Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please HELP I'm having problems with my laptop :(


  • Please log in to reply
4 replies to this topic

#1 Chris828

Chris828

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 11 June 2012 - 11:22 PM

Hello my name is Chris. I'm coming here for help since when I googled some information on what I'm having I noticed that you guys really help out. So I'm here because recently this week I started hearing random commercial ads in the background of my home screen even though I had my internet closed. Also when I went on let's say my internet explorer or Googled something random pop ups will pop up even though I blocked all pop ups and also when I search something on Google and I click on the first link it would take me somewhere else like a random ad. So if anyone can really really help me please :( how I can fix these problems as soon as possible I would be so grateful. Hope to hear from anyone some professional answer thanks alot

Edit: Moved topic from Vista to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:24 PM

Posted 12 June 2012 - 01:25 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#3 Chris828

Chris828
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 12 June 2012 - 11:13 AM

10:11:28.0758 8480 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
10:11:29.0376 8480 ============================================================
10:11:29.0376 8480 Current date / time: 2012/06/12 10:11:29.0376
10:11:29.0376 8480 SystemInfo:
10:11:29.0376 8480
10:11:29.0376 8480 OS Version: 6.0.6002 ServicePack: 2.0
10:11:29.0376 8480 Product type: Workstation
10:11:29.0377 8480 ComputerName: CHRIS
10:11:29.0377 8480 UserName: Owner
10:11:29.0377 8480 Windows directory: C:\Windows
10:11:29.0377 8480 System windows directory: C:\Windows
10:11:29.0377 8480 Running under WOW64
10:11:29.0377 8480 Processor architecture: Intel x64
10:11:29.0377 8480 Number of processors: 2
10:11:29.0377 8480 Page size: 0x1000
10:11:29.0377 8480 Boot type: Normal boot
10:11:29.0377 8480 ============================================================
10:11:58.0108 8480 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:11:58.0157 8480 ============================================================
10:11:58.0157 8480 \Device\Harddisk0\DR0:
10:11:58.0195 8480 MBR partitions:
10:11:58.0640 8480 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x238C5800
10:11:58.0640 8480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x238C6000, BlocksNum 0x1B67000
10:11:58.0640 8480 ============================================================
10:11:58.0877 8480 C: <-> \Device\Harddisk0\DR0\Partition0
10:11:59.0317 8480 D: <-> \Device\Harddisk0\DR0\Partition1
10:11:59.0317 8480 ============================================================
10:11:59.0317 8480 Initialize success
10:11:59.0317 8480 ============================================================
10:12:41.0983 9128 ============================================================
10:12:41.0983 9128 Scan started
10:12:41.0983 9128 Mode: Manual; TDLFS;
10:12:41.0983 9128 ============================================================
10:12:48.0365 9128 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
10:12:48.0498 9128 Accelerometer - ok
10:12:49.0209 9128 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
10:12:49.0261 9128 ACPI - ok
10:12:50.0930 9128 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:12:50.0932 9128 AdobeARMservice - ok
10:12:53.0965 9128 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:12:53.0968 9128 AdobeFlashPlayerUpdateSvc - ok
10:12:56.0060 9128 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
10:12:56.0215 9128 adp94xx - ok
10:12:57.0351 9128 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
10:12:57.0567 9128 adpahci - ok
10:12:57.0725 9128 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
10:12:57.0728 9128 adpu160m - ok
10:12:59.0059 9128 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
10:12:59.0132 9128 adpu320 - ok
10:12:59.0359 9128 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
10:12:59.0363 9128 AeLookupSvc - ok
10:13:00.0867 9128 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
10:13:01.0168 9128 AFD - ok
10:13:01.0794 9128 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
10:13:01.0796 9128 AgereModemAudio - ok
10:13:05.0347 9128 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\Windows\system32\DRIVERS\agrsm64.sys
10:13:06.0315 9128 AgereSoftModem - ok
10:13:06.0695 9128 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
10:13:06.0747 9128 agp440 - ok
10:13:07.0150 9128 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
10:13:07.0154 9128 aic78xx - ok
10:13:18.0042 9128 Akamai (c775d704feb2b600a5bf7b0b088546af) c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll
10:13:18.0043 9128 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
10:13:18.0053 9128 Akamai ( HiddenFile.Multi.Generic ) - warning
10:13:18.0053 9128 Akamai - detected HiddenFile.Multi.Generic (1)
10:13:21.0575 9128 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
10:13:21.0749 9128 ALG - ok
10:13:22.0639 9128 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
10:13:22.0759 9128 aliide - ok
10:13:22.0991 9128 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
10:13:23.0069 9128 amdide - ok
10:13:23.0497 9128 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
10:13:23.0519 9128 AmdK8 - ok
10:13:25.0708 9128 ApfiltrService (69d882157e5e4d17d32e30182f945046) C:\Windows\system32\DRIVERS\Apfiltr.sys
10:13:26.0216 9128 ApfiltrService - ok
10:13:26.0835 9128 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
10:13:26.0893 9128 Appinfo - ok
10:13:28.0035 9128 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:13:28.0038 9128 Apple Mobile Device - ok
10:13:28.0606 9128 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
10:13:28.0608 9128 arc - ok
10:13:28.0984 9128 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
10:13:29.0023 9128 arcsas - ok
10:13:29.0371 9128 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
10:13:29.0461 9128 AsyncMac - ok
10:13:29.0903 9128 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
10:13:29.0904 9128 atapi - ok
10:13:31.0937 9128 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
10:13:32.0069 9128 AudioEndpointBuilder - ok
10:13:32.0082 9128 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
10:13:32.0087 9128 AudioSrv - ok
10:13:46.0055 9128 BCM43XX (6c95dd14cfd30b0617b91dc6a0b1a1fb) C:\Windows\system32\DRIVERS\bcmwl664.sys
10:13:51.0065 9128 BCM43XX - ok
10:13:57.0413 9128 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
10:13:57.0705 9128 BITS - ok
10:13:58.0287 9128 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
10:13:58.0346 9128 blbdrive - ok
10:13:59.0851 9128 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:13:59.0856 9128 Bonjour Service - ok
10:14:00.0185 9128 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
10:14:00.0229 9128 bowser - ok
10:14:00.0342 9128 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
10:14:00.0408 9128 BrFiltLo - ok
10:14:00.0504 9128 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
10:14:00.0621 9128 BrFiltUp - ok
10:14:01.0321 9128 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
10:14:01.0436 9128 Browser - ok
10:14:02.0291 9128 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
10:14:02.0454 9128 Brserid - ok
10:14:02.0815 9128 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
10:14:02.0895 9128 BrSerWdm - ok
10:14:03.0009 9128 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
10:14:03.0061 9128 BrUsbMdm - ok
10:14:03.0144 9128 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
10:14:03.0222 9128 BrUsbSer - ok
10:14:03.0510 9128 BthEnum (471ff09330a53177bbe9fd6ddf8a8259) C:\Windows\system32\DRIVERS\BthEnum.sys
10:14:03.0663 9128 BthEnum - ok
10:14:03.0968 9128 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
10:14:04.0010 9128 BTHMODEM - ok
10:14:04.0631 9128 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
10:14:04.0866 9128 BthPan - ok
10:14:08.0281 9128 BTHPORT (7d104f22c04a76f0d2f96f789ac07fcb) C:\Windows\system32\Drivers\BTHport.sys
