Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google/Yahoo Redirect


  • Please log in to reply
19 replies to this topic

#1 lbai0002

lbai0002

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:46 PM

Posted 20 June 2012 - 08:09 PM

I'm using Firefox on Windows XP, but the same problem happens in Internet Explorer. When I click on a link in Google or Yahoo, I'm redirected to another page. Most of them are rated Red by Web of Trust, and Firefox blocks some of them for being "attack websites". A lot of them pass through the website rocketnews.com. I have no problems with DuckDuckGo.

I've already done a scan with MalwareBytes. It found 61 threats, but the redirects still continued. Avira Antivir hasn't caught anything either.

Any help would be greatly appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 PM

Posted 20 June 2012 - 08:58 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Edited by narenxp, 20 June 2012 - 08:59 PM.


#3 lbai0002

lbai0002
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:46 PM

Posted 21 June 2012 - 07:11 PM

Thanks for the reply!

TDSSkiller:

17:00:54.0446 1352 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
17:00:54.0710 1352 ============================================================
17:00:54.0710 1352 Current date / time: 2012/06/21 17:00:54.0710
17:00:54.0710 1352 SystemInfo:
17:00:54.0710 1352
17:00:54.0710 1352 OS Version: 6.1.7601 ServicePack: 1.0
17:00:54.0710 1352 Product type: Workstation
17:00:54.0710 1352 ComputerName: DESKTOP3
17:00:54.0710 1352 UserName: Jun
17:00:54.0710 1352 Windows directory: C:\Windows
17:00:54.0710 1352 System windows directory: C:\Windows
17:00:54.0710 1352 Processor architecture: Intel x86
17:00:54.0710 1352 Number of processors: 2
17:00:54.0710 1352 Page size: 0x1000
17:00:54.0710 1352 Boot type: Normal boot
17:00:54.0710 1352 ============================================================
17:00:55.0750 1352 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:00:55.0756 1352 Drive \Device\Harddisk1\DR1 - Size: 0x7446E00000 (465.11 Gb), SectorSize: 0x200, Cylinders: 0xED2B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:00:55.0757 1352 ============================================================
17:00:55.0758 1352 \Device\Harddisk0\DR0:
17:00:55.0758 1352 MBR partitions:
17:00:55.0758 1352 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1391000
17:00:55.0758 1352 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13A5000, BlocksNum 0x24089000
17:00:55.0758 1352 ============================================================
17:00:55.0785 1352 C: <-> \Device\Harddisk0\DR0\Partition1
17:00:55.0785 1352 ============================================================
17:00:55.0785 1352 Initialize success
17:00:55.0785 1352 ============================================================
17:00:57.0034 5192 ============================================================
17:00:57.0034 5192 Scan started
17:00:57.0034 5192 Mode: Manual;
17:00:57.0034 5192 ============================================================
17:00:58.0651 5192 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
17:00:58.0663 5192 1394ohci - ok
17:00:58.0750 5192 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
17:00:58.0752 5192 ACPI - ok
17:00:58.0769 5192 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
17:00:58.0773 5192 AcpiPmi - ok
17:00:58.0843 5192 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:00:58.0844 5192 AdobeFlashPlayerUpdateSvc - ok
17:00:58.0875 5192 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
17:00:58.0885 5192 adp94xx - ok
17:00:58.0902 5192 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
17:00:58.0911 5192 adpahci - ok
17:00:58.0924 5192 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
17:00:58.0930 5192 adpu320 - ok
17:00:58.0953 5192 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
17:00:58.0954 5192 AeLookupSvc - ok
17:00:58.0991 5192 AERTFilters (7a841462ad4749f8a07b27ae8e8947b8) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
17:00:58.0996 5192 AERTFilters - ok
17:00:59.0042 5192 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
17:00:59.0044 5192 AFD - ok
17:00:59.0078 5192 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
17:00:59.0084 5192 agp440 - ok
17:00:59.0109 5192 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
17:00:59.0115 5192 aic78xx - ok
17:00:59.0125 5192 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
17:00:59.0131 5192 ALG - ok
