Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MSE found several trojans and exploits


  • Please log in to reply
7 replies to this topic

#1 Yodnarb

Yodnarb

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:13 PM

Posted 06 June 2012 - 02:32 PM

I have Microsoft Security Essentials and it found Win32/Medfos.A and Win32/Medfos.B three weeks ago and they were quarantined and I thought everything was alright. However, this morning another Medfos trojan and a java exploit were found.

I also noticed that I have a new Firefox extension called "Mozilla safe browsing" which I didn't have before, and Google doesn't return any results about this extension which seems to be malicious. Interestingly the trojan was found in C:\Users\AA\AppData\Local\{CB06A7D3-9AE8-11E1-826E-B8AC6F996F26} and there was a Firefox extension registry entry (HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions) that pointed to this location so I deleted it.

I'm worried the PC is still infected since it 's slower than usual and dllhost.exe is running all the time now. Please help. OS is Windows 7.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:13 PM

Posted 06 June 2012 - 02:45 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Yodnarb

Yodnarb
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:13 PM

Posted 06 June 2012 - 06:45 PM

Hi narenxp. Thank you for your help. Here are the log files.

BTW, I just want to point out that the E partition contains windows Vista which I don't use anymore and it is on the hard disk of my old PC. The OS of this PC,windows 7, is installed in the C partition.

