Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirect and popup


  • Please log in to reply
9 replies to this topic

#1 pwr.rwp

pwr.rwp

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 05 June 2012 - 02:48 AM

Hi

My daughter's laptop has a virus that does two things. Firstly it creates false links on web-pages - so words are undelined and when clicked they take you to add web-sites. Secondly she has all these random pup-ups that apear in the bottom right of her screen.

Any help would be appreciated.

Paul

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:12 PM

Posted 05 June 2012 - 03:30 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Edited by narenxp, 05 June 2012 - 03:52 AM.


#3 pwr.rwp

pwr.rwp
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 05 June 2012 - 07:09 AM

Hi - here are the logs:

TDSskiller:

11:36:29.0158 2948 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
11:36:29.0564 2948 ============================================================
11:36:29.0564 2948 Current date / time: 2012/06/05 11:36:29.0564
11:36:29.0564 2948 SystemInfo:
11:36:29.0564 2948
11:36:29.0564 2948 OS Version: 6.1.7601 ServicePack: 1.0
11:36:29.0564 2948 Product type: Workstation
11:36:29.0564 2948 ComputerName: SOPHIE-PC
11:36:29.0564 2948 UserName: Sophie
11:36:29.0564 2948 Windows directory: C:\Windows
11:36:29.0564 2948 System windows directory: C:\Windows
11:36:29.0564 2948 Running under WOW64
11:36:29.0564 2948 Processor architecture: Intel x64
11:36:29.0564 2948 Number of processors: 4
11:36:29.0564 2948 Page size: 0x1000
11:36:29.0564 2948 Boot type: Normal boot
11:36:29.0564 2948 ============================================================
11:36:33.0183 2948 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:36:33.0199 2948 ============================================================
11:36:33.0199 2948 \Device\Harddisk0\DR0:
11:36:33.0199 2948 MBR partitions:
11:36:33.0199 2948 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
11:36:33.0199 2948 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x38553000
11:36:33.0199 2948 ============================================================
11:36:33.0386 2948 C: <-> \Device\Harddisk0\DR0\Partition1
11:36:33.0386 2948 ============================================================
11:36:33.0386 2948 Initialize success
11:36:33.0386 2948 ============================================================
11:37:07.0862 3788 ============================================================
11:37:07.0862 3788 Scan started
11:37:07.0862 3788 Mode: Manual; TDLFS;
11:37:07.0862 3788 ============================================================
11:37:10.0795 3788 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:37:10.0841 3788 1394ohci - ok
11:37:10.0904 3788 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:37:10.0919 3788 ACPI - ok
11:37:10.0966 3788 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:37:10.0982 3788 AcpiPmi - ok
11:37:11.0372 3788 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:37:11.0450 3788 AdobeFlashPlayerUpdateSvc - ok
11:37:11.0653 3788 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:37:11.0715 3788 adp94xx - ok
11:37:11.0793 3788 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:37:11.0824 3788 adpahci - ok
11:37:11.0887 3788 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:37:11.0887 3788 adpu320 - ok
11:37:11.0949 3788 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:37:11.0949 3788 AeLookupSvc - ok
11:37:12.0058 3788 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:37:12.0074 3788 AFD - ok
11:37:12.0121 3788 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:37:12.0121 3788 agp440 - ok
11:37:12.0136 3788 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:37:12.0152 3788 ALG - ok
11:37:12.0183 3788 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:37:12.0183 3788 aliide - ok
11:37:12.0199 3788 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:37:12.0199 3788 amdide - ok
11:37:12.0230 3788 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:37:12.0245 3788 AmdK8 - ok
11:37:12.0261 3788 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:37:12.0277 3788 AmdPPM - ok
11:37:12.0323 3788 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:37:12.0339 3788 amdsata - ok
11:37:12.0370 3788 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:37:12.0401 3788 amdsbs - ok
11:37:12.0417 3788 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:37:12.0417 3788 amdxata - ok
11:37:12.0589 3788 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
11:37:12.0604 3788 AntiVirSchedulerService - ok
11:37:12.0651 3788 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
11:37:12.0651 3788 AntiVirService - ok
11:37:12.0698 3788 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:37:12.0713 3788 AppID - ok
11:37:12.0745 3788 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:37:12.0745 3788 AppIDSvc - ok
11:37:12.0807 3788 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:37:12.0807 3788 Appinfo - ok
11:37:12.0854 3788 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:37:12.0869 3788 arc - ok
11:37:12.0901 3788 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:37:12.0932 3788 arcsas - ok
11:37:12.0979 3788 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:37:12.0979 3788 AsyncMac - ok
11:37:13.0025 3788 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:37:13.0041 3788 atapi - ok
11:37:13.0525 3788 athr (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys
11:37:13.0540 3788 athr - ok
11:37:13.0852 3788 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:37:13.0868 3788 AudioEndpointBuilder - ok
11:37:13.0883 3788 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:37:13.0883 3788 AudioSrv - ok
11:37:14.0211 3788 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
11:37:14.0227 3788 avgntflt - ok
11:37:14.0289 3788 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
11:37:14.0305 3788 avipbb - ok
11:37:14.0367 3788 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
11:37:14.0367 3788 avkmgr - ok
11:37:14.0429 3788 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:37:14.0429 3788 AxInstSV - ok
11:37:14.0507 3788 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:37:14.0539 3788 b06bdrv - ok
11:37:14.0570 3788 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:37:14.0585 3788 b57nd60a - ok
11:37:14.0695 3788 BcmSqlStartupSvc (2e552b658273b90251e0441631de2ca3) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
11:37:14.0710 3788 BcmSqlStartupSvc - ok
11:37:14.0773 3788 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:37:14.0788 3788 BDESVC - ok
11:37:14.0851 3788 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:37:14.0851 3788 Beep - ok
11:37:15.0194 3788 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:37:15.0194 3788 BFE - ok
11:37:15.0319 3788 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:37:15.0334 3788 BITS - ok
11:37:15.0443 3788 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:37:15.0459 3788 blbdrive - ok
11:37:15.0553 3788 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:37:15.0553 3788 bowser - ok
11:37:15.0599 3788 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:37:15.0631 3788 BrFiltLo - ok
11:37:15.0646 3788 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:37:15.0646 3788 BrFiltUp - ok
11:37:15.0693 3788 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:37:15.0693 3788 Browser - ok
11:37:15.0755 3788 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:37:15.0787 3788 Brserid - ok
11:37:15.0802 3788 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:37:15.0818 3788 BrSerWdm - ok
11:37:15.0818 3788 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:37:15.0818 3788 BrUsbMdm - ok
11:37:15.0833 3788 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:37:15.0833 3788 BrUsbSer - ok
11:37:15.0849 3788 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:37:15.0865 3788 BTHMODEM - ok