17:00:59.0139 5192 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
17:00:59.0144 5192 aliide - ok
17:00:59.0161 5192 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
17:00:59.0167 5192 amdagp - ok
17:00:59.0201 5192 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
17:00:59.0211 5192 amdide - ok
17:00:59.0233 5192 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
17:00:59.0244 5192 AmdK8 - ok
17:00:59.0255 5192 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
17:00:59.0262 5192 AmdPPM - ok
17:00:59.0316 5192 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
17:00:59.0322 5192 amdsata - ok
17:00:59.0349 5192 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
17:00:59.0357 5192 amdsbs - ok
17:00:59.0374 5192 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
17:00:59.0379 5192 amdxata - ok
17:00:59.0467 5192 AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:00:59.0468 5192 AntiVirSchedulerService - ok
17:00:59.0486 5192 AntiVirService (df5a3016052755c910a206058b4a1729) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:00:59.0488 5192 AntiVirService - ok
17:00:59.0530 5192 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
17:00:59.0535 5192 AppID - ok
17:00:59.0575 5192 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
17:00:59.0580 5192 AppIDSvc - ok
17:00:59.0627 5192 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
17:00:59.0628 5192 Appinfo - ok
17:00:59.0732 5192 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:00:59.0737 5192 Apple Mobile Device - ok
17:00:59.0769 5192 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
17:00:59.0778 5192 arc - ok
17:00:59.0792 5192 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
17:00:59.0798 5192 arcsas - ok
17:00:59.0861 5192 ARUpdate - ok
17:00:59.0878 5192 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
17:00:59.0882 5192 AsyncMac - ok
17:00:59.0912 5192 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
17:00:59.0912 5192 atapi - ok
17:00:59.0962 5192 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
17:00:59.0966 5192 AudioEndpointBuilder - ok
17:00:59.0972 5192 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
17:00:59.0975 5192 Audiosrv - ok
17:01:00.0012 5192 Autodesk Licensing Service (ea2d28bbe98256654397cd1f6eaebdd8) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
17:01:00.0022 5192 Autodesk Licensing Service - ok
17:01:00.0061 5192 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
17:01:00.0068 5192 avgntflt - ok
17:01:00.0094 5192 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
17:01:00.0103 5192 avipbb - ok
17:01:00.0137 5192 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
17:01:00.0143 5192 AxInstSV - ok
17:01:00.0179 5192 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
17:01:00.0191 5192 b06bdrv - ok
17:01:00.0223 5192 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
17:01:00.0232 5192 b57nd60x - ok
17:01:00.0275 5192 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
17:01:00.0281 5192 BDESVC - ok
17:01:00.0302 5192 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
17:01:00.0305 5192 Beep - ok
17:01:00.0342 5192 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
17:01:00.0346 5192 BFE - ok
17:01:00.0395 5192 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
17:01:00.0401 5192 BITS - ok
17:01:00.0414 5192 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
17:01:00.0418 5192 blbdrive - ok
17:01:00.0492 5192 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
17:01:00.0502 5192 Bonjour Service - ok
17:01:00.0531 5192 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
17:01:00.0536 5192 bowser - ok
17:01:00.0582 5192 BPowMon (104c980400850ea84f86cd31ae2eeece) C:\Program Files\Broadcom\BPowMon\BPowMon.exe
17:01:00.0588 5192 BPowMon - ok
17:01:00.0601 5192 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:01:00.0604 5192 BrFiltLo - ok
17:01:00.0622 5192 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:01:00.0625 5192 BrFiltUp - ok
17:01:00.0654 5192 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
17:01:00.0655 5192 Browser - ok
17:01:00.0672 5192 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
17:01:00.0682 5192 Brserid - ok
17:01:00.0700 5192 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
17:01:00.0707 5192 BrSerWdm - ok
17:01:00.0721 5192 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:01:00.0725 5192 BrUsbMdm - ok
17:01:00.0743 5192 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
17:01:00.0746 5192 BrUsbSer - ok