10:14:08.0792 9128 BTHPORT - ok
10:14:09.0059 9128 BthServ (22e65ffd640f16968f855f5b3528d366) C:\Windows\System32\bthserv.dll
10:14:09.0100 9128 BthServ - ok
10:14:09.0266 9128 BTHUSB (d9324f0c142267961ce900bfc3798bb1) C:\Windows\system32\Drivers\BTHUSB.sys
10:14:09.0387 9128 BTHUSB - ok
10:14:11.0123 9128 CAAMSvc (51e0078586bf3ac6813cedacfb220fef) C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\caamsvc.exe
10:14:11.0127 9128 CAAMSvc - ok
10:14:12.0274 9128 CaCCProvSP (b3b8e9ae50343daaf7d4dd9953601e98) C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
10:14:12.0279 9128 CaCCProvSP - ok
10:14:13.0163 9128 CAISafe (e0f7e8b3ec79db2a191b42fcc06f17e6) C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
10:14:13.0167 9128 CAISafe - ok
10:14:14.0074 9128 ccSchedulerSVC (ed1cf50c7c3b1f81e62bf09b420fe5e7) C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
10:14:14.0078 9128 ccSchedulerSVC - ok
10:14:14.0339 9128 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
10:14:14.0341 9128 cdfs - ok
10:14:14.0739 9128 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
10:14:14.0810 9128 cdrom - ok
10:14:15.0096 9128 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
10:14:15.0143 9128 CertPropSvc - ok
10:14:15.0311 9128 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
10:14:15.0414 9128 circlass - ok
10:14:17.0222 9128 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
10:14:17.0234 9128 CLFS - ok
10:14:17.0603 9128 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:14:17.0789 9128 clr_optimization_v2.0.50727_32 - ok
10:14:18.0286 9128 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:14:18.0289 9128 clr_optimization_v2.0.50727_64 - ok
10:14:19.0437 9128 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:14:20.0042 9128 clr_optimization_v4.0.30319_32 - ok
10:14:20.0409 9128 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:14:20.0765 9128 clr_optimization_v4.0.30319_64 - ok
10:14:21.0215 9128 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
10:14:21.0255 9128 CmBatt - ok
10:14:21.0404 9128 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
10:14:21.0433 9128 cmdide - ok
10:14:23.0018 9128 Com4QLBEx (c7a0e61d5714ac20de52d4f66ec773b8) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
10:14:23.0171 9128 Com4QLBEx - ok
10:14:23.0342 9128 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
10:14:23.0403 9128 Compbatt - ok
10:14:23.0408 9128 COMSysApp - ok
10:14:24.0891 9128 cpuz132 - ok
10:14:25.0333 9128 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
10:14:25.0335 9128 crcdisk - ok
10:14:26.0468 9128 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
10:14:26.0575 9128 CryptSvc - ok
10:14:28.0201 9128 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
10:14:28.0264 9128 DcomLaunch - ok
10:14:28.0452 9128 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
10:14:28.0512 9128 DfsC - ok
10:14:29.0111 9128 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
10:14:29.0445 9128 DFSR - ok
10:14:29.0940 9128 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
10:14:29.0968 9128 Dhcp - ok
10:14:30.0326 9128 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
10:14:30.0329 9128 disk - ok
10:14:30.0486 9128 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
10:14:30.0532 9128 Dnscache - ok
10:14:30.0623 9128 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
10:14:30.0637 9128 dot3svc - ok
10:14:30.0743 9128 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
10:14:30.0766 9128 DPS - ok
10:14:30.0891 9128 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
10:14:30.0905 9128 drmkaud - ok
10:14:31.0409 9128 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
10:14:31.0488 9128 DXGKrnl - ok
10:14:31.0580 9128 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
10:14:31.0598 9128 E1G60 - ok
10:14:31.0684 9128 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
10:14:31.0688 9128 EapHost - ok
10:14:31.0740 9128 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
10:14:31.0796 9128 Ecache - ok
10:14:31.0935 9128 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
10:14:31.0943 9128 ehRecvr - ok
10:14:32.0084 9128 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
10:14:32.0116 9128 ehSched - ok
10:14:32.0168 9128 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
10:14:32.0169 9128 ehstart - ok
10:14:32.0261 9128 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
10:14:32.0302 9128 elxstor - ok
10:14:32.0551 9128 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
10:14:32.0559 9128 EMDMgmt - ok
10:14:32.0629 9128 enecir (cd0c80e5e9a9bf8dd145f43713d77993) C:\Windows\system32\DRIVERS\enecir.sys
10:14:32.0691 9128 enecir - ok
10:14:32.0733 9128 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
10:14:32.0745 9128 ErrDev - ok
10:14:32.0829 9128 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
10:14:32.0852 9128 EventSystem - ok
10:14:32.0949 9128 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
10:14:32.0977 9128 exfat - ok
10:14:33.0173 9128 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
10:14:33.0223 9128 fastfat - ok
10:14:33.0316 9128 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
10:14:33.0329 9128 fdc - ok
10:14:33.0438 9128 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
10:14:33.0440 9128 fdPHost - ok
10:14:33.0485 9128 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
10:14:33.0488 9128 FDResPub - ok
10:14:33.0531 9128 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
10:14:33.0533 9128 FileInfo - ok
10:14:33.0578 9128 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
10:14:33.0594 9128 Filetrace - ok
10:14:33.0633 9128 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:14:33.0680 9128 flpydisk - ok
10:14:33.0748 9128 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
10:14:33.0820 9128 FltMgr - ok
10:14:33.0900 9128 fofegqot - ok
10:14:34.0395 9128 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
10:14:34.0471 9128 FontCache - ok
10:14:34.0545 9128 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:14:34.0547 9128 FontCache3.0.0.0 - ok
10:14:34.0738 9128 FreemakeUtilsService (b606b9db6f2039913015b7153e35d815) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
10:14:34.0740 9128 FreemakeUtilsService - ok
10:14:34.0812 9128 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
10:14:34.0826 9128 fssfltr - ok
10:14:42.0860 9128 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:14:43.0975 9128 fsssvc - ok
10:14:47.0599 9128 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
10:14:47.0692 9128 Fs_Rec - ok
10:14:48.0020 9128 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
10:14:48.0082 9128 gagp30kx - ok
10:14:49.0908 9128 GameConsoleService (2e7e49077c7bbeb2947bd6d03c8454b5) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:14:49.0908 9128 GameConsoleService - ok
10:14:50.0251 9128 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:14:50.0313 9128 GEARAspiWDM - ok
10:14:53.0371 9128 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
10:14:53.0542 9128 gpsvc - ok
10:14:55.0383 9128 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
10:14:55.0617 9128 HdAudAddService - ok
10:15:00.0236 9128 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:15:00.0641 9128 HDAudBus - ok
10:15:00.0797 9128 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
10:15:00.0860 9128 HidBth - ok
10:15:01.0063 9128 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
10:15:01.0125 9128 HidIr - ok
10:15:01.0375 9128 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
10:15:01.0406 9128 hidserv - ok
10:15:01.0624 9128 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
10:15:01.0624 9128 HidUsb - ok
10:15:02.0201 9128 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
10:15:02.0279 9128 hkmsvc - ok
10:15:04.0183 9128 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
10:15:04.0245 9128 HP Health Check Service - ok
10:15:04.0541 9128 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
10:15:04.0588 9128 HpCISSs - ok
10:15:05.0243 9128 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
10:15:05.0243 9128 hpdskflt - ok