11:37:15.0927 3788 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:37:15.0927 3788 bthserv - ok
11:37:15.0958 3788 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:37:15.0958 3788 cdfs - ok
11:37:16.0036 3788 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
11:37:16.0052 3788 cdrom - ok
11:37:16.0114 3788 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:37:16.0114 3788 CertPropSvc - ok
11:37:16.0114 3788 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:37:16.0130 3788 circlass - ok
11:37:16.0192 3788 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:37:16.0192 3788 CLFS - ok
11:37:16.0301 3788 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:37:16.0333 3788 clr_optimization_v2.0.50727_32 - ok
11:37:16.0379 3788 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:37:16.0379 3788 clr_optimization_v2.0.50727_64 - ok
11:37:16.0582 3788 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:37:16.0582 3788 clr_optimization_v4.0.30319_32 - ok
11:37:16.0629 3788 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:37:16.0629 3788 clr_optimization_v4.0.30319_64 - ok
11:37:16.0660 3788 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:37:16.0660 3788 CmBatt - ok
11:37:16.0707 3788 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:37:16.0723 3788 cmdide - ok
11:37:16.0801 3788 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:37:16.0816 3788 CNG - ok
11:37:16.0847 3788 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:37:16.0847 3788 Compbatt - ok
11:37:16.0910 3788 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:37:16.0910 3788 CompositeBus - ok
11:37:16.0925 3788 COMSysApp - ok
11:37:16.0941 3788 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:37:16.0941 3788 crcdisk - ok
11:37:17.0003 3788 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
11:37:17.0003 3788 CryptSvc - ok
11:37:17.0113 3788 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:37:17.0113 3788 DcomLaunch - ok
11:37:17.0175 3788 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:37:17.0191 3788 defragsvc - ok
11:37:17.0237 3788 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:37:17.0253 3788 DfsC - ok
11:37:17.0331 3788 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:37:17.0347 3788 Dhcp - ok
11:37:17.0378 3788 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:37:17.0378 3788 discache - ok
11:37:17.0425 3788 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:37:17.0425 3788 Disk - ok
11:37:17.0440 3788 dlcx_device - ok
11:37:17.0471 3788 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:37:17.0487 3788 Dnscache - ok
11:37:17.0534 3788 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:37:17.0565 3788 dot3svc - ok
11:37:17.0705 3788 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:37:17.0705 3788 DPS - ok
11:37:17.0737 3788 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:37:17.0737 3788 drmkaud - ok
11:37:17.0877 3788 DsiWMIService (9cf46fdf163e06b83d03ff929ef2296c) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:37:17.0893 3788 DsiWMIService - ok
11:37:18.0189 3788 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:37:18.0205 3788 DXGKrnl - ok
11:37:18.0251 3788 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:37:18.0251 3788 EapHost - ok
11:37:19.0375 3788 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:37:19.0515 3788 ebdrv - ok
11:37:19.0858 3788 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:37:19.0858 3788 EFS - ok
11:37:20.0045 3788 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:37:20.0077 3788 ehRecvr - ok
11:37:20.0186 3788 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:37:20.0201 3788 ehSched - ok
11:37:20.0326 3788 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:37:20.0342 3788 elxstor - ok
11:37:20.0529 3788 ePowerSvc (2aee0416c54a1a86d035366de192b2f0) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
11:37:20.0560 3788 ePowerSvc - ok
11:37:20.0779 3788 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:37:20.0794 3788 ErrDev - ok
11:37:20.0841 3788 ETD (0975bf32399a24117e317b5bf1d5d0aa) C:\Windows\system32\DRIVERS\ETD.sys
11:37:20.0857 3788 ETD - ok
11:37:20.0966 3788 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:37:20.0981 3788 EventSystem - ok
11:37:21.0059 3788 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:37:21.0075 3788 exfat - ok
11:37:21.0106 3788 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:37:21.0122 3788 fastfat - ok
11:37:21.0293 3788 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:37:21.0293 3788 Fax - ok
11:37:21.0356 3788 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:37:21.0387 3788 fdc - ok
11:37:21.0403 3788 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:37:21.0418 3788 fdPHost - ok
11:37:21.0418 3788 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:37:21.0434 3788 FDResPub - ok
11:37:21.0512 3788 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:37:21.0512 3788 FileInfo - ok
11:37:21.0527 3788 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:37:21.0527 3788 Filetrace - ok
11:37:21.0715 3788 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:37:21.0746 3788 FLEXnet Licensing Service - ok
11:37:21.0761 3788 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:37:21.0761 3788 flpydisk - ok
11:37:21.0839 3788 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:37:21.0855 3788 FltMgr - ok
11:37:22.0089 3788 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:37:22.0136 3788 FontCache - ok
11:37:22.0292 3788 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:37:22.0307 3788 FontCache3.0.0.0 - ok
11:37:22.0354 3788 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:37:22.0385 3788 FsDepends - ok
11:37:22.0448 3788 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:37:22.0463 3788 Fs_Rec - ok
11:37:22.0526 3788 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:37:22.0526 3788 fvevol - ok
11:37:22.0557 3788 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:37:22.0573 3788 gagp30kx - ok
11:37:22.0682 3788 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:37:22.0729 3788 gpsvc - ok
11:37:22.0978 3788 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
11:37:22.0978 3788 GREGService - ok
11:37:23.0103 3788 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:37:23.0119 3788 gupdate - ok
11:37:23.0150 3788 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:37:23.0150 3788 gupdatem - ok
11:37:23.0228 3788 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:37:23.0259 3788 gusvc - ok
11:37:23.0321 3788 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:37:23.0337 3788 hcw85cir - ok
11:37:23.0415 3788 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:37:23.0462 3788 HdAudAddService - ok
11:37:23.0524 3788 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:37:23.0524 3788 HDAudBus - ok
11:37:23.0587 3788 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
11:37:23.0587 3788 HECIx64 - ok
11:37:23.0602 3788 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:37:23.0602 3788 HidBatt - ok
11:37:23.0633 3788 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:37:23.0633 3788 HidBth - ok
11:37:23.0665 3788 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:37:23.0665 3788 HidIr - ok
11:37:23.0696 3788 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:37:23.0711 3788 hidserv - ok
11:37:23.0743 3788 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
11:37:23.0758 3788 HidUsb - ok
11:37:23.0836 3788 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:37:23.0836 3788 hkmsvc - ok
11:37:23.0883 3788 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:37:23.0914 3788 HomeGroupListener - ok
11:37:23.0961 3788 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:37:23.0977 3788 HomeGroupProvider - ok
11:37:24.0086 3788 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:37:24.0101 3788 HpSAMD - ok