17:01:00.0762 5192 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
17:01:00.0767 5192 BTHMODEM - ok
17:01:00.0795 5192 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
17:01:00.0801 5192 bthserv - ok
17:01:00.0825 5192 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
17:01:00.0832 5192 cdfs - ok
17:01:00.0880 5192 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
17:01:00.0888 5192 cdrom - ok
17:01:00.0926 5192 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
17:01:00.0927 5192 CertPropSvc - ok
17:01:00.0950 5192 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
17:01:00.0956 5192 circlass - ok
17:01:00.0986 5192 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
17:01:00.0989 5192 CLFS - ok
17:01:01.0035 5192 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:01:01.0043 5192 clr_optimization_v2.0.50727_32 - ok
17:01:01.0104 5192 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:01:01.0126 5192 clr_optimization_v4.0.30319_32 - ok
17:01:01.0138 5192 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
17:01:01.0141 5192 CmBatt - ok
17:01:01.0183 5192 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
17:01:01.0187 5192 cmdide - ok
17:01:01.0223 5192 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
17:01:01.0236 5192 CNG - ok
17:01:01.0247 5192 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
17:01:01.0252 5192 Compbatt - ok
17:01:01.0279 5192 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
17:01:01.0283 5192 CompositeBus - ok
17:01:01.0292 5192 COMSysApp - ok
17:01:01.0307 5192 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
17:01:01.0313 5192 crcdisk - ok
17:01:01.0349 5192 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
17:01:01.0350 5192 CryptSvc - ok
17:01:01.0391 5192 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
17:01:01.0396 5192 DcomLaunch - ok
17:01:01.0422 5192 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
17:01:01.0424 5192 defragsvc - ok
17:01:01.0459 5192 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
17:01:01.0465 5192 DfsC - ok
17:01:01.0491 5192 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
17:01:01.0494 5192 Dhcp - ok
17:01:01.0510 5192 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
17:01:01.0511 5192 discache - ok
17:01:01.0539 5192 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
17:01:01.0547 5192 Disk - ok
17:01:01.0588 5192 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
17:01:01.0589 5192 Dnscache - ok
17:01:01.0624 5192 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
17:01:01.0635 5192 dot3svc - ok
17:01:01.0667 5192 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
17:01:01.0670 5192 DPS - ok
17:01:01.0695 5192 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
17:01:01.0698 5192 drmkaud - ok
17:01:01.0746 5192 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
17:01:01.0766 5192 DXGKrnl - ok
17:01:01.0795 5192 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
17:01:01.0797 5192 EapHost - ok
17:01:01.0909 5192 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
17:01:01.0970 5192 ebdrv - ok
17:01:02.0045 5192 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
17:01:02.0047 5192 EFS - ok
17:01:02.0109 5192 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
17:01:02.0140 5192 ehRecvr - ok
17:01:02.0270 5192 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
17:01:02.0278 5192 ehSched - ok
17:01:02.0357 5192 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
17:01:02.0370 5192 elxstor - ok
17:01:02.0402 5192 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
17:01:02.0405 5192 ErrDev - ok
17:01:02.0443 5192 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
17:01:02.0446 5192 EventSystem - ok
17:01:02.0463 5192 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
17:01:02.0470 5192 exfat - ok
17:01:02.0483 5192 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
17:01:02.0490 5192 fastfat - ok
17:01:02.0557 5192 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
17:01:02.0562 5192 Fax - ok
17:01:02.0636 5192 FA_Scheduler (7b0cc7362aaf9977e0b534f917002f2f) C:\Program Files\Fortinet\FortiClient\scheduler.exe
17:01:02.0642 5192 FA_Scheduler - ok
17:01:02.0669 5192 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
17:01:02.0673 5192 fdc - ok
17:01:02.0698 5192 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
17:01:02.0699 5192 fdPHost - ok
17:01:02.0706 5192 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
17:01:02.0712 5192 FDResPub - ok