10:15:05.0618 9128 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
10:15:05.0680 9128 HpqKbFiltr - ok
10:15:07.0209 9128 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:15:07.0256 9128 hpqwmiex - ok
10:15:07.0443 9128 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
10:15:07.0459 9128 hpsrv - ok
10:15:09.0299 9128 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
10:15:09.0565 9128 HTTP - ok
10:15:09.0814 9128 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
10:15:09.0877 9128 i2omp - ok
10:15:10.0267 9128 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
10:15:10.0345 9128 i8042prt - ok
10:15:11.0811 9128 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
10:15:11.0920 9128 iaStorV - ok
10:15:12.0279 9128 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\Windows\system32\Drivers\ICDUSB3.sys
10:15:12.0341 9128 ICDUSB3 - ok
10:15:13.0231 9128 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:15:13.0277 9128 IDriverT - ok
10:15:16.0929 9128 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:15:17.0532 9128 idsvc - ok
10:15:43.0394 9128 igfx (7b0a679638e9380c0d8d42c7d43f8169) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:15:48.0339 9128 igfx - ok
10:15:50.0865 9128 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
10:15:50.0929 9128 iirsp - ok
10:15:52.0233 9128 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
10:15:52.0436 9128 IKEEXT - ok
10:15:53.0272 9128 IntcHdmiAddService (c7c9720a5b0fd2b974fc4f72e405204b) C:\Windows\system32\drivers\IntcHdmi.sys
10:15:53.0325 9128 IntcHdmiAddService - ok
10:15:53.0614 9128 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
10:15:53.0681 9128 intelide - ok
10:15:53.0872 9128 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
10:15:53.0874 9128 intelppm - ok
10:15:54.0327 9128 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
10:15:54.0374 9128 IPBusEnum - ok
10:15:54.0565 9128 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:15:54.0569 9128 IpFilterDriver - ok
10:15:54.0579 9128 IpInIp - ok
10:15:54.0895 9128 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
10:15:55.0028 9128 IPMIDRV - ok
10:15:55.0060 9128 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
10:15:55.0182 9128 IPNAT - ok
10:15:57.0714 9128 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
10:15:58.0546 9128 iPod Service - ok
10:15:58.0833 9128 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
10:15:58.0904 9128 IRENUM - ok
10:15:59.0131 9128 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
10:15:59.0185 9128 isapnp - ok
10:16:00.0180 9128 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
10:16:00.0460 9128 iScsiPrt - ok
10:16:00.0632 9128 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
10:16:00.0679 9128 iteatapi - ok
10:16:00.0975 9128 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
10:16:00.0975 9128 iteraid - ok
10:16:02.0005 9128 JMCR (00495b8f39c7c1a9179e40c3bf2475df) C:\Windows\system32\DRIVERS\jmcr.sys
10:16:02.0301 9128 JMCR - ok
10:16:02.0457 9128 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
10:16:02.0504 9128 kbdclass - ok
10:16:02.0722 9128 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
10:16:02.0769 9128 kbdhid - ok
10:16:02.0925 9128 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
10:16:02.0988 9128 KeyIso - ok
10:16:03.0440 9128 KmxAgent (7594e8799fa212576c93bfdf54583452) C:\Windows\system32\DRIVERS\kmxagent.sys
10:16:03.0502 9128 KmxAgent - ok
10:16:04.0095 9128 KmxAMRT (e5bb08fcf05ef7333be3b5b35295c4c0) C:\Windows\system32\DRIVERS\KmxAMRT.sys
10:16:04.0189 9128 KmxAMRT - ok
10:16:05.0031 9128 KmxCF (54721e47b8350770332128fcffc7a460) C:\Windows\system32\DRIVERS\KmxCF.sys
10:16:05.0125 9128 KmxCF - ok
10:16:06.0700 9128 KmxCfg (174a70fd5367388f6f378cbc6dd723ee) C:\Windows\system32\DRIVERS\kmxcfg.sys
10:16:06.0856 9128 KmxCfg - ok
10:16:07.0434 9128 KmxFile (dc77781ab8cf3043da60187a1511fef6) C:\Windows\system32\DRIVERS\KmxFile.sys
10:16:07.0496 9128 KmxFile - ok
10:16:07.0870 9128 KmxFilter (87da5afc8950ec34d0cddf3438370727) C:\Windows\system32\DRIVERS\KmxFilter.sys
10:16:07.0948 9128 KmxFilter - ok
10:16:08.0479 9128 KmxFw (15260d1b5bb6ba8e5079e758fce88207) C:\Windows\system32\DRIVERS\kmxfw.sys
10:16:08.0541 9128 KmxFw - ok
10:16:08.0760 9128 KmxSbx (9ea56ddeeb080727ff448a0c6e37de08) C:\Windows\system32\DRIVERS\KmxSbx.sys
10:16:08.0760 9128 KmxSbx - ok
10:16:11.0037 9128 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
10:16:11.0302 9128 KSecDD - ok
10:16:11.0552 9128 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
10:16:11.0614 9128 ksthunk - ok
10:16:12.0769 9128 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
10:16:12.0831 9128 KtmRm - ok
10:16:12.0847 9128 kuufyfud - ok
10:16:13.0658 9128 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
10:16:13.0705 9128 LanmanServer - ok
10:16:14.0376 9128 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
10:16:14.0422 9128 LanmanWorkstation - ok
10:16:15.0421 9128 LightScribeService (ac2e68e3421af857b8d438414e7ae31c) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:16:15.0421 9128 LightScribeService - ok
10:16:15.0702 9128 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
10:16:15.0733 9128 lltdio - ok
10:16:16.0591 9128 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
10:16:16.0778 9128 lltdsvc - ok
10:16:16.0887 9128 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
10:16:16.0934 9128 lmhosts - ok
10:16:17.0480 9128 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
10:16:17.0542 9128 LSI_FC - ok
10:16:17.0979 9128 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
10:16:18.0135 9128 LSI_SAS - ok
10:16:18.0712 9128 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
10:16:18.0759 9128 LSI_SCSI - ok
10:16:19.0227 9128 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
10:16:19.0290 9128 luafv - ok
10:16:19.0383 9128 lxct_device - ok
10:16:19.0711 9128 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
10:16:19.0711 9128 MBAMProtector - ok
10:16:21.0786 9128 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:16:21.0801 9128 MBAMService - ok
10:16:21.0817 9128 mbngfrcg - ok
10:16:21.0817 9128 MCSTRM - ok
10:16:22.0300 9128 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
10:16:22.0363 9128 Mcx2Svc - ok
10:16:22.0784 9128 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
10:16:22.0784 9128 megasas - ok
10:16:23.0845 9128 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
10:16:23.0970 9128 MegaSR - ok
10:16:25.0358 9128 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:16:25.0514 9128 Microsoft Office Groove Audit Service - ok
10:16:25.0920 9128 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
10:16:26.0013 9128 MMCSS - ok
10:16:26.0278 9128 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
10:16:26.0341 9128 Modem - ok
10:16:26.0762 9128 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
10:16:26.0809 9128 monitor - ok
10:16:27.0043 9128 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
10:16:27.0121 9128 mouclass - ok
10:16:27.0355 9128 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
10:16:27.0464 9128 mouhid - ok
10:16:27.0682 9128 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
10:16:27.0729 9128 MountMgr - ok
10:16:28.0416 9128 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
10:16:28.0431 9128 mpio - ok
10:16:28.0759 9128 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
10:16:28.0821 9128 mpsdrv - ok
10:16:29.0024 9128 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
10:16:29.0086 9128 Mraid35x - ok
10:16:29.0742 9128 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
10:16:29.0757 9128 MRxDAV - ok
10:16:30.0476 9128 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:16:30.0538 9128 mrxsmb - ok
10:16:32.0162 9128 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:16:32.0364 9128 mrxsmb10 - ok
10:16:32.0879 9128 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:16:32.0957 9128 mrxsmb20 - ok
10:16:33.0363 9128 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
10:16:33.0363 9128 msahci - ok
10:16:33.0768 9128 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
10:16:33.0815 9128 msdsm - ok