11:37:24.0335 3788 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:37:24.0351 3788 HTTP - ok
11:37:24.0429 3788 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:37:24.0429 3788 hwpolicy - ok
11:37:24.0523 3788 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:37:24.0538 3788 i8042prt - ok
11:37:24.0663 3788 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
11:37:24.0663 3788 iaStor - ok
11:37:24.0819 3788 IAStorDataMgrSvc (6b24d1c3096de796d15571079ea5e98c) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:37:24.0819 3788 IAStorDataMgrSvc - ok
11:37:24.0897 3788 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:37:24.0959 3788 iaStorV - ok
11:37:25.0100 3788 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:37:25.0162 3788 idsvc - ok
11:37:26.0223 3788 igfx (31569a2e836c12014148bf7342716946) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:37:26.0551 3788 igfx - ok
11:37:26.0894 3788 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:37:26.0909 3788 iirsp - ok
11:37:27.0065 3788 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:37:27.0081 3788 IKEEXT - ok
11:37:27.0143 3788 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
11:37:27.0159 3788 Impcd - ok
11:37:27.0471 3788 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
11:37:27.0487 3788 IntcAzAudAddService - ok
11:37:27.0814 3788 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:37:27.0830 3788 IntcDAud - ok
11:37:27.0861 3788 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:37:27.0877 3788 intelide - ok
11:37:27.0908 3788 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:37:27.0908 3788 intelppm - ok
11:37:27.0986 3788 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:37:28.0001 3788 IPBusEnum - ok
11:37:28.0048 3788 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:37:28.0064 3788 IpFilterDriver - ok
11:37:28.0157 3788 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:37:28.0189 3788 iphlpsvc - ok
11:37:28.0251 3788 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:37:28.0267 3788 IPMIDRV - ok
11:37:28.0313 3788 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:37:28.0345 3788 IPNAT - ok
11:37:28.0360 3788 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:37:28.0376 3788 IRENUM - ok
11:37:28.0407 3788 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:37:28.0407 3788 isapnp - ok
11:37:28.0469 3788 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:37:28.0485 3788 iScsiPrt - ok
11:37:28.0579 3788 k57nd60a (37e053a2cf8f0082b689ed74106e0cec) C:\Windows\system32\DRIVERS\k57nd60a.sys
11:37:28.0594 3788 k57nd60a - ok
11:37:28.0625 3788 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
11:37:28.0625 3788 kbdclass - ok
11:37:28.0672 3788 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
11:37:28.0672 3788 kbdhid - ok
11:37:28.0719 3788 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:28.0719 3788 KeyIso - ok
11:37:28.0922 3788 Kodak AiO Network Discovery Service (27277a11db52fefae5b01dc8fb570b28) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
11:37:28.0937 3788 Kodak AiO Network Discovery Service - ok
11:37:28.0969 3788 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:37:28.0969 3788 KSecDD - ok
11:37:29.0000 3788 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:37:29.0000 3788 KSecPkg - ok
11:37:29.0031 3788 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:37:29.0031 3788 ksthunk - ok
11:37:29.0093 3788 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:37:29.0109 3788 KtmRm - ok
11:37:29.0187 3788 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:37:29.0187 3788 LanmanServer - ok
11:37:29.0249 3788 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:37:29.0249 3788 LanmanWorkstation - ok
11:37:29.0343 3788 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
11:37:29.0359 3788 Live Updater Service - ok
11:37:29.0390 3788 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:37:29.0390 3788 lltdio - ok
11:37:29.0452 3788 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:37:29.0483 3788 lltdsvc - ok
11:37:29.0515 3788 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:37:29.0530 3788 lmhosts - ok
11:37:29.0639 3788 LMS (dbc1136a62bd4decc3632df650284c2e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:37:29.0686 3788 LMS - ok
11:37:29.0733 3788 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:37:29.0764 3788 LSI_FC - ok
11:37:29.0780 3788 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:37:29.0795 3788 LSI_SAS - ok
11:37:29.0811 3788 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:37:29.0811 3788 LSI_SAS2 - ok
11:37:29.0842 3788 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:37:29.0842 3788 LSI_SCSI - ok
11:37:29.0873 3788 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:37:29.0889 3788 luafv - ok
11:37:29.0951 3788 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
11:37:29.0967 3788 MBAMProtector - ok
11:37:31.0293 3788 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:37:31.0309 3788 MBAMService - ok
11:37:31.0355 3788 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:37:31.0371 3788 Mcx2Svc - ok
11:37:31.0402 3788 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:37:31.0402 3788 megasas - ok
11:37:31.0433 3788 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:37:31.0465 3788 MegaSR - ok
11:37:31.0636 3788 Microsoft SharePoint Workspace Audit Service - ok
11:37:31.0699 3788 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:37:31.0699 3788 MMCSS - ok
11:37:31.0777 3788 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:37:31.0777 3788 Modem - ok
11:37:31.0823 3788 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:37:31.0823 3788 monitor - ok
11:37:31.0901 3788 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
11:37:31.0917 3788 mouclass - ok
11:37:31.0979 3788 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:37:31.0979 3788 mouhid - ok
11:37:32.0307 3788 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:37:32.0307 3788 mountmgr - ok
11:37:32.0354 3788 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:37:32.0369 3788 mpio - ok
11:37:32.0401 3788 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:37:32.0401 3788 mpsdrv - ok
11:37:32.0541 3788 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:37:32.0557 3788 MpsSvc - ok
11:37:32.0603 3788 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:37:32.0619 3788 MRxDAV - ok
11:37:32.0666 3788 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:37:32.0681 3788 mrxsmb - ok
11:37:32.0759 3788 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:37:32.0806 3788 mrxsmb10 - ok
11:37:32.0837 3788 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:37:32.0853 3788 mrxsmb20 - ok
11:37:32.0869 3788 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:37:32.0884 3788 msahci - ok
11:37:32.0915 3788 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:37:32.0931 3788 msdsm - ok
11:37:32.0993 3788 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:37:32.0993 3788 MSDTC - ok
11:37:33.0025 3788 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:37:33.0025 3788 Msfs - ok
11:37:33.0040 3788 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:37:33.0056 3788 mshidkmdf - ok
11:37:33.0087 3788 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:37:33.0087 3788 msisadrv - ok
11:37:33.0149 3788 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:37:33.0165 3788 MSiSCSI - ok
11:37:33.0165 3788 msiserver - ok
11:37:33.0196 3788 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:37:33.0196 3788 MSKSSRV - ok
11:37:33.0212 3788 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:37:33.0212 3788 MSPCLOCK - ok
11:37:33.0227 3788 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:37:33.0227 3788 MSPQM - ok
11:37:33.0274 3788 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:37:33.0290 3788 MsRPC - ok
11:37:33.0321 3788 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:37:33.0321 3788 mssmbios - ok