17:01:02.0723 5192 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
17:01:02.0729 5192 FileInfo - ok
17:01:02.0745 5192 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
17:01:02.0750 5192 Filetrace - ok
17:01:02.0836 5192 FLEXnet Licensing Service (d60ef46dc0e757fe5eb579db95b88954) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:01:02.0846 5192 FLEXnet Licensing Service - ok
17:01:02.0865 5192 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
17:01:02.0868 5192 flpydisk - ok
17:01:02.0897 5192 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
17:01:02.0907 5192 FltMgr - ok
17:01:02.0962 5192 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
17:01:02.0969 5192 FontCache - ok
17:01:03.0017 5192 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:01:03.0018 5192 FontCache3.0.0.0 - ok
17:01:03.0055 5192 fortiapd (0e5f40e5c4e129b371b4268521581ab6) C:\Windows\system32\drivers\fortiapd.sys
17:01:03.0059 5192 fortiapd - ok
17:01:03.0075 5192 Fortidrv2 (eff623353d292d52c6c353da24a6242d) C:\Windows\system32\DRIVERS\fortidrv.sys
17:01:03.0080 5192 Fortidrv2 - ok
17:01:03.0098 5192 Fortips (f7ded75f52ae42584c1ef6587abff390) C:\Windows\system32\drivers\fortips.sys
17:01:03.0105 5192 Fortips - ok
17:01:03.0119 5192 FortiRdr (facb507d321e25eee1eedcc533f6939e) C:\Windows\system32\drivers\FortiRdr2.sys
17:01:03.0124 5192 FortiRdr - ok
17:01:03.0133 5192 FortiShield (3e334c062df1e5b8e7f987bf674a3800) C:\Windows\system32\drivers\FortiShield.sys
17:01:03.0138 5192 FortiShield - ok
17:01:03.0158 5192 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
17:01:03.0163 5192 FsDepends - ok
17:01:03.0195 5192 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
17:01:03.0200 5192 Fs_Rec - ok
17:01:03.0208 5192 ft_vnic (6f8ac27b43ece9504fa5d521e086a92a) C:\Windows\system32\DRIVERS\ftvnic.sys
17:01:03.0208 5192 ft_vnic - ok
17:01:03.0246 5192 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
17:01:03.0247 5192 fvevol - ok
17:01:03.0273 5192 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:01:03.0278 5192 gagp30kx - ok
17:01:03.0331 5192 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:01:03.0336 5192 GEARAspiWDM - ok
17:01:03.0376 5192 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
17:01:03.0383 5192 gpsvc - ok
17:01:03.0427 5192 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:01:03.0428 5192 gupdate - ok
17:01:03.0441 5192 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:01:03.0442 5192 gupdatem - ok
17:01:03.0461 5192 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
17:01:03.0466 5192 hcw85cir - ok
17:01:03.0511 5192 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
17:01:03.0512 5192 HDAudBus - ok
17:01:03.0526 5192 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
17:01:03.0531 5192 HidBatt - ok
17:01:03.0553 5192 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
17:01:03.0559 5192 HidBth - ok
17:01:03.0584 5192 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
17:01:03.0589 5192 HidIr - ok
17:01:03.0610 5192 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
17:01:03.0611 5192 hidserv - ok
17:01:03.0623 5192 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
17:01:03.0631 5192 HidUsb - ok
17:01:03.0682 5192 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
17:01:03.0684 5192 hkmsvc - ok
17:01:03.0700 5192 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
17:01:03.0716 5192 HomeGroupListener - ok
17:01:03.0733 5192 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
17:01:03.0736 5192 HomeGroupProvider - ok
17:01:03.0754 5192 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
17:01:03.0761 5192 HpSAMD - ok
17:01:03.0796 5192 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
17:01:03.0801 5192 HTTP - ok
17:01:03.0835 5192 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
17:01:03.0836 5192 hwpolicy - ok
17:01:03.0863 5192 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
17:01:03.0870 5192 i8042prt - ok
17:01:03.0940 5192 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
17:01:03.0952 5192 iaStorV - ok
17:01:04.0045 5192 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:01:04.0077 5192 idsvc - ok
17:01:04.0429 5192 igfx (dce0b53570703cce580d066f89ef58cd) C:\Windows\system32\DRIVERS\igdkmd32.sys
17:01:04.0593 5192 igfx - ok
17:01:04.0685 5192 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
17:01:04.0690 5192 iirsp - ok
17:01:04.0750 5192 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
17:01:04.0757 5192 IKEEXT - ok