15:47:54.0849 4884 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
15:47:55.0144 4884 ============================================================
15:47:55.0145 4884 Current date / time: 2012/06/06 15:47:55.0144
15:47:55.0145 4884 SystemInfo:
15:47:55.0145 4884
15:47:55.0145 4884 OS Version: 6.1.7601 ServicePack: 1.0
15:47:55.0145 4884 Product type: Workstation
15:47:55.0145 4884 ComputerName: AA-PC
15:47:55.0145 4884 UserName: AA
15:47:55.0145 4884 Windows directory: C:\Windows
15:47:55.0145 4884 System windows directory: C:\Windows
15:47:55.0145 4884 Running under WOW64
15:47:55.0145 4884 Processor architecture: Intel x64
15:47:55.0145 4884 Number of processors: 4
15:47:55.0145 4884 Page size: 0x1000
15:47:55.0145 4884 Boot type: Normal boot
15:47:55.0145 4884 ============================================================
15:47:56.0063 4884 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:48:02.0702 4884 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:48:02.0707 4884 ============================================================
15:48:02.0707 4884 \Device\Harddisk1\DR1:
15:48:02.0723 4884 MBR partitions:
15:48:02.0723 4884 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:48:02.0723 4884 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
15:48:02.0723 4884 \Device\Harddisk0\DR0:
15:48:02.0727 4884 MBR partitions:
15:48:02.0727 4884 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
15:48:02.0727 4884 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x24012800
15:48:02.0727 4884 ============================================================
15:48:02.0731 4884 C: <-> \Device\Harddisk1\DR1\Partition1
15:48:02.0756 4884 E: <-> \Device\Harddisk0\DR0\Partition1
15:48:02.0786 4884 F: <-> \Device\Harddisk0\DR0\Partition0
15:48:02.0786 4884 ============================================================
15:48:02.0786 4884 Initialize success
15:48:02.0786 4884 ============================================================
15:48:32.0677 4660 ============================================================
15:48:32.0677 4660 Scan started
15:48:32.0677 4660 Mode: Manual; TDLFS;
15:48:32.0677 4660 ============================================================
15:48:32.0946 4660 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:48:32.0950 4660 1394ohci - ok
15:48:32.0975 4660 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:48:32.0981 4660 ACPI - ok
15:48:32.0994 4660 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:48:32.0996 4660 AcpiPmi - ok
15:48:33.0053 4660 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:48:33.0053 4660 AdobeARMservice - ok
15:48:33.0174 4660 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:48:33.0176 4660 AdobeFlashPlayerUpdateSvc - ok
15:48:33.0223 4660 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:48:33.0230 4660 adp94xx - ok
15:48:33.0258 4660 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:48:33.0263 4660 adpahci - ok
15:48:33.0275 4660 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:48:33.0278 4660 adpu320 - ok
15:48:33.0307 4660 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:48:33.0309 4660 AeLookupSvc - ok
15:48:33.0363 4660 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:48:33.0370 4660 AFD - ok
15:48:33.0390 4660 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:48:33.0392 4660 agp440 - ok
15:48:33.0406 4660 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:48:33.0408 4660 ALG - ok
15:48:33.0429 4660 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:48:33.0430 4660 aliide - ok
15:48:33.0482 4660 AMD External Events Utility (b5e2434fc851698c1f119cf1c3935a50) C:\Windows\system32\atiesrxx.exe
15:48:33.0485 4660 AMD External Events Utility - ok
15:48:33.0495 4660 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:48:33.0496 4660 amdide - ok
15:48:33.0509 4660 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
15:48:33.0511 4660 AmdK8 - ok
15:48:33.0825 4660 amdkmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
15:48:33.0975 4660 amdkmdag - ok
15:48:34.0043 4660 amdkmdap (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
15:48:34.0046 4660 amdkmdap - ok
15:48:34.0065 4660 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
15:48:34.0067 4660 AmdPPM - ok
15:48:34.0090 4660 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:48:34.0092 4660 amdsata - ok
15:48:34.0106 4660 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:48:34.0109 4660 amdsbs - ok
15:48:34.0129 4660 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:48:34.0130 4660 amdxata - ok
15:48:34.0159 4660 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:48:34.0161 4660 AppID - ok
15:48:34.0175 4660 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:48:34.0176 4660 AppIDSvc - ok
15:48:34.0187 4660 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:48:34.0188 4660 Appinfo - ok
15:48:34.0201 4660 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:48:34.0203 4660 arc - ok
15:48:34.0209 4660 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:48:34.0211 4660 arcsas - ok
15:48:34.0309 4660 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:48:34.0310 4660 aspnet_state - ok
15:48:34.0333 4660 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:48:34.0335 4660 AsyncMac - ok
15:48:34.0344 4660 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:48:34.0344 4660 atapi - ok
15:48:34.0375 4660 AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys
15:48:34.0377 4660 AtiHDAudioService - ok
15:48:34.0698 4660 atikmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
15:48:34.0736 4660 atikmdag - ok
15:48:34.0834 4660 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:48:34.0844 4660 AudioEndpointBuilder - ok
15:48:34.0851 4660 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:48:34.0857 4660 AudioSrv - ok
15:48:34.0879 4660 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:48:34.0881 4660 AxInstSV - ok
15:48:34.0927 4660 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:48:34.0933 4660 b06bdrv - ok
15:48:34.0959 4660 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:48:34.0963 4660 b57nd60a - ok
15:48:34.0973 4660 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:48:34.0974 4660 BDESVC - ok
15:48:34.0986 4660 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:48:34.0987 4660 Beep - ok
15:48:35.0033 4660 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:48:35.0042 4660 BFE - ok
15:48:35.0083 4660 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:48:35.0094 4660 BITS - ok
15:48:35.0125 4660 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:48:35.0126 4660 blbdrive - ok
15:48:35.0150 4660 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:48:35.0152 4660 bowser - ok
15:48:35.0164 4660 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:48:35.0165 4660 BrFiltLo - ok
15:48:35.0173 4660 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:48:35.0174 4660 BrFiltUp - ok
15:48:35.0194 4660 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:48:35.0196 4660 Browser - ok
15:48:35.0215 4660 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:48:35.0220 4660 Brserid - ok
15:48:35.0230 4660 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:48:35.0231 4660 BrSerWdm - ok
15:48:35.0244 4660 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:48:35.0245 4660 BrUsbMdm - ok
15:48:35.0252 4660 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:48:35.0253 4660 BrUsbSer - ok
15:48:35.0263 4660 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
15:48:35.0265 4660 BTHMODEM - ok
15:48:35.0318 4660 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:48:35.0320 4660 bthserv - ok
15:48:35.0337 4660 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:48:35.0339 4660 cdfs - ok
15:48:35.0353 4660 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:48:35.0355 4660 cdrom - ok
15:48:35.0374 4660 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:48:35.0376 4660 CertPropSvc - ok
15:48:35.0390 4660 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
15:48:35.0392 4660 circlass - ok
15:48:35.0417 4660 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:48:35.0422 4660 CLFS - ok
15:48:35.0472 4660 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:48:35.0474 4660 clr_optimization_v2.0.50727_32 - ok
15:48:35.0506 4660 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:48:35.0507 4660 clr_optimization_v2.0.50727_64 - ok
15:48:35.0567 4660 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:48:35.0569 4660 clr_optimization_v4.0.30319_32 - ok
15:48:35.0602 4660 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:48:35.0603 4660 clr_optimization_v4.0.30319_64 - ok
15:48:35.0634 4660 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
15:48:35.0635 4660 CmBatt - ok
15:48:35.0646 4660 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:48:35.0648 4660 cmdide - ok
15:48:35.0687 4660 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:48:35.0694 4660 CNG - ok
15:48:35.0714 4660 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