11:37:33.0399 3788 MSSQL$MSSMLBIZ - ok
11:37:33.0524 3788 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
11:37:33.0555 3788 MSSQLServerADHelper100 - ok
11:37:33.0571 3788 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:37:33.0586 3788 MSTEE - ok
11:37:33.0633 3788 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:37:33.0633 3788 MTConfig - ok
11:37:33.0664 3788 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:37:33.0664 3788 Mup - ok
11:37:33.0695 3788 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
11:37:33.0695 3788 mwlPSDFilter - ok
11:37:33.0711 3788 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
11:37:33.0727 3788 mwlPSDNServ - ok
11:37:33.0742 3788 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
11:37:33.0742 3788 mwlPSDVDisk - ok
11:37:33.0820 3788 MWLService (3e5e20817259f7328c8f3be5421f35b9) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
11:37:33.0851 3788 MWLService - ok
11:37:33.0929 3788 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:37:33.0945 3788 napagent - ok
11:37:34.0039 3788 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:37:34.0054 3788 NativeWifiP - ok
11:37:34.0163 3788 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:37:34.0179 3788 NDIS - ok
11:37:34.0195 3788 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:37:34.0210 3788 NdisCap - ok
11:37:34.0241 3788 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:37:34.0241 3788 NdisTapi - ok
11:37:34.0273 3788 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:37:34.0288 3788 Ndisuio - ok
11:37:34.0319 3788 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:37:34.0335 3788 NdisWan - ok
11:37:34.0366 3788 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:37:34.0366 3788 NDProxy - ok
11:37:34.0382 3788 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:37:34.0382 3788 NetBIOS - ok
11:37:34.0460 3788 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:37:34.0460 3788 NetBT - ok
11:37:34.0491 3788 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:34.0491 3788 Netlogon - ok
11:37:34.0553 3788 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:37:34.0569 3788 Netman - ok
11:37:34.0600 3788 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:37:34.0616 3788 netprofm - ok
11:37:34.0678 3788 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:37:34.0709 3788 NetTcpPortSharing - ok
11:37:34.0725 3788 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:37:34.0741 3788 nfrd960 - ok
11:37:34.0819 3788 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:37:34.0819 3788 NlaSvc - ok
11:37:34.0834 3788 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:37:34.0850 3788 Npfs - ok
11:37:34.0865 3788 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:37:34.0865 3788 nsi - ok
11:37:34.0881 3788 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:37:34.0881 3788 nsiproxy - ok
11:37:35.0021 3788 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:37:35.0084 3788 Ntfs - ok
11:37:35.0131 3788 NTI IScheduleSvc (9a308fcdcca98a15b6f62d36a272160e) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
11:37:35.0131 3788 NTI IScheduleSvc - ok
11:37:35.0333 3788 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
11:37:35.0349 3788 NTIDrvr - ok
11:37:35.0365 3788 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:37:35.0365 3788 Null - ok
11:37:35.0427 3788 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:37:35.0443 3788 nvraid - ok
11:37:35.0489 3788 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:37:35.0505 3788 nvstor - ok
11:37:35.0552 3788 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:37:35.0583 3788 nv_agp - ok
11:37:35.0645 3788 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:37:35.0661 3788 ohci1394 - ok
11:37:35.0723 3788 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:37:35.0817 3788 ose - ok
11:37:36.0550 3788 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:37:36.0566 3788 osppsvc - ok
11:37:37.0564 3788 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:37:37.0611 3788 p2pimsvc - ok
11:37:37.0673 3788 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:37:37.0705 3788 p2psvc - ok
11:37:37.0783 3788 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:37:37.0798 3788 Parport - ok
11:37:38.0017 3788 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:37:38.0032 3788 partmgr - ok
11:37:38.0079 3788 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:37:38.0079 3788 PcaSvc - ok
11:37:38.0188 3788 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:37:38.0204 3788 pci - ok
11:37:38.0251 3788 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:37:38.0266 3788 pciide - ok
11:37:38.0297 3788 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:37:38.0297 3788 pcmcia - ok
11:37:38.0313 3788 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:37:38.0329 3788 pcw - ok
11:37:38.0391 3788 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:37:38.0438 3788 PEAUTH - ok
11:37:38.0531 3788 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:37:38.0547 3788 PerfHost - ok
11:37:38.0750 3788 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:37:38.0890 3788 pla - ok
11:37:38.0968 3788 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:37:38.0984 3788 PlugPlay - ok
11:37:38.0999 3788 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:37:39.0015 3788 PNRPAutoReg - ok
11:37:39.0046 3788 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:37:39.0046 3788 PNRPsvc - ok
11:37:39.0155 3788 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:37:39.0171 3788 PolicyAgent - ok
11:37:39.0218 3788 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:37:39.0218 3788 Power - ok
11:37:39.0296 3788 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:37:39.0311 3788 PptpMiniport - ok
11:37:39.0343 3788 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:37:39.0343 3788 Processor - ok
11:37:39.0389 3788 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
11:37:39.0389 3788 ProfSvc - ok
11:37:39.0421 3788 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:39.0436 3788 ProtectedStorage - ok
11:37:39.0499 3788 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:37:39.0499 3788 Psched - ok
11:37:39.0686 3788 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:37:39.0764 3788 ql2300 - ok
11:37:40.0107 3788 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:37:40.0123 3788 ql40xx - ok
11:37:40.0169 3788 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:37:40.0263 3788 QWAVE - ok
11:37:40.0294 3788 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:37:40.0294 3788 QWAVEdrv - ok
11:37:40.0310 3788 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:37:40.0310 3788 RasAcd - ok
11:37:40.0341 3788 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:37:40.0357 3788 RasAgileVpn - ok
11:37:40.0372 3788 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:37:40.0388 3788 RasAuto - ok
11:37:40.0435 3788 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:37:40.0450 3788 Rasl2tp - ok
11:37:40.0544 3788 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:37:40.0575 3788 RasMan - ok
11:37:40.0606 3788 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:37:40.0606 3788 RasPppoe - ok
11:37:40.0622 3788 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:37:40.0637 3788 RasSstp - ok
11:37:40.0731 3788 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:37:40.0747 3788 rdbss - ok
11:37:40.0778 3788 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:37:40.0778 3788 rdpbus - ok
11:37:40.0793 3788 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:37:40.0793 3788 RDPCDD - ok
11:37:40.0825 3788 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:37:40.0825 3788 RDPENCDD - ok
11:37:40.0871 3788 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:37:40.0871 3788 RDPREFMP - ok
11:37:40.0903 3788 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
11:37:40.0918 3788 RDPWD - ok