17:01:04.0843 5192 IntcAzAudAddService (94b1ff5d243d34b31380a2f79fc48959) C:\Windows\system32\drivers\RTKVHDA.sys
17:01:04.0920 5192 IntcAzAudAddService - ok
17:01:04.0993 5192 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
17:01:04.0998 5192 intelide - ok
17:01:05.0029 5192 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
17:01:05.0030 5192 intelppm - ok
17:01:05.0051 5192 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
17:01:05.0058 5192 IPBusEnum - ok
17:01:05.0074 5192 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:01:05.0080 5192 IpFilterDriver - ok
17:01:05.0128 5192 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
17:01:05.0134 5192 iphlpsvc - ok
17:01:05.0171 5192 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
17:01:05.0177 5192 IPMIDRV - ok
17:01:05.0194 5192 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
17:01:05.0201 5192 IPNAT - ok
17:01:05.0264 5192 iPod Service (f62c69376a95795fe7cdb1c778edaca4) C:\Program Files\iPod\bin\iPodService.exe
17:01:05.0269 5192 iPod Service - ok
17:01:05.0284 5192 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
17:01:05.0288 5192 IRENUM - ok
17:01:05.0296 5192 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
17:01:05.0302 5192 isapnp - ok
17:01:05.0318 5192 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
17:01:05.0330 5192 iScsiPrt - ok
17:01:05.0375 5192 k57nd60x (7ea81534e80570bdf6ee4a4248bba4d6) C:\Windows\system32\DRIVERS\k57nd60x.sys
17:01:05.0378 5192 k57nd60x - ok
17:01:05.0407 5192 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
17:01:05.0412 5192 kbdclass - ok
17:01:05.0419 5192 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
17:01:05.0424 5192 kbdhid - ok
17:01:05.0453 5192 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:01:05.0455 5192 KeyIso - ok
17:01:05.0469 5192 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
17:01:05.0475 5192 KSecDD - ok
17:01:05.0486 5192 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
17:01:05.0494 5192 KSecPkg - ok
17:01:05.0525 5192 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
17:01:05.0536 5192 KtmRm - ok
17:01:05.0573 5192 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
17:01:05.0576 5192 LanmanServer - ok
17:01:05.0614 5192 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
17:01:05.0617 5192 LanmanWorkstation - ok
17:01:05.0644 5192 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
17:01:05.0649 5192 lltdio - ok
17:01:05.0666 5192 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
17:01:05.0675 5192 lltdsvc - ok
17:01:05.0690 5192 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
17:01:05.0692 5192 lmhosts - ok
17:01:05.0766 5192 LMIGuardianSvc (6e7d0424132a7c2113f7f0912045b137) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
17:01:05.0769 5192 LMIGuardianSvc - ok
17:01:05.0796 5192 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
17:01:05.0800 5192 LMIInfo - ok
17:01:05.0815 5192 LMIMaint (3bece8c5ff78c90c1a5a9ef517ae77fd) C:\Program Files\LogMeIn\x86\RaMaint.exe
17:01:05.0822 5192 LMIMaint - ok
17:01:05.0851 5192 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
17:01:05.0854 5192 lmimirr - ok
17:01:05.0877 5192 LMIRfsClientNP - ok
17:01:05.0888 5192 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
17:01:05.0894 5192 LMIRfsDriver - ok
17:01:05.0899 5192 LogMeIn (9015122d04c195bdab88febcbae229db) C:\Program Files\LogMeIn\x86\LogMeIn.exe
17:01:05.0904 5192 LogMeIn - ok
17:01:05.0934 5192 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:01:05.0941 5192 LSI_FC - ok
17:01:05.0966 5192 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:01:05.0972 5192 LSI_SAS - ok
17:01:05.0984 5192 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:01:05.0990 5192 LSI_SAS2 - ok
17:01:06.0006 5192 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:01:06.0012 5192 LSI_SCSI - ok
17:01:06.0039 5192 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
17:01:06.0040 5192 luafv - ok
17:01:06.0070 5192 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
17:01:06.0082 5192 McComponentHostService - ok
17:01:06.0111 5192 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
17:01:06.0118 5192 Mcx2Svc - ok
17:01:06.0130 5192 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
17:01:06.0134 5192 megasas - ok
17:01:06.0153 5192 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
17:01:06.0161 5192 MegaSR - ok
17:01:06.0213 5192 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
17:01:06.0214 5192 MMCSS - ok