15:48:35.0715 4660 Compbatt - ok
15:48:35.0738 4660 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:48:35.0739 4660 CompositeBus - ok
15:48:35.0742 4660 COMSysApp - ok
15:48:35.0756 4660 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:48:35.0757 4660 crcdisk - ok
15:48:35.0780 4660 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:48:35.0783 4660 CryptSvc - ok
15:48:35.0813 4660 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:48:35.0822 4660 DcomLaunch - ok
15:48:35.0857 4660 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:48:35.0863 4660 defragsvc - ok
15:48:35.0875 4660 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:48:35.0878 4660 DfsC - ok
15:48:35.0907 4660 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:48:35.0913 4660 Dhcp - ok
15:48:35.0934 4660 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:48:35.0935 4660 discache - ok
15:48:35.0959 4660 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:48:35.0960 4660 Disk - ok
15:48:35.0983 4660 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:48:35.0986 4660 Dnscache - ok
15:48:36.0002 4660 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:48:36.0007 4660 dot3svc - ok
15:48:36.0019 4660 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:48:36.0022 4660 DPS - ok
15:48:36.0042 4660 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:48:36.0043 4660 drmkaud - ok
15:48:36.0078 4660 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:48:36.0083 4660 dtsoftbus01 - ok
15:48:36.0134 4660 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:48:36.0148 4660 DXGKrnl - ok
15:48:36.0170 4660 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:48:36.0172 4660 EapHost - ok
15:48:36.0279 4660 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:48:36.0326 4660 ebdrv - ok
15:48:36.0411 4660 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:48:36.0413 4660 EFS - ok
15:48:36.0469 4660 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:48:36.0477 4660 ehRecvr - ok
15:48:36.0494 4660 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:48:36.0495 4660 ehSched - ok
15:48:36.0542 4660 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:48:36.0549 4660 elxstor - ok
15:48:36.0564 4660 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:48:36.0565 4660 ErrDev - ok
15:48:36.0605 4660 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:48:36.0610 4660 EventSystem - ok
15:48:36.0630 4660 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:48:36.0633 4660 exfat - ok
15:48:36.0650 4660 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:48:36.0653 4660 fastfat - ok
15:48:36.0682 4660 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:48:36.0691 4660 Fax - ok
15:48:36.0712 4660 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:48:36.0713 4660 fdc - ok
15:48:36.0742 4660 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:48:36.0744 4660 fdPHost - ok
15:48:36.0754 4660 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:48:36.0755 4660 FDResPub - ok
15:48:36.0779 4660 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:48:36.0781 4660 FileInfo - ok
15:48:36.0794 4660 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:48:36.0796 4660 Filetrace - ok
15:48:36.0812 4660 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:48:36.0813 4660 flpydisk - ok
15:48:36.0836 4660 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:48:36.0841 4660 FltMgr - ok
15:48:36.0911 4660 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:48:36.0934 4660 FontCache - ok
15:48:37.0001 4660 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:48:37.0002 4660 FontCache3.0.0.0 - ok
15:48:37.0030 4660 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:48:37.0031 4660 FsDepends - ok
15:48:37.0064 4660 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:48:37.0066 4660 Fs_Rec - ok
15:48:37.0095 4660 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:48:37.0098 4660 fvevol - ok
15:48:37.0112 4660 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:48:37.0114 4660 gagp30kx - ok
15:48:37.0154 4660 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:48:37.0166 4660 gpsvc - ok
15:48:37.0176 4660 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:48:37.0177 4660 hcw85cir - ok
15:48:37.0215 4660 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:48:37.0221 4660 HdAudAddService - ok
15:48:37.0252 4660 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:48:37.0255 4660 HDAudBus - ok
15:48:37.0271 4660 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:48:37.0273 4660 HidBatt - ok
15:48:37.0291 4660 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
15:48:37.0293 4660 HidBth - ok
15:48:37.0299 4660 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
15:48:37.0300 4660 HidIr - ok
15:48:37.0319 4660 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:48:37.0321 4660 hidserv - ok
15:48:37.0334 4660 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:48:37.0335 4660 HidUsb - ok
15:48:37.0364 4660 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:48:37.0367 4660 hkmsvc - ok
15:48:37.0382 4660 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:48:37.0386 4660 HomeGroupListener - ok
15:48:37.0407 4660 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:48:37.0411 4660 HomeGroupProvider - ok
15:48:37.0445 4660 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:48:37.0447 4660 HpSAMD - ok
15:48:37.0494 4660 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:48:37.0503 4660 HTTP - ok
15:48:37.0523 4660 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:48:37.0524 4660 hwpolicy - ok
15:48:37.0542 4660 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:48:37.0544 4660 i8042prt - ok
15:48:37.0581 4660 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:48:37.0588 4660 iaStorV - ok
15:48:37.0651 4660 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:48:37.0659 4660 idsvc - ok
15:48:37.0669 4660 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:48:37.0671 4660 iirsp - ok
15:48:37.0714 4660 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:48:37.0727 4660 IKEEXT - ok
15:48:37.0742 4660 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:48:37.0743 4660 intelide - ok
15:48:37.0763 4660 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:48:37.0765 4660 intelppm - ok
15:48:37.0782 4660 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:48:37.0785 4660 IPBusEnum - ok
15:48:37.0817 4660 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:48:37.0819 4660 IpFilterDriver - ok
15:48:37.0853 4660 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:48:37.0861 4660 iphlpsvc - ok
15:48:37.0877 4660 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:48:37.0879 4660 IPMIDRV - ok
15:48:37.0895 4660 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:48:37.0898 4660 IPNAT - ok
15:48:37.0937 4660 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:48:37.0939 4660 IRENUM - ok
15:48:37.0959 4660 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:48:37.0960 4660 isapnp - ok
15:48:37.0980 4660 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:48:37.0985 4660 iScsiPrt - ok
15:48:38.0014 4660 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:48:38.0015 4660 kbdclass - ok
15:48:38.0037 4660 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:48:38.0039 4660 kbdhid - ok
15:48:38.0068 4660 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:48:38.0069 4660 KeyIso - ok
15:48:38.0083 4660 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:48:38.0085 4660 KSecDD - ok
15:48:38.0095 4660 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:48:38.0098 4660 KSecPkg - ok
15:48:38.0111 4660 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:48:38.0113 4660 ksthunk - ok
15:48:38.0148 4660 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:48:38.0155 4660 KtmRm - ok
15:48:38.0180 4660 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:48:38.0186 4660 LanmanServer - ok
15:48:38.0205 4660 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:48:38.0210 4660 LanmanWorkstation - ok
15:48:38.0235 4660 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:48:38.0236 4660 lltdio - ok
15:48:38.0260 4660 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:48:38.0266 4660 lltdsvc - ok
15:48:38.0284 4660 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:48:38.0285 4660 lmhosts - ok
15:48:38.0303 4660 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:48:38.0305 4660 LSI_FC - ok
15:48:38.0325 4660 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:48:38.0327 4660 LSI_SAS - ok
15:48:38.0335 4660 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:48:38.0337 4660 LSI_SAS2 - ok
15:48:38.0355 4660 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:48:38.0357 4660 LSI_SCSI - ok
15:48:38.0374 4660 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:48:38.0376 4660 luafv - ok
15:48:38.0399 4660 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:48:38.0402 4660 Mcx2Svc - ok
15:48:38.0412 4660 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:48:38.0414 4660 megasas - ok