11:37:41.0043 3788 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:37:41.0043 3788 rdyboost - ok
11:37:41.0090 3788 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:37:41.0090 3788 RemoteAccess - ok
11:37:41.0152 3788 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:37:41.0168 3788 RemoteRegistry - ok
11:37:41.0215 3788 RimUsb (ad42432d22940b4215177be113e4919c) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
11:37:41.0215 3788 RimUsb - ok
11:37:41.0246 3788 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
11:37:41.0261 3788 RimVSerPort - ok
11:37:41.0293 3788 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
11:37:41.0293 3788 ROOTMODEM - ok
11:37:41.0324 3788 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:37:41.0339 3788 RpcEptMapper - ok
11:37:41.0371 3788 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:37:41.0371 3788 RpcLocator - ok
11:37:41.0464 3788 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:37:41.0464 3788 RpcSs - ok
11:37:41.0527 3788 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:37:41.0527 3788 rspndr - ok
11:37:41.0636 3788 RSUSBSTOR (0e3dcf76f11dc431b088a2dfd7265cda) C:\Windows\system32\Drivers\RtsUStor.sys
11:37:41.0651 3788 RSUSBSTOR - ok
11:37:41.0698 3788 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:41.0698 3788 SamSs - ok
11:37:41.0776 3788 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:37:41.0792 3788 sbp2port - ok
11:37:41.0823 3788 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:37:41.0854 3788 SCardSvr - ok
11:37:41.0885 3788 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:37:41.0901 3788 scfilter - ok
11:37:42.0041 3788 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:37:42.0119 3788 Schedule - ok
11:37:42.0166 3788 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:37:42.0166 3788 SCPolicySvc - ok
11:37:42.0213 3788 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:37:42.0229 3788 SDRSVC - ok
11:37:42.0353 3788 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:37:42.0353 3788 secdrv - ok
11:37:42.0400 3788 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:37:42.0416 3788 seclogon - ok
11:37:42.0447 3788 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:37:42.0447 3788 SENS - ok
11:37:42.0478 3788 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:37:42.0478 3788 SensrSvc - ok
11:37:42.0509 3788 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:37:42.0509 3788 Serenum - ok
11:37:42.0541 3788 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:37:42.0556 3788 Serial - ok
11:37:42.0603 3788 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:37:42.0603 3788 sermouse - ok
11:37:42.0665 3788 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:37:42.0681 3788 SessionEnv - ok
11:37:42.0712 3788 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:37:42.0728 3788 sffdisk - ok
11:37:42.0743 3788 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:37:42.0743 3788 sffp_mmc - ok
11:37:42.0759 3788 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:37:42.0775 3788 sffp_sd - ok
11:37:42.0790 3788 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:37:42.0790 3788 sfloppy - ok
11:37:42.0868 3788 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:37:42.0899 3788 SharedAccess - ok
11:37:42.0993 3788 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:37:43.0009 3788 ShellHWDetection - ok
11:37:43.0024 3788 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:37:43.0040 3788 SiSRaid2 - ok
11:37:43.0071 3788 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:37:43.0071 3788 SiSRaid4 - ok
11:37:43.0102 3788 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:37:43.0118 3788 Smb - ok
11:37:43.0149 3788 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:37:43.0149 3788 SNMPTRAP - ok
11:37:43.0165 3788 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:37:43.0165 3788 spldr - ok
11:37:43.0243 3788 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:37:43.0243 3788 Spooler - ok
11:37:43.0711 3788 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:37:43.0789 3788 sppsvc - ok
11:37:43.0976 3788 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:37:43.0976 3788 sppuinotify - ok
11:37:44.0179 3788 SQLAgent$MSSMLBIZ (a687b5b326afcfcf182c4931d1ff9771) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
11:37:44.0210 3788 SQLAgent$MSSMLBIZ - ok
11:37:44.0272 3788 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:37:44.0303 3788 SQLBrowser - ok
11:37:44.0413 3788 SQLWriter (6d65985945b03ca59b67d0b73702fc7b) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:37:44.0413 3788 SQLWriter - ok
11:37:44.0600 3788 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:37:44.0616 3788 srv - ok
11:37:44.0678 3788 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:37:44.0709 3788 srv2 - ok
11:37:44.0740 3788 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:37:44.0756 3788 srvnet - ok
11:37:44.0803 3788 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:37:44.0803 3788 SSDPSRV - ok
11:37:44.0834 3788 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:37:44.0850 3788 SstpSvc - ok
11:37:44.0896 3788 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:37:44.0912 3788 stexstor - ok
11:37:45.0084 3788 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:37:45.0177 3788 stisvc - ok
11:37:45.0224 3788 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:37:45.0224 3788 swenum - ok
11:37:45.0286 3788 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:37:45.0318 3788 swprv - ok
11:37:45.0583 3788 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:37:45.0692 3788 SysMain - ok
11:37:45.0973 3788 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:37:45.0973 3788 TabletInputService - ok
11:37:46.0098 3788 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:37:46.0129 3788 TapiSrv - ok
11:37:46.0160 3788 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:37:46.0160 3788 TBS - ok
11:37:46.0472 3788 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:37:46.0675 3788 Tcpip - ok
11:37:47.0283 3788 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:37:47.0299 3788 TCPIP6 - ok
11:37:47.0486 3788 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:37:47.0486 3788 tcpipreg - ok
11:37:47.0580 3788 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:37:47.0580 3788 TDPIPE - ok
11:37:47.0626 3788 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:37:47.0626 3788 TDTCP - ok
11:37:47.0689 3788 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:37:47.0689 3788 tdx - ok
11:37:47.0736 3788 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:37:47.0736 3788 TermDD - ok
11:37:47.0814 3788 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:37:47.0829 3788 TermService - ok
11:37:47.0860 3788 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:37:47.0860 3788 Themes - ok
11:37:47.0907 3788 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:37:47.0907 3788 THREADORDER - ok
11:37:47.0923 3788 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:37:47.0923 3788 TrkWks - ok
11:37:47.0985 3788 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:37:47.0985 3788 TrustedInstaller - ok
11:37:48.0110 3788 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:37:48.0110 3788 tssecsrv - ok
11:37:48.0204 3788 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:37:48.0204 3788 TsUsbFlt - ok
11:37:48.0282 3788 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:37:48.0282 3788 tunnel - ok
11:37:48.0328 3788 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
11:37:48.0344 3788 TurboB - ok
11:37:48.0422 3788 TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
11:37:48.0438 3788 TurboBoost - ok
11:37:48.0469 3788 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:37:48.0484 3788 uagp35 - ok
11:37:48.0500 3788 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
11:37:48.0500 3788 UBHelper - ok
11:37:48.0578 3788 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:37:48.0594 3788 udfs - ok