17:01:06.0228 5192 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
17:01:06.0232 5192 Modem - ok
17:01:06.0274 5192 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
17:01:06.0274 5192 monitor - ok
17:01:06.0315 5192 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
17:01:06.0321 5192 mouclass - ok
17:01:06.0343 5192 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
17:01:06.0347 5192 mouhid - ok
17:01:06.0379 5192 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
17:01:06.0380 5192 mountmgr - ok
17:01:06.0397 5192 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
17:01:06.0405 5192 mpio - ok
17:01:06.0425 5192 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
17:01:06.0431 5192 mpsdrv - ok
17:01:06.0479 5192 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
17:01:06.0485 5192 MpsSvc - ok
17:01:06.0521 5192 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
17:01:06.0528 5192 MRxDAV - ok
17:01:06.0569 5192 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:01:06.0582 5192 mrxsmb - ok
17:01:06.0627 5192 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:01:06.0638 5192 mrxsmb10 - ok
17:01:06.0648 5192 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:01:06.0655 5192 mrxsmb20 - ok
17:01:06.0691 5192 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
17:01:06.0698 5192 msahci - ok
17:01:06.0708 5192 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
17:01:06.0716 5192 msdsm - ok
17:01:06.0744 5192 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
17:01:06.0753 5192 MSDTC - ok
17:01:06.0784 5192 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
17:01:06.0788 5192 Msfs - ok
17:01:06.0805 5192 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
17:01:06.0808 5192 mshidkmdf - ok
17:01:06.0825 5192 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
17:01:06.0830 5192 msisadrv - ok
17:01:06.0856 5192 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
17:01:06.0864 5192 MSiSCSI - ok
17:01:06.0868 5192 msiserver - ok
17:01:06.0890 5192 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
17:01:06.0895 5192 MSKSSRV - ok
17:01:06.0905 5192 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
17:01:06.0910 5192 MSPCLOCK - ok
17:01:06.0916 5192 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
17:01:06.0920 5192 MSPQM - ok
17:01:06.0934 5192 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
17:01:06.0942 5192 MsRPC - ok
17:01:06.0981 5192 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
17:01:06.0981 5192 mssmbios - ok
17:01:06.0999 5192 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
17:01:07.0002 5192 MSTEE - ok
17:01:07.0011 5192 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
17:01:07.0015 5192 MTConfig - ok
17:01:07.0032 5192 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
17:01:07.0037 5192 Mup - ok
17:01:07.0071 5192 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
17:01:07.0076 5192 napagent - ok
17:01:07.0113 5192 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
17:01:07.0126 5192 NativeWifiP - ok
17:01:07.0165 5192 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
17:01:07.0171 5192 NDIS - ok
17:01:07.0193 5192 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
17:01:07.0198 5192 NdisCap - ok
17:01:07.0211 5192 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
17:01:07.0215 5192 NdisTapi - ok
17:01:07.0258 5192 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
17:01:07.0263 5192 Ndisuio - ok
17:01:07.0356 5192 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
17:01:07.0364 5192 NdisWan - ok
17:01:07.0400 5192 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
17:01:07.0405 5192 NDProxy - ok
17:01:07.0419 5192 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
17:01:07.0424 5192 NetBIOS - ok
17:01:07.0457 5192 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
17:01:07.0458 5192 NetBT - ok
17:01:07.0493 5192 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:01:07.0495 5192 Netlogon - ok
17:01:07.0534 5192 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
17:01:07.0537 5192 Netman - ok
17:01:07.0552 5192 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
17:01:07.0556 5192 netprofm - ok
17:01:07.0622 5192 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:01:07.0632 5192 NetTcpPortSharing - ok
17:01:07.0661 5192 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
17:01:07.0666 5192 nfrd960 - ok
17:01:07.0704 5192 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
