center InstallProxy (Version: 2011.1025.2231.38573)
Catalyst Control Center Localization All (Version: 2011.1025.2231.38573)
ccc-utility64 (Version: 2011.1025.2231.38573)
CCC Help Chinese Standard (Version: 2011.1025.2230.38573)
CCC Help Chinese Traditional (Version: 2011.1025.2230.38573)
CCC Help Czech (Version: 2011.1025.2230.38573)
CCC Help Danish (Version: 2011.1025.2230.38573)
CCC Help Dutch (Version: 2011.1025.2230.38573)
CCC Help English (Version: 2011.1025.2230.38573)
CCC Help Finnish (Version: 2011.1025.2230.38573)
CCC Help French (Version: 2011.1025.2230.38573)
CCC Help German (Version: 2011.1025.2230.38573)
CCC Help Greek (Version: 2011.1025.2230.38573)
CCC Help Hungarian (Version: 2011.1025.2230.38573)
CCC Help Italian (Version: 2011.1025.2230.38573)
CCC Help Japanese (Version: 2011.1025.2230.38573)
CCC Help Korean (Version: 2011.1025.2230.38573)
CCC Help Norwegian (Version: 2011.1025.2230.38573)
CCC Help Polish (Version: 2011.1025.2230.38573)
CCC Help Portuguese (Version: 2011.1025.2230.38573)
CCC Help Russian (Version: 2011.1025.2230.38573)
CCC Help Spanish (Version: 2011.1025.2230.38573)
CCC Help Swedish (Version: 2011.1025.2230.38573)
CCC Help Thai (Version: 2011.1025.2230.38573)
CCC Help Turkish (Version: 2011.1025.2230.38573)
center (Version: 5.0.0.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.98.9.0)
Counter-Strike: Source
Coupon Printer for Windows (Version: 5.0.0.1)
Curse Client (Version: 4.0.1.260)
CutePDF Writer 2.7
CyberLink PowerDVD 8 (Version: 8.0.3402)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.1.0236)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diablo III (Version: 1.0.1.9558)
Dropbox (Version: 1.1.35)
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
EA Download Manager (Version: 7.1.4.31)
Empire Earth II Demo (Version: 1.00)
ESET Online Scanner v3
Gateway Power Management (Version: 4.05.3004)
Gateway Recovery Management (Version: 4.05.3005)
Gateway Updater (Version: 1.01.3017)
Half-Life 2
Half-Life 2: Deathmatch
Half-Life 2: Lost Coast
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.56)
Identity Card (Version: 1.00.3002)
Internet TV for Windows Media Center (Version: 4.2.2.0)
ISA 2 basic (Version: 2.0 RC6b)
ISO Recorder (Version: 3.1.0)
iTunes (Version: 10.4.1.10)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 7 Update 1 (64-bit) (Version: 7.0.10)
Java™ SE Development Kit 7 Update 1 (64-bit) (Version: 1.7.0.10)
Junk Mail filter update (Version: 15.4.3502.0922)
KODAK AiO Home Center (Version: 5.4.6.4)
ksDIP (Version: 3.20.0000.0001)
Launch Manager (Version: 3.0.04)
Lego Star Wars Saga
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Money 2003 (Version: 11.0.120)
Microsoft Money 2003 System Pack (Version: 11.0.120)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft UI Engine (Version: 4.0.0318.1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Manager
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (Version: 1.0.0.133)
Nexus Mod Manager (Version: 0.12.18)
Notepad++ (Version: 5.8.6)
NVIDIA PhysX (Version: 9.09.0203)
OpenDNS Updater 2.2.1 (Version: 2.2.1)
PdaNet for Android 3.02
Portal
Portal 2
PreReq (Version: 6.0.5.2)
QuickTime (Version: 7.70.80.34)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30104)
Rosetta Stone Version 3 (Version: 3.4.3.0)
Roxio Burn (Version: 1.2)
Roxio Burn (Version: 1.2.0)
Roxio Update Manager (Version: 6.0.0)
Sierra Utilities
Skype™ 4.2 (Version: 4.2.187)
Source SDK Base
Spybot - Search & Destroy (Version: 1.6.2)
StarCraft II (Version: 1.4.2.20141)
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
The Elder Scrolls V: Skyrim
The Sims™ 3 (Version: 1.24.3)
The Sims™ 3 Ambitions (Version: 4.10.1)
The Sims™ 3 World Adventures (Version: 2.17.2)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.2.1.800)
Timez Attack (Version: 4.04)
Tomb Raider: Anniversary
Tomb Raider: Legend
Tomb Raider: Underworld
tools-windows (Version: 8.4.6.16648)
Uninstall Dual Mode Camera
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Ventrilo Client for Windows x64 (Version: 3.0.5.0)
Video Web Camera (Version: 1.7.78.1120)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VMware Player (Version: 3.1.4.16648)
Winamp (Version: 5.623 )
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (Version: 09/11/2009 6.2.0.9407)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver
World of Warcraft (Version: 5.0.1.15726)
World of Warcraft Beta (Version: )
Xfire (remove only)
Xirrus Wi-Fi Inspector (Version: 1.0.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 3838.36 MB
Available physical RAM: 1850.33 MB
Total Pagefile: 7674.86 MB
Available Pagefile: 5178.87 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.76 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:401.6 GB) (Free:139.01 GB) NTFS
3 Drive e: (ExtendedDisk) (Fixed) (Total:52.34 GB) (Free:52.24 GB) NTFS

========================= Users: ========================================

User accounts for \\PCLAPTOP

__vmware_user__ Administrator Guest
Mom Phil


**** End of log ****

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:03 PM

Posted 08 June 2012 - 08:55 PM

Win 7 hosts

Right click on the link and select SAVE AS

Browse to C:\windows\system32\drivers\etc

and save the HOSTS file

Do you still have redirects? how is your PC now?

#8 pwcapell

pwcapell
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 08 June 2012 - 10:47 PM

I tested a few times and it does not seem to be redirecting anymore. However, it was intermittent before so I will keep checking it over the next few days and post if something changes.

At the risk of breaking the "one problem / one topic" rule, I will mention this because it could *possibly* be related. I use OpenDNS for my DNS server, to block adult sites and as a second line defense against some malware. While I have verified I have the correct DNS settings in my router, it somehow doesn't seem to be blocking anything that it should be. It opens up every single site I've tried, whether it's adult related, proxy-surfing, hacking, etc. The only way I can actually tell that I must be getting to their servers somehow, is when I enter a complete gibberish .com site I get the OpenDNS branded "unavailable" page.

I'm sure my best bet with that one is to work with the OpenDNS community for a resolution, just interested if you think it's possibly related.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:03 PM

Posted 09 June 2012 - 05:05 AM

I would suggest you contact opendns forums on this :)

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users