10:16:34.0143 9128 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
10:16:34.0158 9128 MSDTC - ok
10:16:34.0392 9128 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
10:16:34.0455 9128 Msfs - ok
10:16:34.0814 9128 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
10:16:34.0829 9128 msisadrv - ok
10:16:35.0406 9128 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
10:16:35.0453 9128 MSiSCSI - ok
10:16:35.0453 9128 msiserver - ok
10:16:35.0609 9128 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
10:16:35.0625 9128 MSKSSRV - ok
10:16:35.0718 9128 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
10:16:35.0765 9128 MSPCLOCK - ok
10:16:35.0921 9128 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
10:16:35.0921 9128 MSPQM - ok
10:16:37.0029 9128 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
10:16:37.0107 9128 MsRPC - ok
10:16:37.0247 9128 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
10:16:37.0247 9128 mssmbios - ok
10:16:37.0403 9128 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
10:16:37.0450 9128 MSTEE - ok
10:16:37.0731 9128 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
10:16:37.0746 9128 Mup - ok
10:16:38.0714 9128 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
10:16:38.0807 9128 napagent - ok
10:16:39.0338 9128 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
10:16:39.0431 9128 NativeWifiP - ok
10:16:39.0759 9128 NAVENG - ok
10:16:39.0774 9128 NAVEX15 - ok
10:16:42.0099 9128 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
10:16:42.0239 9128 NDIS - ok
10:16:42.0598 9128 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
10:16:42.0785 9128 NdisTapi - ok
10:16:42.0988 9128 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
10:16:43.0019 9128 Ndisuio - ok
10:16:43.0674 9128 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
10:16:43.0908 9128 NdisWan - ok
10:16:44.0127 9128 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
10:16:44.0174 9128 NDProxy - ok
10:16:44.0517 9128 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
10:16:44.0564 9128 NetBIOS - ok
10:16:45.0671 9128 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
10:16:45.0921 9128 netbt - ok
10:16:46.0108 9128 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
10:16:46.0108 9128 Netlogon - ok
10:16:47.0590 9128 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
10:16:47.0684 9128 Netman - ok
10:16:48.0401 9128 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
10:16:48.0588 9128 netprofm - ok
10:16:49.0244 9128 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:16:49.0244 9128 NetTcpPortSharing - ok
10:16:58.0203 9128 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
10:17:00.0112 9128 NETw3v64 - ok
10:17:02.0427 9128 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
10:17:02.0471 9128 nfrd960 - ok
10:17:03.0283 9128 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
10:17:03.0326 9128 NlaSvc - ok
10:17:03.0617 9128 Norton Internet Security - ok
10:17:03.0966 9128 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
10:17:04.0099 9128 Npfs - ok
10:17:04.0293 9128 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
10:17:04.0336 9128 nsi - ok
10:17:04.0527 9128 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
10:17:04.0616 9128 nsiproxy - ok
10:17:08.0293 9128 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
10:17:08.0678 9128 Ntfs - ok
10:17:10.0991 9128 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
10:17:10.0993 9128 NuidFltr - ok
10:17:11.0178 9128 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
10:17:11.0241 9128 Null - ok
10:17:11.0627 9128 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
10:17:11.0671 9128 nvraid - ok
10:17:11.0994 9128 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
10:17:12.0047 9128 nvstor - ok
10:17:12.0376 9128 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
10:17:12.0453 9128 nv_agp - ok
10:17:12.0464 9128 NwlnkFlt - ok
10:17:12.0484 9128 NwlnkFwd - ok
10:17:14.0817 9128 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:17:14.0822 9128 odserv - ok
10:17:15.0410 9128 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
10:17:15.0555 9128 ohci1394 - ok
10:17:16.0250 9128 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:17:16.0316 9128 ose - ok
10:17:19.0743 9128 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:17:20.0149 9128 p2pimsvc - ok
10:17:20.0164 9128 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:17:20.0180 9128 p2psvc - ok
10:17:20.0757 9128 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
10:17:20.0835 9128 Parport - ok
10:17:21.0368 9128 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
10:17:21.0448 9128 partmgr - ok
10:17:22.0138 9128 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
10:17:22.0208 9128 PcaSvc - ok
10:17:23.0365 9128 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
10:17:23.0396 9128 pci - ok
10:17:23.0646 9128 pciide (15e5c3f89a3452efbda3b39816dbc4ee) C:\Windows\system32\drivers\pciide.sys
10:17:23.0692 9128 pciide - ok
10:17:24.0458 9128 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
10:17:24.0678 9128 pcmcia - ok
10:17:25.0430 9128 Pcouffin64 (a7a134de374e91d931ba211556293b1b) C:\Windows\system32\Drivers\pcouffin64a.sys
10:17:25.0511 9128 Pcouffin64 - ok
10:17:28.0062 9128 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
10:17:28.0361 9128 PEAUTH - ok
10:17:30.0461 9128 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
10:17:30.0523 9128 PerfHost - ok
10:17:36.0347 9128 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
10:17:37.0485 9128 pla - ok
10:17:38.0133 9128 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
10:17:38.0143 9128 PlugPlay - ok
10:17:38.0952 9128 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:17:38.0964 9128 PNRPAutoReg - ok
10:17:38.0982 9128 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:17:38.0993 9128 PNRPsvc - ok
10:17:39.0228 9128 Point64 (a6d06378f37bdba0c0019294c2aabbd0) C:\Windows\system32\DRIVERS\point64k.sys
10:17:39.0230 9128 Point64 - ok
10:17:39.0386 9128 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
10:17:39.0412 9128 PolicyAgent - ok
10:17:39.0493 9128 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
10:17:39.0495 9128 PptpMiniport - ok
10:17:39.0555 9128 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
10:17:39.0573 9128 Processor - ok
10:17:39.0647 9128 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
10:17:39.0687 9128 ProfSvc - ok
10:17:39.0748 9128 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
10:17:39.0752 9128 ProtectedStorage - ok
10:17:39.0832 9128 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
10:17:39.0834 9128 PSched - ok
10:17:39.0939 9128 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
10:17:39.0942 9128 PxHlpa64 - ok
10:17:40.0191 9128 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
10:17:40.0278 9128 ql2300 - ok
10:17:40.0495 9128 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
10:17:40.0520 9128 ql40xx - ok
10:17:40.0598 9128 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
10:17:40.0671 9128 QWAVE - ok
10:17:40.0848 9128 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
10:17:40.0851 9128 QWAVEdrv - ok
10:17:40.0938 9128 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
10:17:40.0953 9128 RasAcd - ok
10:17:41.0627 9128 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
10:17:41.0632 9128 RasAuto - ok
10:17:41.0686 9128 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:17:41.0720 9128 Rasl2tp - ok
10:17:41.0797 9128 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
10:17:41.0845 9128 RasMan - ok
10:17:41.0938 9128 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
10:17:41.0954 9128 RasPppoe - ok
10:17:42.0049 9128 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
10:17:42.0077 9128 RasSstp - ok
10:17:42.0183 9128 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
10:17:42.0190 9128 rdbss - ok
10:17:42.0278 9128 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:17:42.0292 9128 RDPCDD - ok
10:17:42.0350 9128 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
10:17:42.0373 9128 rdpdr - ok