11:37:48.0625 3788 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:37:48.0625 3788 UI0Detect - ok
11:37:48.0687 3788 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:37:48.0687 3788 uliagpkx - ok
11:37:48.0734 3788 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
11:37:48.0734 3788 umbus - ok
11:37:48.0765 3788 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:37:48.0765 3788 UmPass - ok
11:37:49.0186 3788 UNS (7466809e6da561d60c2f1ce8ede3c73f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:37:49.0233 3788 UNS - ok
11:37:49.0296 3788 Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
11:37:49.0311 3788 Updater Service - ok
11:37:49.0732 3788 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:37:49.0748 3788 upnphost - ok
11:37:49.0810 3788 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:37:49.0810 3788 usbccgp - ok
11:37:49.0873 3788 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:37:49.0888 3788 usbcir - ok
11:37:49.0920 3788 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:37:49.0920 3788 usbehci - ok
11:37:49.0982 3788 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:37:49.0998 3788 usbhub - ok
11:37:50.0044 3788 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:37:50.0044 3788 usbohci - ok
11:37:50.0076 3788 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:37:50.0091 3788 usbprint - ok
11:37:50.0122 3788 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:37:50.0122 3788 usbscan - ok
11:37:50.0154 3788 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:37:50.0169 3788 USBSTOR - ok
11:37:50.0200 3788 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:37:50.0200 3788 usbuhci - ok
11:37:50.0247 3788 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
11:37:50.0263 3788 usbvideo - ok
11:37:50.0294 3788 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:37:50.0294 3788 UxSms - ok
11:37:50.0310 3788 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:50.0310 3788 VaultSvc - ok
11:37:50.0356 3788 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:37:50.0356 3788 vdrvroot - ok
11:37:50.0637 3788 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:37:50.0700 3788 vds - ok
11:37:50.0731 3788 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:37:50.0746 3788 vga - ok
11:37:50.0762 3788 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:37:50.0762 3788 VgaSave - ok
11:37:50.0809 3788 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:37:50.0824 3788 vhdmp - ok
11:37:50.0840 3788 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:37:50.0856 3788 viaide - ok
11:37:50.0871 3788 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:37:50.0887 3788 volmgr - ok
11:37:51.0168 3788 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:37:51.0168 3788 volmgrx - ok
11:37:51.0261 3788 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:37:51.0292 3788 volsnap - ok
11:37:51.0339 3788 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:37:51.0339 3788 vsmraid - ok
11:37:52.0930 3788 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:37:52.0977 3788 VSS - ok
11:37:54.0615 3788 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:37:54.0662 3788 vwifibus - ok
11:37:54.0834 3788 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:37:54.0927 3788 vwififlt - ok
11:37:55.0988 3788 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:37:56.0019 3788 W32Time - ok
11:37:56.0160 3788 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:37:56.0175 3788 WacomPen - ok
11:37:56.0456 3788 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:37:56.0503 3788 WANARP - ok
11:37:56.0518 3788 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:37:56.0518 3788 Wanarpv6 - ok
11:37:58.0437 3788 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:37:58.0593 3788 WatAdminSvc - ok
11:38:00.0574 3788 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:38:00.0699 3788 wbengine - ok
11:38:02.0743 3788 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:38:02.0790 3788 WbioSrvc - ok
11:38:03.0741 3788 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:38:03.0772 3788 wcncsvc - ok
11:38:03.0944 3788 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:38:03.0960 3788 WcsPlugInService - ok
11:38:04.0334 3788 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:38:04.0350 3788 Wd - ok
11:38:05.0332 3788 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:38:05.0410 3788 Wdf01000 - ok
11:38:05.0442 3788 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:38:05.0457 3788 WdiServiceHost - ok
11:38:05.0457 3788 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:38:05.0457 3788 WdiSystemHost - ok
11:38:05.0535 3788 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:38:05.0535 3788 WebClient - ok
11:38:05.0613 3788 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:38:05.0644 3788 Wecsvc - ok
11:38:05.0676 3788 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:38:05.0691 3788 wercplsupport - ok
11:38:05.0722 3788 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:38:05.0738 3788 WerSvc - ok
11:38:05.0816 3788 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:38:05.0816 3788 WfpLwf - ok
11:38:05.0832 3788 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:38:05.0832 3788 WIMMount - ok
11:38:05.0878 3788 WinDefend - ok
11:38:05.0894 3788 WinHttpAutoProxySvc - ok
11:38:06.0003 3788 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:38:06.0003 3788 Winmgmt - ok
11:38:06.0315 3788 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:38:06.0440 3788 WinRM - ok
11:38:06.0908 3788 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:38:06.0908 3788 WinUsb - ok
11:38:07.0064 3788 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:38:07.0158 3788 Wlansvc - ok
11:38:07.0251 3788 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:38:07.0267 3788 wlcrasvc - ok
11:38:07.0516 3788 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:38:07.0579 3788 wlidsvc - ok
11:38:07.0813 3788 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:38:07.0813 3788 WmiAcpi - ok
11:38:07.0875 3788 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:38:07.0922 3788 wmiApSrv - ok
11:38:08.0000 3788 WMPNetworkSvc - ok
11:38:08.0047 3788 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:38:08.0062 3788 WPCSvc - ok
11:38:08.0109 3788 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:38:08.0109 3788 WPDBusEnum - ok
11:38:08.0218 3788 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:38:08.0218 3788 ws2ifsl - ok
11:38:08.0265 3788 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
11:38:08.0281 3788 wscsvc - ok
11:38:08.0281 3788 WSearch - ok
11:38:08.0593 3788 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
11:38:08.0640 3788 wuauserv - ok
11:38:08.0952 3788 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:38:08.0952 3788 WudfPf - ok
11:38:09.0014 3788 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:38:09.0014 3788 WUDFRd - ok
11:38:09.0108 3788 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:38:09.0154 3788 wudfsvc - ok
11:38:09.0217 3788 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:38:09.0232 3788 WwanSvc - ok
11:38:09.0279 3788 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:38:10.0044 3788 \Device\Harddisk0\DR0 - ok
11:38:10.0059 3788 Boot (0x1200) (ae26eea5132bdc3ff5c235f8249bfe78) \Device\Harddisk0\DR0\Partition0
11:38:10.0059 3788 \Device\Harddisk0\DR0\Partition0 - ok
11:38:10.0090 3788 Boot (0x1200) (e62b5ea250f92e3550d78f75a984baa1) \Device\Harddisk0\DR0\Partition1
11:38:10.0090 3788 \Device\Harddisk0\DR0\Partition1 - ok
11:38:10.0090 3788 ============================================================
11:38:10.0090 3788 Scan finished
11:38:10.0090 3788 ============================================================
11:38:10.0106 5948 Detected object count: 0
11:38:10.0106 5948 Actual detected object count: 0
11:38:43.0568 4624 Deinitialize success