15:48:38.0448 4660 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:48:38.0453 4660 MegaSR - ok
15:48:38.0476 4660 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:48:38.0479 4660 MMCSS - ok
15:48:38.0489 4660 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:48:38.0490 4660 Modem - ok
15:48:38.0508 4660 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:48:38.0510 4660 monitor - ok
15:48:38.0535 4660 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:48:38.0537 4660 mouclass - ok
15:48:38.0547 4660 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:48:38.0548 4660 mouhid - ok
15:48:38.0569 4660 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:48:38.0571 4660 mountmgr - ok
15:48:38.0618 4660 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
15:48:38.0622 4660 MpFilter - ok
15:48:38.0638 4660 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:48:38.0641 4660 mpio - ok
15:48:38.0659 4660 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:48:38.0661 4660 mpsdrv - ok
15:48:38.0705 4660 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:48:38.0718 4660 MpsSvc - ok
15:48:38.0732 4660 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:48:38.0735 4660 MRxDAV - ok
15:48:38.0760 4660 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:48:38.0764 4660 mrxsmb - ok
15:48:38.0783 4660 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:48:38.0788 4660 mrxsmb10 - ok
15:48:38.0801 4660 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:48:38.0804 4660 mrxsmb20 - ok
15:48:38.0815 4660 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:48:38.0816 4660 msahci - ok
15:48:38.0827 4660 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:48:38.0829 4660 msdsm - ok
15:48:38.0848 4660 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:48:38.0851 4660 MSDTC - ok
15:48:38.0870 4660 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:48:38.0871 4660 Msfs - ok
15:48:38.0890 4660 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:48:38.0892 4660 mshidkmdf - ok
15:48:38.0899 4660 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:48:38.0900 4660 msisadrv - ok
15:48:38.0925 4660 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:48:38.0929 4660 MSiSCSI - ok
15:48:38.0932 4660 msiserver - ok
15:48:38.0944 4660 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:48:38.0945 4660 MSKSSRV - ok
15:48:39.0004 4660 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:48:39.0004 4660 MsMpSvc - ok
15:48:39.0028 4660 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:48:39.0029 4660 MSPCLOCK - ok
15:48:39.0037 4660 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:48:39.0038 4660 MSPQM - ok
15:48:39.0060 4660 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:48:39.0066 4660 MsRPC - ok
15:48:39.0078 4660 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:48:39.0079 4660 mssmbios - ok
15:48:39.0092 4660 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:48:39.0093 4660 MSTEE - ok
15:48:39.0103 4660 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
15:48:39.0104 4660 MTConfig - ok
15:48:39.0119 4660 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:48:39.0120 4660 Mup - ok
15:48:39.0151 4660 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:48:39.0159 4660 napagent - ok
15:48:39.0194 4660 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:48:39.0200 4660 NativeWifiP - ok
15:48:39.0252 4660 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:48:39.0265 4660 NDIS - ok
15:48:39.0281 4660 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:48:39.0282 4660 NdisCap - ok
15:48:39.0301 4660 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:48:39.0302 4660 NdisTapi - ok
15:48:39.0313 4660 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:48:39.0315 4660 Ndisuio - ok
15:48:39.0331 4660 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:48:39.0334 4660 NdisWan - ok
15:48:39.0349 4660 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:48:39.0351 4660 NDProxy - ok
15:48:39.0358 4660 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:48:39.0360 4660 NetBIOS - ok
15:48:39.0382 4660 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:48:39.0386 4660 NetBT - ok
15:48:39.0408 4660 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:48:39.0409 4660 Netlogon - ok
15:48:39.0447 4660 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:48:39.0454 4660 Netman - ok
15:48:39.0533 4660 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:39.0535 4660 NetMsmqActivator - ok
15:48:39.0551 4660 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:39.0552 4660 NetPipeActivator - ok
15:48:39.0574 4660 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:48:39.0582 4660 netprofm - ok
15:48:39.0586 4660 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:39.0587 4660 NetTcpActivator - ok
15:48:39.0590 4660 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:39.0592 4660 NetTcpPortSharing - ok
15:48:39.0632 4660 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:48:39.0634 4660 nfrd960 - ok
15:48:39.0666 4660 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:48:39.0668 4660 NisDrv - ok
15:48:39.0713 4660 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
15:48:39.0715 4660 NisSrv - ok
15:48:39.0747 4660 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:48:39.0753 4660 NlaSvc - ok
15:48:39.0768 4660 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:48:39.0770 4660 Npfs - ok
15:48:39.0780 4660 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:48:39.0782 4660 nsi - ok
15:48:39.0801 4660 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:48:39.0802 4660 nsiproxy - ok
15:48:39.0884 4660 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:48:39.0915 4660 Ntfs - ok
15:48:39.0972 4660 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:48:39.0973 4660 Null - ok
15:48:40.0016 4660 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:48:40.0018 4660 nvraid - ok
15:48:40.0042 4660 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:48:40.0045 4660 nvstor - ok
15:48:40.0070 4660 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:48:40.0072 4660 nv_agp - ok
15:48:40.0159 4660 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:48:40.0163 4660 odserv - ok
15:48:40.0182 4660 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:48:40.0184 4660 ohci1394 - ok
15:48:40.0221 4660 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:48:40.0222 4660 ose - ok
15:48:40.0253 4660 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:48:40.0259 4660 p2pimsvc - ok
15:48:40.0293 4660 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:48:40.0301 4660 p2psvc - ok
15:48:40.0328 4660 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:48:40.0331 4660 Parport - ok
15:48:40.0362 4660 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
15:48:40.0364 4660 partmgr - ok
15:48:40.0380 4660 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:48:40.0385 4660 PcaSvc - ok
15:48:40.0405 4660 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:48:40.0408 4660 pci - ok
15:48:40.0429 4660 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:48:40.0430 4660 pciide - ok
15:48:40.0455 4660 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:48:40.0458 4660 pcmcia - ok
15:48:40.0474 4660 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:48:40.0475 4660 pcw - ok
15:48:40.0510 4660 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:48:40.0520 4660 PEAUTH - ok
15:48:40.0588 4660 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:48:40.0589 4660 PerfHost - ok
15:48:40.0651 4660 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:48:40.0675 4660 pla - ok
15:48:40.0703 4660 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:48:40.0708 4660 PlugPlay - ok
15:48:40.0710 4660 PnkBstrA - ok
15:48:40.0731 4660 PnkBstrB - ok
15:48:40.0741 4660 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:48:40.0742 4660 PNRPAutoReg - ok
15:48:40.0759 4660 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:48:40.0762 4660 PNRPsvc - ok
15:48:40.0796 4660 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:48:40.0803 4660 PolicyAgent - ok
15:48:40.0833 4660 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:48:40.0837 4660 Power - ok
15:48:40.0876 4660 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:48:40.0879 4660 PptpMiniport - ok
15:48:40.0889 4660 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:48:40.0891 4660 Processor - ok
15:48:40.0913 4660 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:48:40.0917 4660 ProfSvc - ok
15:48:40.0931 4660 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:48:40.0932 4660 ProtectedStorage - ok
15:48:40.0951 4660 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:48:40.0953 4660 Psched - ok
15:48:41.0013 4660 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:48:41.0034 4660 ql2300 - ok
15:48:41.0104 4660 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:48:41.0106 4660 ql40xx - ok