10:17:42.0428 9128 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
10:17:42.0430 9128 RDPENCDD - ok
10:17:42.0826 9128 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
10:17:43.0363 9128 RDPWD - ok
10:17:43.0932 9128 Recovery Service for Windows (bc0a4d47472b042537f4e57b950415fa) C:\Program Files (x86)\SMINST\BLService.exe
10:17:43.0936 9128 Recovery Service for Windows - ok
10:17:43.0974 9128 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
10:17:44.0024 9128 RemoteAccess - ok
10:17:44.0153 9128 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
10:17:44.0195 9128 RemoteRegistry - ok
10:17:44.0294 9128 RFCOMM (72c35598ba591abddc37fce7d26fe1c4) C:\Windows\system32\DRIVERS\rfcomm.sys
10:17:44.0316 9128 RFCOMM - ok
10:17:44.0490 9128 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:17:44.0494 9128 RichVideo - ok
10:17:44.0554 9128 RimUsb - ok
10:17:44.0639 9128 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
10:17:44.0654 9128 RimVSerPort - ok
10:17:44.0683 9128 ROOTMODEM (6a0cf73b019cbc9255e23c9192ec3702) C:\Windows\system32\Drivers\RootMdm.sys
10:17:44.0696 9128 ROOTMODEM - ok
10:17:44.0841 9128 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
10:17:44.0843 9128 RpcLocator - ok
10:17:45.0101 9128 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
10:17:45.0111 9128 RpcSs - ok
10:17:45.0243 9128 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
10:17:45.0292 9128 rspndr - ok
10:17:45.0607 9128 RTL8169 (b263b3aebcde2210d1cc25756601b8ea) C:\Windows\system32\DRIVERS\Rtlh64.sys
10:17:45.0646 9128 RTL8169 - ok
10:17:45.0720 9128 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
10:17:45.0743 9128 SamSs - ok
10:17:45.0840 9128 SASKUTIL - ok
10:17:46.0033 9128 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
10:17:46.0037 9128 sbp2port - ok
10:17:46.0466 9128 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
10:17:46.0500 9128 SCardSvr - ok
10:17:47.0211 9128 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
10:17:47.0304 9128 Schedule - ok
10:17:47.0469 9128 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
10:17:47.0471 9128 SCPolicySvc - ok
10:17:47.0591 9128 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
10:17:47.0649 9128 sdbus - ok
10:17:47.0923 9128 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
10:17:47.0986 9128 SDRSVC - ok
10:17:48.0119 9128 SecDrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\SECDRV.SYS
10:17:48.0123 9128 SecDrv - ok
10:17:48.0194 9128 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
10:17:48.0199 9128 seclogon - ok
10:17:48.0322 9128 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
10:17:48.0405 9128 SENS - ok
10:17:48.0500 9128 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
10:17:48.0517 9128 Serenum - ok
10:17:48.0597 9128 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
10:17:48.0662 9128 Serial - ok
10:17:48.0689 9128 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
10:17:48.0703 9128 sermouse - ok
10:17:48.0993 9128 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
10:17:48.0999 9128 SessionEnv - ok
10:17:49.0033 9128 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
10:17:49.0058 9128 sffdisk - ok
10:17:49.0080 9128 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
10:17:49.0134 9128 sffp_mmc - ok
10:17:49.0213 9128 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
10:17:49.0226 9128 sffp_sd - ok
10:17:49.0271 9128 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
10:17:49.0286 9128 sfloppy - ok
10:17:49.0515 9128 ShellHWDetection (21d8f71e022f52bb2e94bd3947bfe7ab) C:\Windows\System32\shsvcs.dll
10:17:49.0526 9128 ShellHWDetection - ok
10:17:49.0576 9128 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
10:17:49.0579 9128 SiSRaid2 - ok
10:17:49.0610 9128 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
10:17:49.0639 9128 SiSRaid4 - ok
10:17:50.0150 9128 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
10:17:50.0407 9128 slsvc - ok
10:17:50.0584 9128 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
10:17:50.0613 9128 SLUINotify - ok
10:17:50.0725 9128 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
10:17:50.0784 9128 Smb - ok
10:17:50.0960 9128 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
10:17:50.0964 9128 SNMPTRAP - ok
10:17:51.0223 9128 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
10:17:51.0225 9128 spldr - ok
10:17:51.0277 9128 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
10:17:51.0296 9128 Spooler - ok
10:17:51.0303 9128 SRTSP - ok
10:17:51.0316 9128 SRTSPX - ok
10:17:51.0477 9128 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
10:17:51.0488 9128 srv - ok
10:17:51.0606 9128 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
10:17:51.0714 9128 srv2 - ok
10:17:51.0778 9128 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
10:17:51.0798 9128 srvnet - ok
10:17:51.0902 9128 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
10:17:51.0926 9128 SSDPSRV - ok
10:17:52.0151 9128 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
10:17:52.0186 9128 SstpSvc - ok
10:17:54.0040 9128 STacSV (72eb6157e892a674e47e08732bb5cce3) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe
10:17:54.0303 9128 STacSV - ok
10:17:56.0190 9128 STHDA (0c7bda7e9a329a071c080eb5210fe019) C:\Windows\system32\DRIVERS\stwrt64.sys
10:17:56.0589 9128 STHDA - ok
10:17:57.0197 9128 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
10:17:57.0264 9128 stisvc - ok
10:17:57.0306 9128 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
10:17:57.0307 9128 swenum - ok
10:17:57.0626 9128 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
10:17:57.0747 9128 swprv - ok
10:17:57.0809 9128 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
10:17:57.0812 9128 Symc8xx - ok
10:17:57.0889 9128 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
10:17:57.0894 9128 Sym_hi - ok
10:17:58.0124 9128 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
10:17:58.0127 9128 Sym_u3 - ok
10:17:58.0728 9128 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
10:17:58.0788 9128 SysMain - ok
10:17:59.0021 9128 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
10:17:59.0115 9128 TabletInputService - ok
10:17:59.0422 9128 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
10:17:59.0458 9128 TapiSrv - ok
10:17:59.0693 9128 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
10:17:59.0698 9128 TBS - ok
10:18:00.0537 9128 Tcpip (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\drivers\tcpip.sys
10:18:00.0607 9128 Tcpip - ok
10:18:00.0647 9128 Tcpip6 (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\DRIVERS\tcpip.sys
10:18:00.0667 9128 Tcpip6 - ok
10:18:00.0717 9128 tcpipreg (fd8fde859e38e40a20085ebb0c22b416) C:\Windows\system32\drivers\tcpipreg.sys
10:18:00.0727 9128 tcpipreg - ok
10:18:00.0917 9128 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
10:18:00.0947 9128 TDPIPE - ok
10:18:00.0987 9128 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
10:18:00.0997 9128 TDTCP - ok
10:18:01.0077 9128 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
10:18:01.0127 9128 tdx - ok
10:18:01.0337 9128 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
10:18:01.0347 9128 TermDD - ok
10:18:01.0567 9128 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
10:18:01.0677 9128 TermService - ok
10:18:01.0737 9128 Themes (21d8f71e022f52bb2e94bd3947bfe7ab) C:\Windows\system32\shsvcs.dll
10:18:01.0747 9128 Themes - ok
10:18:01.0877 9128 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
10:18:01.0877 9128 THREADORDER - ok
10:18:01.0957 9128 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
10:18:02.0127 9128 TrkWks - ok
10:18:02.0197 9128 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
10:18:02.0197 9128 TrustedInstaller - ok
10:18:02.0237 9128 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:18:02.0257 9128 tssecsrv - ok
10:18:02.0976 9128 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
10:18:02.0997 9128 tunmp - ok
10:18:03.0091 9128 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
10:18:03.0092 9128 tunnel - ok
10:18:04.0002 9128 TVCapSvc (4bc24ad1af866eb21c09d837a8a017e7) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