And GMER

The GMER log was blank

And aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-05 12:20:32
-----------------------------
12:20:32.786 OS Version: Windows x64 6.1.7601 Service Pack 1
12:20:32.786 Number of processors: 4 586 0x2505
12:20:32.786 ComputerName: SOPHIE-PC UserName: Sophie
12:20:34.626 Initialize success
12:30:34.656 AVAST engine defs: 12060500
12:42:40.744 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:42:40.744 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
12:42:40.760 Disk 0 MBR read successfully
12:42:40.760 Disk 0 MBR scan
12:42:40.775 Disk 0 Windows 7 default MBR code
12:42:40.791 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
12:42:40.806 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
12:42:40.822 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461478 MB offset 31664128
12:42:40.853 Disk 0 scanning C:\Windows\system32\drivers
12:42:51.524 Service scanning
12:43:21.132 Modules scanning
12:43:21.132 Disk 0 trace - called modules:
12:43:21.179 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
12:43:21.694 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80088d2060]
12:43:21.694 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80068a5050]
12:43:23.706 AVAST engine scan C:\Windows
12:43:26.967 AVAST engine scan C:\Windows\system32
12:48:51.557 AVAST engine scan C:\Windows\system32\drivers
12:49:04.551 AVAST engine scan C:\Users\Sophie
12:55:35.410 File: C:\Users\Sophie\AppData\Local\Temp\7A9A.tmp **INFECTED** Win32:Malware-gen
12:57:15.999 File: C:\Users\Sophie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\5562482f-2631eb5a **INFECTED** Win32:Malware-gen
12:59:58.567 AVAST engine scan C:\ProgramData
13:00:59.048 Scan finished successfully
13:05:09.132 Disk 0 MBR has been saved successfully to "C:\Users\Sophie\Desktop\MBR.dat"
13:05:09.148 The log file has been saved successfully to "C:\Users\Sophie\Desktop\aswMBR.txt"


Thanks

Paul

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:12 PM

Posted 05 June 2012 - 07:39 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 pwr.rwp

pwr.rwp
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 05 June 2012 - 02:10 PM

RogueKiller V7.5.3 [06/05/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Sophie [Admin rights]
Mode: HOSTSFix -- Date: 06/05/2012 18:05:19

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
::1 localhost
176.9.75.3 www.google-analytics.com.
176.9.75.3 ad-emea.doubleclick.net.
176.9.75.3 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


¤¤¤ Resetted HOSTS: ¤¤¤


Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt


C:\Users\Sophie\AppData\Local\Temp\7A9A.tmp Win32/Agent.STT trojan cleaned by deleting - quarantined
C:\Users\Sophie\AppData\Local\Temp\YontooSetup-S.exe probably a variant of Win32/Adware.SLITAT application cleaned by deleting - quarantined
C:\Users\Sophie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\5562482f-2631eb5a Win32/Agent.STT trojan cleaned by deleting - quarantined



MiniToolBox by Farbar Version: 04-06-2012
Ran by Sophie (administrator) on 05-06-2012 at 20:06:02
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost








































































































































































































176.9.75.3 www.google-analytics.com.
176.9.75.3 ad-emea.doubleclick.net.
176.9.75.3 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5B97 Wireless Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Sophie-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5B97 Wireless Network Adapter
Physical Address. . . . . . . . . : EC-55-F9-60-2B-75
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b8a0:d5e9:ae22:9a53%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 05 June 2012 16:48:17
Lease Expires . . . . . . . . . . : 08 June 2012 20:03:15
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 233592313
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-1C-1A-0B-1C-75-08-ED-3E-16
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : customer.birm.opal.lan
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 1C-75-08-ED-3E-16
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8A92E28D-3214-4CF8-A2FB-3FB203299C1B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.customer.birm.opal.lan:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:1879:35d5:3f57:fff5(Preferred)
Link-local IPv6 Address . . . . . : fe80::1879:35d5:3f57:fff5%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 173.194.34.64
173.194.34.65
173.194.34.66
173.194.34.67
173.194.34.68
173.194.34.69
173.194.34.70
173.194.34.71
173.194.34.72
173.194.34.73
173.194.34.78


Pinging google.com [173.194.41.164] with 32 bytes of data:
Reply from 173.194.41.164: bytes=32 time=55ms TTL=57
Reply from 173.194.41.164: bytes=32 time=53ms TTL=57

Ping statistics for 173.194.41.164:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 53ms, Maximum = 55ms, Average = 54ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=176ms TTL=52
Reply from 209.191.122.70: bytes=32 time=180ms TTL=52

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 176ms, Maximum = 180ms, Average = 178ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 4ms, Average = 3ms
===========================================================================
Interface List
11...ec 55 f9 60 2b 75 ......Atheros AR5B97 Wireless Network Adapter
10...1c 75 08 ed 3e 16 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.10 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.10 281
192.168.0.10 255.255.255.255 On-link 192.168.0.10 281
192.168.0.255 255.255.255.255 On-link 192.168.0.10 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.10 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.10 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:79fb:1879:35d5:3f57:fff5/128
On-link
11 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1879:35d5:3f57:fff5/128
On-link
11 281 fe80::b8a0:d5e9:ae22:9a53/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/05/2012 06:06:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/05/2012 06:06:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/05/2012 01:29:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/03/2012 01:03:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/01/2012 00:10:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (05/30/2012 10:14:35 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: aa4

Start Time: 01cd3dc0cc4635d3

Termination Time: 196

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (05/29/2012 07:56:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (05/28/2012 09:55:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (05/28/2012 06:37:53 PM) (Source: Google Update) (User: Sophie)Sophie
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/28/2012 02:53:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (06/04/2012 10:20:03 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Error: (06/04/2012 10:20:01 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Error: (06/04/2012 11:08:06 AM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 192.168.0.2 with the system
having network hardware address 00-19-66-80-D8-C3. Network operations on this system may
be disrupted as a result.