15:48:41.0127 4660 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:48:41.0132 4660 QWAVE - ok
15:48:41.0145 4660 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:48:41.0147 4660 QWAVEdrv - ok
15:48:41.0163 4660 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:48:41.0164 4660 RasAcd - ok
15:48:41.0185 4660 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:48:41.0187 4660 RasAgileVpn - ok
15:48:41.0211 4660 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:48:41.0214 4660 RasAuto - ok
15:48:41.0224 4660 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:48:41.0227 4660 Rasl2tp - ok
15:48:41.0246 4660 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:48:41.0252 4660 RasMan - ok
15:48:41.0265 4660 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:48:41.0267 4660 RasPppoe - ok
15:48:41.0283 4660 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:48:41.0285 4660 RasSstp - ok
15:48:41.0301 4660 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:48:41.0306 4660 rdbss - ok
15:48:41.0335 4660 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
15:48:41.0336 4660 rdpbus - ok
15:48:41.0354 4660 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:48:41.0355 4660 RDPCDD - ok
15:48:41.0363 4660 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:48:41.0364 4660 RDPENCDD - ok
15:48:41.0373 4660 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:48:41.0373 4660 RDPREFMP - ok
15:48:41.0412 4660 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
15:48:41.0415 4660 RDPWD - ok
15:48:41.0444 4660 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:48:41.0448 4660 rdyboost - ok
15:48:41.0463 4660 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:48:41.0466 4660 RemoteAccess - ok
15:48:41.0491 4660 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:48:41.0496 4660 RemoteRegistry - ok
15:48:41.0510 4660 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:48:41.0513 4660 RpcEptMapper - ok
15:48:41.0532 4660 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:48:41.0534 4660 RpcLocator - ok
15:48:41.0557 4660 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:48:41.0562 4660 RpcSs - ok
15:48:41.0586 4660 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:48:41.0588 4660 rspndr - ok
15:48:41.0633 4660 RTL8167 (16d4e350420baa7e63e16e3fc033e1f5) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:48:41.0640 4660 RTL8167 - ok
15:48:41.0655 4660 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:48:41.0657 4660 SamSs - ok
15:48:41.0672 4660 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:48:41.0674 4660 sbp2port - ok
15:48:41.0698 4660 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:48:41.0702 4660 SCardSvr - ok
15:48:41.0711 4660 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:48:41.0713 4660 scfilter - ok
15:48:41.0760 4660 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:48:41.0782 4660 Schedule - ok
15:48:41.0800 4660 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:48:41.0801 4660 SCPolicySvc - ok
15:48:41.0811 4660 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:48:41.0814 4660 SDRSVC - ok
15:48:41.0846 4660 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:48:41.0848 4660 secdrv - ok
15:48:41.0858 4660 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:48:41.0860 4660 seclogon - ok
15:48:41.0873 4660 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:48:41.0876 4660 SENS - ok
15:48:41.0887 4660 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:48:41.0889 4660 SensrSvc - ok
15:48:41.0912 4660 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:48:41.0913 4660 Serenum - ok
15:48:41.0925 4660 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:48:41.0927 4660 Serial - ok
15:48:41.0938 4660 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:48:41.0939 4660 sermouse - ok
15:48:41.0957 4660 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:48:41.0960 4660 SessionEnv - ok
15:48:41.0968 4660 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:48:41.0969 4660 sffdisk - ok
15:48:41.0977 4660 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:48:41.0978 4660 sffp_mmc - ok
15:48:41.0991 4660 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:48:41.0993 4660 sffp_sd - ok
15:48:42.0009 4660 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:48:42.0010 4660 sfloppy - ok
15:48:42.0038 4660 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:48:42.0043 4660 SharedAccess - ok
15:48:42.0065 4660 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:48:42.0070 4660 ShellHWDetection - ok
15:48:42.0094 4660 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:48:42.0095 4660 SiSRaid2 - ok
15:48:42.0107 4660 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:48:42.0109 4660 SiSRaid4 - ok
15:48:42.0199 4660 SkypeUpdate (68ea68d03bf58389fe6ad2b38fad798c) C:\Program Files (x86)\Skype\Updater\Updater.exe
15:48:42.0201 4660 SkypeUpdate - ok
15:48:42.0235 4660 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:48:42.0238 4660 Smb - ok
15:48:42.0265 4660 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:48:42.0268 4660 SNMPTRAP - ok
15:48:42.0273 4660 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:48:42.0275 4660 spldr - ok
15:48:42.0302 4660 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:48:42.0311 4660 Spooler - ok
15:48:42.0435 4660 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:48:42.0484 4660 sppsvc - ok
15:48:42.0542 4660 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:48:42.0544 4660 sppuinotify - ok
15:48:42.0580 4660 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:48:42.0586 4660 srv - ok
15:48:42.0607 4660 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:48:42.0613 4660 srv2 - ok
15:48:42.0624 4660 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:48:42.0626 4660 srvnet - ok
15:48:42.0649 4660 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:48:42.0653 4660 SSDPSRV - ok
15:48:42.0665 4660 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:48:42.0667 4660 SstpSvc - ok
15:48:42.0712 4660 Steam Client Service - ok
15:48:42.0734 4660 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:48:42.0736 4660 stexstor - ok
15:48:42.0784 4660 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:48:42.0794 4660 stisvc - ok
15:48:42.0813 4660 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:48:42.0814 4660 swenum - ok
15:48:42.0845 4660 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:48:42.0854 4660 swprv - ok
15:48:42.0928 4660 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:48:42.0960 4660 SysMain - ok
15:48:43.0017 4660 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:48:43.0019 4660 TabletInputService - ok
15:48:43.0035 4660 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:48:43.0040 4660 TapiSrv - ok
15:48:43.0048 4660 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:48:43.0050 4660 TBS - ok
15:48:43.0176 4660 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:48:43.0210 4660 Tcpip - ok
15:48:43.0327 4660 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:48:43.0335 4660 TCPIP6 - ok
15:48:43.0390 4660 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:48:43.0391 4660 tcpipreg - ok
15:48:43.0408 4660 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:48:43.0410 4660 TDPIPE - ok
15:48:43.0418 4660 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:48:43.0420 4660 TDTCP - ok
15:48:43.0439 4660 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:48:43.0441 4660 tdx - ok
15:48:43.0477 4660 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
15:48:43.0479 4660 TermDD - ok
15:48:43.0528 4660 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:48:43.0539 4660 TermService - ok
15:48:43.0558 4660 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:48:43.0560 4660 Themes - ok
15:48:43.0587 4660 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:48:43.0590 4660 THREADORDER - ok
15:48:43.0604 4660 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:48:43.0608 4660 TrkWks - ok
15:48:43.0650 4660 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:48:43.0652 4660 TrustedInstaller - ok
15:48:43.0667 4660 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:48:43.0669 4660 tssecsrv - ok
15:48:43.0691 4660 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:48:43.0693 4660 TsUsbFlt - ok
15:48:43.0714 4660 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
15:48:43.0715 4660 TsUsbGD - ok
15:48:43.0730 4660 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:48:43.0733 4660 tunnel - ok
15:48:43.0748 4660 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:48:43.0750 4660 uagp35 - ok
15:48:43.0772 4660 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:48:43.0778 4660 udfs - ok
15:48:43.0801 4660 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:48:43.0804 4660 UI0Detect - ok
15:48:43.0833 4660 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:48:43.0835 4660 uliagpkx - ok
15:48:43.0861 4660 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
15:48:43.0863 4660 umbus - ok