10:18:04.0006 9128 TVCapSvc - ok
10:18:04.0051 9128 TVSched (56196a4fd34a9985ab93531dcdc07dcb) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
10:18:04.0053 9128 TVSched - ok
10:18:04.0110 9128 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
10:18:04.0249 9128 uagp35 - ok
10:18:04.0370 9128 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
10:18:04.0565 9128 udfs - ok
10:18:04.0912 9128 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
10:18:04.0917 9128 UI0Detect - ok
10:18:05.0190 9128 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
10:18:05.0205 9128 uliagpkx - ok
10:18:05.0662 9128 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
10:18:05.0670 9128 uliahci - ok
10:18:05.0799 9128 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
10:18:06.0255 9128 UlSata - ok
10:18:06.0326 9128 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
10:18:06.0344 9128 ulsata2 - ok
10:18:06.0380 9128 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
10:18:06.0395 9128 umbus - ok
10:18:07.0566 9128 UmxEngine (af950f62e5fc72ffdb7363f72600b21c) C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe
10:18:07.0582 9128 UmxEngine - ok
10:18:08.0333 9128 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
10:18:08.0353 9128 upnphost - ok
10:18:08.0623 9128 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
10:18:08.0653 9128 USBAAPL64 - ok
10:18:08.0943 9128 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
10:18:08.0993 9128 usbaudio - ok
10:18:09.0023 9128 usbbus - ok
10:18:09.0827 9128 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
10:18:10.0039 9128 usbccgp - ok
10:18:10.0089 9128 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
10:18:10.0129 9128 usbcir - ok
10:18:10.0262 9128 UsbDiag - ok
10:18:12.0249 9128 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
10:18:12.0358 9128 usbehci - ok
10:18:12.0467 9128 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
10:18:12.0623 9128 usbhub - ok
10:18:12.0639 9128 USBModem - ok
10:18:12.0763 9128 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
10:18:12.0779 9128 usbohci - ok
10:18:12.0841 9128 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
10:18:12.0857 9128 usbprint - ok
10:18:12.0904 9128 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
10:18:12.0919 9128 usbscan - ok
10:18:12.0982 9128 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:18:13.0029 9128 USBSTOR - ok
10:18:13.0091 9128 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
10:18:13.0153 9128 usbuhci - ok
10:18:13.0200 9128 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
10:18:13.0231 9128 usbvideo - ok
10:18:13.0309 9128 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
10:18:13.0325 9128 UxSms - ok
10:18:13.0419 9128 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
10:18:13.0450 9128 vds - ok
10:18:13.0528 9128 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
10:18:13.0543 9128 vga - ok
10:18:13.0575 9128 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
10:18:13.0590 9128 VgaSave - ok
10:18:13.0637 9128 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
10:18:13.0637 9128 viaide - ok
10:18:13.0855 9128 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
10:18:13.0887 9128 Viewpoint Manager Service - ok
10:18:13.0933 9128 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
10:18:13.0933 9128 volmgr - ok
10:18:14.0043 9128 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
10:18:14.0058 9128 volmgrx - ok
10:18:14.0121 9128 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
10:18:14.0136 9128 volsnap - ok
10:18:14.0199 9128 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
10:18:14.0214 9128 vsmraid - ok
10:18:14.0557 9128 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
10:18:14.0651 9128 VSS - ok
10:18:14.0729 9128 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
10:18:14.0776 9128 W32Time - ok
10:18:14.0999 9128 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
10:18:15.0079 9128 WacomPen - ok
10:18:15.0169 9128 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
10:18:15.0299 9128 Wanarp - ok
10:18:15.0319 9128 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
10:18:15.0319 9128 Wanarpv6 - ok
10:18:15.0509 9128 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
10:18:15.0539 9128 wcncsvc - ok
10:18:15.0619 9128 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
10:18:15.0629 9128 WcsPlugInService - ok
10:18:15.0679 9128 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
10:18:15.0689 9128 Wd - ok
10:18:16.0119 9128 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:18:16.0229 9128 Wdf01000 - ok
10:18:16.0309 9128 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
10:18:16.0441 9128 WdiServiceHost - ok
10:18:16.0448 9128 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
10:18:16.0452 9128 WdiSystemHost - ok
10:18:16.0633 9128 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
10:18:16.0674 9128 WebClient - ok
10:18:16.0952 9128 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
10:18:16.0986 9128 Wecsvc - ok
10:18:17.0151 9128 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
10:18:17.0156 9128 wercplsupport - ok
10:18:17.0221 9128 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
10:18:17.0230 9128 WerSvc - ok
10:18:17.0247 9128 WinHttpAutoProxySvc - ok
10:18:17.0831 9128 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
10:18:17.0838 9128 Winmgmt - ok
10:18:18.0461 9128 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
10:18:18.0549 9128 WinRM - ok
10:18:18.0783 9128 WinSvchostManagerSrv (468570216ad689fd4af9db4b3d3027c9) C:\Windows\SysWOW64\cfgmig32.exe
10:18:18.0787 9128 WinSvchostManagerSrv - ok
10:18:20.0081 9128 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
10:18:20.0118 9128 Wlansvc - ok
10:18:20.0477 9128 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:18:20.0480 9128 wlcrasvc - ok
10:18:21.0292 9128 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:18:21.0336 9128 wlidsvc - ok
10:18:21.0786 9128 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:18:21.0787 9128 WmiAcpi - ok
10:18:21.0906 9128 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
10:18:21.0912 9128 wmiApSrv - ok
10:18:22.0054 9128 WMPNetworkSvc - ok
10:18:23.0876 9128 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
10:18:23.0907 9128 WPCSvc - ok
10:18:23.0969 9128 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
10:18:24.0089 9128 WPDBusEnum - ok
10:18:24.0177 9128 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
10:18:24.0216 9128 WpdUsb - ok
10:18:24.0665 9128 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:18:24.0755 9128 WPFFontCache_v0400 - ok
10:18:24.0819 9128 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
10:18:24.0840 9128 ws2ifsl - ok
10:18:24.0845 9128 WSearch - ok
10:18:25.0416 9128 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
10:18:25.0707 9128 wuauserv - ok
10:18:26.0544 9128 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:18:26.0688 9128 WUDFRd - ok
10:18:26.0749 9128 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
10:18:26.0755 9128 wudfsvc - ok
10:18:26.0872 9128 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
10:18:26.0939 9128 yukonx64 - ok
10:18:27.0004 9128 MBR (0x1B8) (5c86adec17b739c437e145e3b3fc2e6d) \Device\Harddisk0\DR0
10:18:27.0597 9128 \Device\Harddisk0\DR0 - ok
10:18:27.0641 9128 Boot (0x1200) (eb4b4c2dd969d6a2382182959a45c2df) \Device\Harddisk0\DR0\Partition0
10:18:27.0644 9128 \Device\Harddisk0\DR0\Partition0 - ok
10:18:27.0783 9128 Boot (0x1200) (05b4b744b406b86dad3a1afc8a19da22) \Device\Harddisk0\DR0\Partition1
10:18:27.0785 9128 \Device\Harddisk0\DR0\Partition1 - ok
10:18:27.0786 9128 ============================================================
10:18:27.0786 9128 Scan finished
10:18:27.0786 9128 ============================================================
10:18:27.0963 9120 Detected object count: 1
10:18:27.0963 9120 Actual detected object count: 1
10:19:05.0698 9120 c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll - copied to quarantine
10:19:05.0698 9120 Akamai ( HiddenFile.Multi.Generic ) - User select action: Quarantine






GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-12 11:22:22
Windows 6.0.6002 Service Pack 2
Running: n7b92zrx.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186cab1d2
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\002186cab1d2 (not active ControlSet)

---- Files - GMER 1.0.15 ----

File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\802WBP6L\logCAERN7LN.txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\802WBP6L\logCAUQPTF3.txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\802WBP6L\9b81880b7b91450e04446f2d7f3db2b5[1].jpg 26335 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISX7J52S\logCACF6FMA.txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISX7J52S\logCAUPOVK9.txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISX7J52S\log[1].png 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISX7J52S\me[1].flv 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISX7J52S\mGOlDrYv[1].png 2705 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISX7J52S\redirect[1].gif 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISX7J52S\iEpabEYa_512K_480x360[1].flv 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISX7J52S\CR0253_728x90[1].jpg 28906 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2A3F4V9\beacon[5].htm 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2A3F4V9\s[1].htm 413 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2A3F4V9\statsnew[1].xml 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2A3F4V9\statsnew[2].xml 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5DYN8C6\logCAEYR6LE.txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\TM1WR6D7.txt 106 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\TNPRV668.txt 582 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\KGI9C1FS.txt 667 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\60EG2MQ6.txt 468 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\EEG3CCAR.txt 594 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\Q3EI0G8J.txt 2866 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\AX1O6745.txt 0 bytes

---- EOF - GMER 1.0.15 ----




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-12 11:23:48
-----------------------------
11:23:48.403 OS Version: Windows x64 6.0.6002 Service Pack 2
11:23:48.403 Number of processors: 2 586 0x170A
11:23:48.404 ComputerName: CHRIS UserName: Owner
11:23:53.817 Initialize success
11:27:06.743 AVAST engine defs: 12061200
11:27:28.990 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:27:28.994 Disk 0 Vendor: WDC_WD3200BEVT-60ZCT1 13.01A13 Size: 305245MB BusType: 3
11:27:29.016 Disk 0 MBR read successfully
11:27:29.020 Disk 0 MBR scan
11:27:29.035 Disk 0 unknown MBR code
11:27:29.074 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 291211 MB offset 2048
11:27:29.138 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 14030 MB offset 596402176
11:27:29.199 Disk 0 scanning C:\Windows\system32\drivers
11:27:56.978 Service scanning
11:28:38.458 Modules scanning
11:28:38.468 Disk 0 trace - called modules:
11:28:38.525 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
11:28:38.532 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80062dc560]
11:28:38.541 3 CLASSPNP.SYS[fffffa6000a2ac33] -> nt!IofCallDriver -> [0xfffffa80061d7110]
11:28:38.549 5 hpdskflt.sys[fffffa6001bf6189] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004c69590]
11:28:40.598 AVAST engine scan C:\Windows
11:28:48.069 AVAST engine scan C:\Windows\system32
11:33:28.288 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
11:37:51.301 AVAST engine scan C:\Windows\system32\drivers
11:38:42.887 AVAST engine scan C:\Users\Owner
11:45:40.758 File: C:\Users\Owner\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\n **INFECTED** Win32:Sirefef-PL [Rtk]
11:55:41.010 AVAST engine scan C:\ProgramData
12:03:08.671 Scan finished successfully
12:04:41.767 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
12:04:41.786 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"


MiniToolBox by Farbar Version: 09-06-2012
Ran by Owner (administrator) on 12-06-2012 at 12:08:20
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Home (Connected)
Broadcom 802.11b/g WLAN = Wireless Network Connection (Media disconnected)
The following helper DLL cannot be loaded: IFMON.DLL.
The following command was not found: int ip dump.

Windows IP Configuration

Host Name . . . . . . . . . . . . : Chris
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-21-00-E6-E9-5D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Home:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-23-5A-A3-F1-4C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::393b:6834:e8be:f911%10(Preferred)
IPv4 Address. . . . . . . . . . . : 69.127.218.23(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Lease Obtained. . . . . . . . . . : Tuesday, June 12, 2012 9:54:47 AM
Lease Expires . . . . . . . . . . : Tuesday, June 12, 2012 4:24:45 PM
Default Gateway . . . . . . . . . : 69.127.208.1
DHCP Server . . . . . . . . . . . : 167.206.195.5
DHCPv6 IAID . . . . . . . . . . . : 167781210
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-AC-DF-10-00-21-00-E6-E9-5D
DNS Servers . . . . . . . . . . . : 167.206.245.129
167.206.245.130
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D95BBDBE-0930-4FDD-9DD2-1D31084F09AF}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #10
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #13
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #14
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 26:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 28:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #17
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 31:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection*:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 34:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{888B44F5-F1D0-4C11-84C4-28FA1FE65E77}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{888B44F5-F1D0-4C11-84C4-28FA1FE65E77}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 36:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.optimum
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes


Pinging google.com [173.194.43.8] with 32 bytes of data:

Reply from 173.194.43.8: bytes=32 time=13ms TTL=56

Reply from 173.194.43.8: bytes=32 time=19ms TTL=56



Ping statistics for 173.194.43.8:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 13ms, Maximum = 19ms, Average = 16ms



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=129ms TTL=51

Reply from 72.30.38.140: bytes=32 time=105ms TTL=50



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 105ms, Maximum = 129ms, Average = 117ms