Error: (06/02/2012 02:51:02 PM) (Source: DCOM) (User: Sophie)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Sophie-PCSophieS-1-5-21-3024226563-1726227536-1674612243-1000LocalHost (Using LRPC)

Error: (05/27/2012 10:06:03 PM) (Source: BugCheck) (User: )
Description: 0x00000116 (0xfffffa8005d464e0, 0xfffff88004aa6000, 0x0000000000000000, 0x000000000000000d)C:\Windows\MEMORY.DMP052712-31933-01

Error: (05/27/2012 10:05:38 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 22:02:07 on ?27/?05/?2012 was unexpected.

Error: (05/27/2012 08:03:50 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 192.168.0.3 with the system
having network hardware address 70-AA-B2-26-BB-41. Network operations on this system may
be disrupted as a result.

Error: (05/15/2012 07:11:01 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (05/12/2012 00:34:39 PM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (05/11/2012 09:36:56 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 21:35:10 on ?11/?05/?2012 was unexpected.


Microsoft Office Sessions:
=========================
Error: (06/05/2012 06:06:51 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sophie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VLR09EAK\esetsmartinstaller_enu.exe

Error: (06/05/2012 06:06:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sophie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VLR09EAK\esetsmartinstaller_enu.exe

Error: (06/05/2012 01:29:30 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/03/2012 01:03:06 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/01/2012 00:10:19 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (05/30/2012 10:14:35 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16421aa401cd3dc0cc4635d3196C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (05/29/2012 07:56:04 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (05/28/2012 09:55:02 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (05/28/2012 06:37:53 PM) (Source: Google Update)(User: Sophie)Sophie
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/28/2012 02:53:26 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3


=========================== Installed Programs ============================

Acer Backup Manager (Version: 2.0.0.68)
Acer Crystal Eye webcam (Version: 1.0.5.2)
Acer ePower Management (Version: 5.00.3009)
Acer eRecovery Management (Version: 4.05.3016)
Acer GameZone Console (Version: 6.1.0.9)
Acer Registration (Version: 1.03.3004)
Acer ScreenSaver (Version: 1.1.0707.2010)
Acer Updater (Version: 1.02.3005)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Reader 9.5.1 MUI (Version: 9.5.1)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
aioscnnr (Version: 7.3.4.0)
Airport Mania First Flight
Amazonia
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.13.1.0)
µTorrent (Version: 3.1.3)
Avira Free Antivirus (Version: 12.0.0.1125)
Backup Manager Basic (Version: 2.0.0.68)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.36)
BlackBerry Device Software Updater (Version: 6.0.1.37)
Broadcom Gigabit NetLink Controller (Version: 14.0.2.3)
Business Contact Manager for Microsoft Outlook 2010 (Version: 4.0.11308.0)
C4USelfUpdater (Version: 1.00.0000)
Cake Mania
center (Version: 6.2.5.0)
Conduit Engine (Version: )
CyberLink PowerDVD 9 (Version: 9.0.3216.50)
D3DX10 (Version: 15.4.2368.0902)
DealPly (Version: )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Photo AIO Printer 926
Dream Day First Home
ESET Online Scanner v3
eSobi v2 (Version: 2.0.4.000274)
essentials (Version: 6.0.14.0)
ETDWare PS/2-x64 7.0.6.5_WHQL (Version: 7.0.6.5)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Farm Frenzy 2
Galapago
Google Chrome (Version: 19.0.1084.52)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Heroes of Hellas
Identity Card (Version: 1.00.3003)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2182)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 27 (Version: 6.0.270)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
Kodak AIO Printer (Version: 7.3.4.0)
KODAK AiO Software (Version: 7.3.8.20)
Launch Manager (Version: 4.0.14)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Merriam Websters Spell Jam
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2531.0)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010) (Version: 4.0.11308.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 3.1.212.0)
MyWinLocker Suite (Version: 3.1.212.0)
NTI Media Maker 9 (Version: 9.0.2.8939)
ocr (Version: 6.2.3.50)
Office Animation Runtime (Version: 11.0.5510.0)
Picasa 3 (Version: 3.8)
Poker Pop
PreReq (Version: 6.2.3.0)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30124)
Service Pack 1 for SQL Server 2008 (KB968369) (Version: 10.1.2531.0)
Shredder (Version: 2.0.8.3)
Skype™ 5.5 (Version: 5.5.124)
Spin & Win
Spotify (Version: 0.8.3.222.g317ab79d)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
swMSM (Version: 12.0.0.1)
The Sims™ 3 (Version: 1.29.55)
Theme Park World
Theme Park World Fix (Version: 1.0.0)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
uTorrentBar Toolbar (Version: 6.3.5.3)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vid-Saver (Version: 1.18.149.149)
Welcome Center (Version: 1.02.3101)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 5814.71 MB
Available physical RAM: 3848.24 MB
Total Pagefile: 11627.61 MB
Available Pagefile: 9573.96 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.34 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:332.75 GB) NTFS

========================= Users: ========================================

User accounts for \\SOPHIE-PC

Administrator Guest Sophie


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:12 PM

Posted 05 June 2012 - 02:18 PM

Please re run rogue killer again and click on HOSTS fix and post the log

Waiting for malwarebytes log

#7 pwr.rwp

pwr.rwp
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 05 June 2012 - 03:33 PM

RogueKiller V7.5.3 [06/05/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Sophie [Admin rights]
Mode: HOSTSFix -- Date: 06/05/2012 21:28:28

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
::1 localhost
176.9.75.3 www.google-analytics.com.
176.9.75.3 ad-emea.doubleclick.net.
176.9.75.3 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt



Malware bytes

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.05.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sophie :: SOPHIE-PC [administrator]

Protection: Enabled

05/06/2012 21:30:18
mbam-log-2012-06-05 (21-30-18).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210192
Time elapsed: 2 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Thanks

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:12 PM

Posted 05 June 2012 - 03:45 PM

That looks good,you should be free from pop ups now

Uninstall ask toolbar from add or remove programs

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

Edited by narenxp, 05 June 2012 - 03:45 PM.


#9 pwr.rwp

pwr.rwp
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 05 June 2012 - 04:38 PM

Thank you!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:12 PM

Posted 05 June 2012 - 05:08 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users