15:48:43.0874 4660 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
15:48:43.0875 4660 UmPass - ok
15:48:43.0899 4660 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:48:43.0905 4660 upnphost - ok
15:48:43.0932 4660 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
15:48:43.0935 4660 usbccgp - ok
15:48:43.0948 4660 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:48:43.0951 4660 usbcir - ok
15:48:43.0986 4660 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:48:43.0988 4660 usbehci - ok
15:48:44.0022 4660 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:48:44.0027 4660 usbhub - ok
15:48:44.0041 4660 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:48:44.0043 4660 usbohci - ok
15:48:44.0065 4660 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
15:48:44.0067 4660 usbprint - ok
15:48:44.0095 4660 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
15:48:44.0097 4660 USBSTOR - ok
15:48:44.0121 4660 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:48:44.0123 4660 usbuhci - ok
15:48:44.0148 4660 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:48:44.0151 4660 UxSms - ok
15:48:44.0169 4660 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:48:44.0171 4660 VaultSvc - ok
15:48:44.0199 4660 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:48:44.0201 4660 vdrvroot - ok
15:48:44.0227 4660 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:48:44.0237 4660 vds - ok
15:48:44.0258 4660 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:48:44.0260 4660 vga - ok
15:48:44.0275 4660 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:48:44.0276 4660 VgaSave - ok
15:48:44.0302 4660 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:48:44.0306 4660 vhdmp - ok
15:48:44.0321 4660 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:48:44.0322 4660 viaide - ok
15:48:44.0341 4660 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:48:44.0343 4660 volmgr - ok
15:48:44.0367 4660 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:48:44.0373 4660 volmgrx - ok
15:48:44.0394 4660 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:48:44.0400 4660 volsnap - ok
15:48:44.0425 4660 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:48:44.0429 4660 vsmraid - ok
15:48:44.0498 4660 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:48:44.0530 4660 VSS - ok
15:48:44.0590 4660 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:48:44.0591 4660 vwifibus - ok
15:48:44.0615 4660 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:48:44.0621 4660 W32Time - ok
15:48:44.0636 4660 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:48:44.0638 4660 WacomPen - ok
15:48:44.0658 4660 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:48:44.0659 4660 WANARP - ok
15:48:44.0673 4660 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:48:44.0674 4660 Wanarpv6 - ok
15:48:44.0750 4660 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:48:44.0779 4660 WatAdminSvc - ok
15:48:44.0844 4660 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:48:44.0874 4660 wbengine - ok
15:48:44.0936 4660 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:48:44.0941 4660 WbioSrvc - ok
15:48:44.0962 4660 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:48:44.0969 4660 wcncsvc - ok
15:48:44.0979 4660 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:48:44.0981 4660 WcsPlugInService - ok
15:48:45.0002 4660 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:48:45.0004 4660 Wd - ok
15:48:45.0037 4660 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:48:45.0047 4660 Wdf01000 - ok
15:48:45.0074 4660 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:48:45.0077 4660 WdiServiceHost - ok
15:48:45.0080 4660 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:48:45.0083 4660 WdiSystemHost - ok
15:48:45.0104 4660 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:48:45.0110 4660 WebClient - ok
15:48:45.0122 4660 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:48:45.0128 4660 Wecsvc - ok
15:48:45.0143 4660 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:48:45.0146 4660 wercplsupport - ok
15:48:45.0162 4660 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:48:45.0165 4660 WerSvc - ok
15:48:45.0203 4660 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:48:45.0204 4660 WfpLwf - ok
15:48:45.0219 4660 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:48:45.0221 4660 WIMMount - ok
15:48:45.0246 4660 WinDefend - ok
15:48:45.0253 4660 WinHttpAutoProxySvc - ok
15:48:45.0307 4660 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:48:45.0311 4660 Winmgmt - ok
15:48:45.0378 4660 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:48:45.0412 4660 WinRM - ok
15:48:45.0515 4660 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:48:45.0529 4660 Wlansvc - ok
15:48:45.0643 4660 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:48:45.0682 4660 wlidsvc - ok
15:48:45.0745 4660 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:48:45.0746 4660 WmiAcpi - ok
15:48:45.0788 4660 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:48:45.0791 4660 wmiApSrv - ok
15:48:45.0815 4660 WMPNetworkSvc - ok
15:48:45.0835 4660 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:48:45.0838 4660 WPCSvc - ok
15:48:45.0855 4660 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:48:45.0859 4660 WPDBusEnum - ok
15:48:45.0867 4660 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:48:45.0868 4660 ws2ifsl - ok
15:48:45.0885 4660 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
15:48:45.0888 4660 wscsvc - ok
15:48:45.0891 4660 WSearch - ok
15:48:45.0970 4660 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:48:46.0005 4660 wuauserv - ok
15:48:46.0064 4660 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:48:46.0066 4660 WudfPf - ok
15:48:46.0091 4660 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:48:46.0094 4660 WUDFRd - ok
15:48:46.0109 4660 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:48:46.0112 4660 wudfsvc - ok
15:48:46.0126 4660 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:48:46.0131 4660 WwanSvc - ok
15:48:46.0195 4660 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
15:48:46.0197 4660 xusb21 - ok
15:48:46.0210 4660 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
15:48:46.0430 4660 \Device\Harddisk1\DR1 - ok
15:48:46.0449 4660 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:48:46.0763 4660 \Device\Harddisk0\DR0 - ok
15:48:46.0766 4660 Boot (0x1200) (5f03d40250043b501218625c82d1f89e) \Device\Harddisk1\DR1\Partition0
15:48:46.0768 4660 \Device\Harddisk1\DR1\Partition0 - ok
15:48:46.0792 4660 Boot (0x1200) (a7db83d50fc757f60df79aa108ace75d) \Device\Harddisk1\DR1\Partition1
15:48:46.0794 4660 \Device\Harddisk1\DR1\Partition1 - ok
15:48:46.0822 4660 Boot (0x1200) (c162c2460219aac602cb52e5d74c5254) \Device\Harddisk0\DR0\Partition0
15:48:46.0824 4660 \Device\Harddisk0\DR0\Partition0 - ok
15:48:46.0826 4660 Boot (0x1200) (325a2626f71060e66f667dcba3441c26) \Device\Harddisk0\DR0\Partition1
15:48:46.0827 4660 \Device\Harddisk0\DR0\Partition1 - ok
15:48:46.0827 4660 ============================================================
15:48:46.0827 4660 Scan finished
15:48:46.0827 4660 ============================================================
15:48:46.0835 5036 Detected object count: 0
15:48:46.0835 5036 Actual detected object count: 0
15:49:04.0779 2280 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-06 15:51:04
-----------------------------
15:51:04.919 OS Version: Windows x64 6.1.7601 Service Pack 1
15:51:04.920 Number of processors: 4 586 0x2A07
15:51:04.920 ComputerName: AA-PC UserName: AA
15:51:10.480 Initialize success
15:52:00.536 AVAST engine defs: 12060602
15:52:35.614 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-6
15:52:35.617 Disk 0 Vendor: ST3320620AS 3.ADG Size: 305245MB BusType: 3
15:52:35.620 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
15:52:35.622 Disk 1 Vendor: ST3500413AS JC4B Size: 476940MB BusType: 3
15:52:35.641 Disk 1 MBR read successfully
15:52:35.644 Disk 1 MBR scan
15:52:35.649 Disk 1 Windows 7 default MBR code
15:52:35.656 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:52:35.698 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
15:52:35.741 Disk 1 scanning C:\Windows\system32\drivers
15:52:45.308 Service scanning
15:53:02.622 Modules scanning
15:53:02.631 Disk 1 trace - called modules:
15:53:02.978 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
15:53:02.984 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8004d28060]
15:53:02.989 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004723060]
15:53:08.584 AVAST engine scan C:\Windows
15:53:10.446 AVAST engine scan C:\Windows\system32
15:56:08.886 AVAST engine scan C:\Windows\system32\drivers
15:56:20.389 AVAST engine scan C:\Users\AA
16:02:10.010 AVAST engine scan C:\ProgramData
16:02:28.010 Scan finished successfully
16:03:00.271 Disk 1 MBR has been saved successfully to "C:\MBR.dat"
16:03:00.307 The log file has been saved successfully to "C:\aswMBR.txt"