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 21 00 e6 e9 5d ...... Broadcom 802.11b/g WLAN
10 ...00 23 5a a3 f1 4c ...... Realtek PCIe FE Family Controller
1 ........................... Software Loopback Interface 1
35 ...00 00 00 00 00 00 00 e0 isatap.{D95BBDBE-0930-4FDD-9DD2-1D31084F09AF}
12 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
36 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
14 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
15 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
16 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #5
17 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #6
20 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #9
22 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #10
24 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #13
25 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #14
29 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
28 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #17
31 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
37 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
33 ...00 00 00 00 00 00 00 e0 isatap.{888B44F5-F1D0-4C11-84C4-28FA1FE65E77}
38 ...00 00 00 00 00 00 00 e0 isatap.{888B44F5-F1D0-4C11-84C4-28FA1FE65E77}
34 ...00 00 00 00 00 00 00 e0 isatap.optimum
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 69.127.208.1 69.127.218.23 20
69.127.208.0 255.255.240.0 On-link 69.127.218.23 276
69.127.218.23 255.255.255.255 On-link 69.127.218.23 276
69.127.223.255 255.255.255.255 On-link 69.127.218.23 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 69.127.218.23 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 69.127.218.23 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::393b:6834:e8be:f911/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be %SystemRoot%\system32\NLAapi.dll

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\VetRedir.dll [95568] (Computer Associates International, Inc.)
Catalog9 10 C:\Windows\SysWOW64\VetRedir.dll [95568] (Computer Associates International, Inc.)
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\VetRedir.dll [95568] (Computer Associates International, Inc.)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [44032] (Microsoft Corporation)
x64-Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 07 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\VetRedir64.dll [103760] (Computer Associates International, Inc.)
x64-Catalog9 10 C:\Windows\System32\VetRedir64.dll [103760] (Computer Associates International, Inc.)
x64-Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog9 12 mswsock.dll [File Not found] ()
x64-Catalog9 13 mswsock.dll [File Not found] ()
x64-Catalog9 14 mswsock.dll [File Not found] ()
x64-Catalog9 15 mswsock.dll [File Not found] ()
x64-Catalog9 16 mswsock.dll [File Not found] ()
x64-Catalog9 17 mswsock.dll [File Not found] ()
x64-Catalog9 18 mswsock.dll [File Not found] ()
x64-Catalog9 19 mswsock.dll [File Not found] ()
x64-Catalog9 20 mswsock.dll [File Not found] ()
x64-Catalog9 21 mswsock.dll [File Not found] ()
x64-Catalog9 22 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 23 C:\Windows\System32\VetRedir64.dll [103760] (Computer Associates International, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/12/2012 00:10:20 PM) (Source: Application Error) (User: )
Description: Faulting application nslookup.exe, version 6.0.6002.18005, time stamp 0x49e01d63, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000138, fault offset 0x0006f52f,
process id 0x3c34, application start time 0xnslookup.exe0.

Error: (06/12/2012 00:10:14 PM) (Source: Application Error) (User: )
Description: Faulting application nslookup.exe, version 6.0.6002.18005, time stamp 0x49e01d63, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000138, fault offset 0x0006f52f,
process id 0x39f8, application start time 0xnslookup.exe0.

Error: (06/12/2012 00:09:29 PM) (Source: Application Error) (User: )
Description: Faulting application nslookup.exe, version 6.0.6002.18005, time stamp 0x49e01d63, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000138, fault offset 0x0006f52f,
process id 0x3868, application start time 0xnslookup.exe0.

Error: (06/12/2012 09:56:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2012 10:51:13 PM) (Source: Application Error) (User: )
Description: Faulting application ping.exe, version 6.0.6001.18000, time stamp 0x47919130, faulting module jscript9.dll_unloaded, version 0.0.0.0, time stamp 0x4f4c2b71, exception code 0xc0000005, fault offset 0x68f8c505,
process id 0x2274, application start time 0xping.exe0.

Error: (06/11/2012 10:49:17 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 2684
Start Time: 01cd4844e7b9f717
Termination Time: 46

Error: (06/11/2012 09:29:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2012 01:36:20 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1070
Start Time: 01cd47f7f63cfa50
Termination Time: 16

Error: (06/11/2012 01:16:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/10/2012 09:26:53 PM) (Source: Application Error) (User: )
Description: Faulting application ping.exe, version 6.0.6001.18000, time stamp 0x47919130, faulting module jscript9.dll_unloaded, version 0.0.0.0, time stamp 0x4f4c2b71, exception code 0xc0000005, fault offset 0x698ac505,
process id 0x8548, application start time 0xping.exe0.


System errors:
=============
Error: (06/12/2012 09:59:25 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&04E4) disappeared from the system without first being prepared for removal.

Error: (06/12/2012 09:59:25 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&03E4) disappeared from the system without first being prepared for removal.

Error: (06/12/2012 09:59:25 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&02E4) disappeared from the system without first being prepared for removal.

Error: (06/12/2012 09:59:25 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&00E4) disappeared from the system without first being prepared for removal.

Error: (06/12/2012 09:56:09 AM) (Source: Service Control Manager) (User: )
Description: SASKUTIL
SRTSP
SRTSPX

Error: (06/12/2012 09:56:09 AM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (06/12/2012 09:56:09 AM) (Source: Service Control Manager) (User: )
Description: Norton Internet Security%%3

Error: (06/12/2012 09:56:09 AM) (Source: Service Control Manager) (User: )
Description: MCSTRM%%2

Error: (06/12/2012 09:56:09 AM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (06/12/2012 09:56:09 AM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060


Microsoft Office Sessions:
=========================
Error: (12/11/2011 02:58:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/01/2011 09:49:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/01/2011 07:01:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/10/2011 02:19:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/07/2011 00:41:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 57 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/04/2011 03:05:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/26/2011 02:30:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/05/2011 09:01:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/01/2011 06:16:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/29/2011 09:40:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Akamai NetSession Interface
APH placeholder
Apple Mobile Device Support (Version: 5.1.1.4)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)
CA Anti-Virus Plus (Version: 3.0.0.265)
CA Internet Security Suite (Version: 7.0.0.279)
ENE CIR Receiver Driver (12/30/2008 2.7.2.0) (Version: 12/30/2008 2.7.2.0)
HIPS (Version: 13.0.0.128)
HP MediaSmart SmartMenu (Version: 2.1.7)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.6.1.7)
Java™ 6 Update 30 (64-bit) (Version: 6.0.300)
Lexmark 5400 Series
LSI HDA Modem (Version: 2.2.97)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
ProtectSmart Hard Drive Protection (Version: 3.10.1.7)
Touch Pad Driver
VD64Inst (Version: 1.00.0000)
VistaGlazz 1.3 (Version: 1.3)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)

========================= Memory info: ===================================

Percentage of memory in use: 67%
Total physical RAM: 3998.02 MB
Available physical RAM: 1299.97 MB
Total Pagefile: 8173.18 MB
Available Pagefile: 5136.91 MB
Total Virtual: 4095.88 MB
Available Virtual: 3988.63 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:284.39 GB) (Free:144.34 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:13.7 GB) (Free:1.83 GB) NTFS

========================= Users: ========================================

User accounts for \\CHRIS

Administrator Guest Owner
Rosario


**** End of log ****

#4 Chris828

Chris828
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 12 June 2012 - 11:15 AM

Hello narenxp, thanks for replying to my problem. I did what you asked me to do as you can see I posted everything up. Thanks for helping & hope to hear from you soon :)

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:24 PM

Posted 12 June 2012 - 09:41 PM

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

Farbar Service Scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Edited by narenxp, 12 June 2012 - 09:41 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users