ESET online scanner log

E:\Users\The Comp\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\491a3b21-4c35c1c7 Java/TrojanDownloader.OpenConnection.CU trojan deleted - quarantined
E:\Users\The Comp\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\3a28abb9-35729be8 multiple threats deleted - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:13 PM

Posted 06 June 2012 - 07:45 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 Yodnarb

Yodnarb
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:13 PM

Posted 07 June 2012 - 12:17 PM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.07.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
AA :: AA-PC [administrator]

12-06-07 8:45:36 AM
mbam-log-2012-06-07 (08-45-36).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 715380
Time elapsed: 2 hour(s), 24 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MiniToolBox by Farbar Version: 04-06-2012
Ran by AA (administrator) on 07-06-2012 at 12:56:01
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : AA-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 8C-89-A5-31-65-4B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ad8e:4dc0:1283:d73b%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, June 07, 2012 8:36:55 AM
Lease Expires . . . . . . . . . . : Thursday, June 07, 2012 2:36:55 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 244091301
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-B4-A0-28-8C-89-A5-31-65-4B
DNS Servers . . . . . . . . . . . : 64.71.255.198
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{01978BCB-E0AA-4E27-BC80-551C237F217A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:28ea:a77d:9c17:dfc5(Preferred)
Link-local IPv6 Address . . . . . : fe80::28ea:a77d:9c17:dfc5%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns.rnc.net.cable.rogers.com
Address: 64.71.255.198

Name: google.com
Addresses: 2607:f8b0:400b:801::1000
74.125.226.33
74.125.226.32
74.125.226.39
74.125.226.41
74.125.226.37
74.125.226.40
74.125.226.38
74.125.226.34
74.125.226.36
74.125.226.46
74.125.226.35


Pinging google.com [74.125.226.64] with 32 bytes of data:
Reply from 74.125.226.64: bytes=32 time=10ms TTL=56
Reply from 74.125.226.64: bytes=32 time=10ms TTL=56

Ping statistics for 74.125.226.64:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 10ms, Average = 10ms
Server: dns.rnc.net.cable.rogers.com
Address: 64.71.255.198

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=192ms TTL=52
Reply from 72.30.38.140: bytes=32 time=107ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 107ms, Maximum = 192ms, Average = 149ms
Server: dns.rnc.net.cable.rogers.com
Address: 64.71.255.198

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...8c 89 a5 31 65 4b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:28ea:a77d:9c17:dfc5/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::28ea:a77d:9c17:dfc5/128
On-link
11 276 fe80::ad8e:4dc0:1283:d73b/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/07/2012 08:38:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2012 07:31:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2012 07:31:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2012 05:17:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2012 04:05:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2012 04:04:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2012 04:04:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2012 04:03:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/31/2012 03:23:56 AM) (Source: Application Hang) (User: )
Description: The program LolClient.exe version 2.0.2.12610 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1004

Start Time: 01cd3efc7f7eb5dc

Termination Time: 2

Application Path: C:\Games\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.147\deploy\LolClient.exe

Report Id: 92acb050-aaf1-11e1-b631-8c89a531654b

Error: (05/16/2012 04:52:31 AM) (Source: Application Hang) (User: )
Description: The program rads_user_kernel.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ff4

Start Time: 01cd33412bfbeb84

Termination Time: 0

Application Path: C:\Games\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

Report Id: 75ba3089-9f34-11e1-b631-8c89a531654b


System errors:
=============
Error: (06/05/2012 03:00:12 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (05/29/2012 01:16:01 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.836.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (05/19/2012 07:57:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (05/11/2012 01:51:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (04/29/2012 00:13:00 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (04/27/2012 00:38:41 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (04/24/2012 08:56:40 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (04/22/2012 11:03:18 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (04/21/2012 10:48:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (04/20/2012 08:00:39 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.61205.2219)
Application Profiles (Version: 2.0.4427.36392)
µTorrent (Version: 3.1.3)
Batman: Arkham Asylum (Version: 1.0.0.0)
Battlefield 3™ (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 1.118.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1205.2215.39827)
Catalyst Control Center Graphics Previews Common (Version: 2011.1205.2215.39827)
Catalyst Control Center InstallProxy (Version: 2011.1205.2215.39827)
Catalyst Control Center Localization All (Version: 2011.1205.2215.39827)
ccc-utility64 (Version: 2011.1205.2215.39827)
CCC Help Chinese Standard (Version: 2011.1205.2214.39827)
CCC Help Chinese Traditional (Version: 2011.1205.2214.39827)
CCC Help Czech (Version: 2011.1205.2214.39827)
CCC Help Danish (Version: 2011.1205.2214.39827)
CCC Help Dutch (Version: 2011.1205.2214.39827)
CCC Help English (Version: 2011.1205.2214.39827)
CCC Help Finnish (Version: 2011.1205.2214.39827)
CCC Help French (Version: 2011.1205.2214.39827)
CCC Help German (Version: 2011.1205.2214.39827)
CCC Help Greek (Version: 2011.1205.2214.39827)
CCC Help Hungarian (Version: 2011.1205.2214.39827)
CCC Help Italian (Version: 2011.1205.2214.39827)
CCC Help Japanese (Version: 2011.1205.2214.39827)
CCC Help Korean (Version: 2011.1205.2214.39827)
CCC Help Norwegian (Version: 2011.1205.2214.39827)
CCC Help Polish (Version: 2011.1205.2214.39827)
CCC Help Portuguese (Version: 2011.1205.2214.39827)
CCC Help Russian (Version: 2011.1205.2214.39827)
CCC Help Spanish (Version: 2011.1205.2214.39827)
CCC Help Swedish (Version: 2011.1205.2214.39827)
CCC Help Thai (Version: 2011.1205.2214.39827)
CCC Help Turkish (Version: 2011.1205.2214.39827)
Crusader Kings II
DAEMON Tools Lite (Version: 4.45.2.0287)
DiRT 3
ESET Online Scanner v3
ESN Sonar (Version: 0.70.4)
Google Chrome (Version: 19.0.1084.52)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 4 (Version: 7.0.40)
L.A. Noire (Version: 1.00.0000)
League of Legends (Version: 1.3)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.0.17.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 13.0 (x86 en-US) (Version: 13.0)
NVIDIA PhysX (Version: 9.09.0720)
OpenAL
Origin (Version: 8.5.0.4550)
PunkBuster Services (Version: 0.991)
Rapture3D 2.4.8 Game
Realtek Ethernet Controller Driver (Version: 7.43.321.2011)
Rockstar Games Social Club (Version: 1.0.0.0)
Skype™ 5.9 (Version: 5.9.114)
Steam (Version: 1.0.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.0 (Version: 2.0.0)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.11 (32-bit) (Version: 4.11.0)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 4076.88 MB
Available physical RAM: 2421.52 MB
Total Pagefile: 8151.95 MB
Available Pagefile: 6497.82 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.06 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:336.06 GB) NTFS
3 Drive e: (Old) (Fixed) (Total:288.04 GB) (Free:13.35 GB) NTFS
4 Drive f: (RECOVERY) (Fixed) (Total:10 GB) (Free:9.92 GB) NTFS

========================= Users: ========================================

User accounts for \\AA-PC

AA Administrator Guest


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:13 PM

Posted 07 June 2012 - 02:53 PM

Do you still have issues?

#7 Yodnarb

Yodnarb
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:13 PM

Posted 07 June 2012 - 04:52 PM

No, I deleted the Firefox extension registry key and folder in appdata, but I don't know how did the same trojan show up again after 3 weeks of the first infection and how did the extension get installed. Do you think the PC is clean now? Is it possible the malicious extension could be reinstalled again without my knowledge?

Edited by Yodnarb, 07 June 2012 - 04:53 PM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:13 PM

Posted 07 June 2012 - 08:47 PM

PC is clean,make sure to update your java and antivirus

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users