17:01:07.0707 5192 NlaSvc - ok
17:01:07.0723 5192 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
17:01:07.0728 5192 Npfs - ok
17:01:07.0753 5192 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
17:01:07.0755 5192 nsi - ok
17:01:07.0767 5192 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
17:01:07.0767 5192 nsiproxy - ok
17:01:07.0838 5192 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
17:01:07.0883 5192 Ntfs - ok
17:01:07.0884 5192 Scan interrupted by user!
17:01:07.0884 5192 Scan interrupted by user!
17:01:07.0884 5192 Scan interrupted by user!
17:01:07.0884 5192 ============================================================
17:01:07.0884 5192 Scan finished
17:01:07.0885 5192 ============================================================
17:01:07.0894 2168 Detected object count: 0
17:01:07.0894 2168 Actual detected object count: 0
17:01:21.0657 5600 ============================================================
17:01:21.0657 5600 Scan started
17:01:21.0657 5600 Mode: Manual; TDLFS;
17:01:21.0657 5600 ============================================================
17:01:22.0002 5600 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
17:01:22.0003 5600 1394ohci - ok
17:01:22.0027 5600 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
17:01:22.0028 5600 ACPI - ok
17:01:22.0061 5600 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
17:01:22.0061 5600 AcpiPmi - ok
17:01:22.0093 5600 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:01:22.0094 5600 AdobeFlashPlayerUpdateSvc - ok
17:01:22.0132 5600 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
17:01:22.0135 5600 adp94xx - ok
17:01:22.0152 5600 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
17:01:22.0154 5600 adpahci - ok
17:01:22.0166 5600 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
17:01:22.0167 5600 adpu320 - ok
17:01:22.0195 5600 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
17:01:22.0196 5600 AeLookupSvc - ok
17:01:22.0233 5600 AERTFilters (7a841462ad4749f8a07b27ae8e8947b8) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
17:01:22.0233 5600 AERTFilters - ok
17:01:22.0266 5600 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
17:01:22.0268 5600 AFD - ok
17:01:22.0295 5600 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
17:01:22.0296 5600 agp440 - ok
17:01:22.0309 5600 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
17:01:22.0310 5600 aic78xx - ok
17:01:22.0325 5600 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
17:01:22.0326 5600 ALG - ok
17:01:22.0339 5600 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
17:01:22.0340 5600 aliide - ok
17:01:22.0359 5600 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
17:01:22.0359 5600 amdagp - ok
17:01:22.0376 5600 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
17:01:22.0376 5600 amdide - ok
17:01:22.0391 5600 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
17:01:22.0392 5600 AmdK8 - ok
17:01:22.0397 5600 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
17:01:22.0398 5600 AmdPPM - ok
17:01:22.0416 5600 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
17:01:22.0417 5600 amdsata - ok
17:01:22.0441 5600 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
17:01:22.0442 5600 amdsbs - ok
17:01:22.0458 5600 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
17:01:22.0458 5600 amdxata - ok
17:01:22.0628 5600 AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:01:22.0629 5600 AntiVirSchedulerService - ok
17:01:22.0644 5600 AntiVirService (df5a3016052755c910a206058b4a1729) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:01:22.0646 5600 AntiVirService - ok
17:01:22.0680 5600 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
17:01:22.0681 5600 AppID - ok
17:01:22.0698 5600 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
17:01:22.0699 5600 AppIDSvc - ok
17:01:22.0727 5600 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
17:01:22.0728 5600 Appinfo - ok
17:01:22.0774 5600 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:01:22.0775 5600 Apple Mobile Device - ok
17:01:22.0795 5600 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
17:01:22.0796 5600 arc - ok
17:01:22.0808 5600 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
17:01:22.0808 5600 arcsas - ok
17:01:22.0845 5600 ARUpdate - ok
17:01:22.0862 5600 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
17:01:22.0863 5600 AsyncMac - ok
17:01:22.0896 5600 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
17:01:22.0896 5600 atapi - ok
17:01:22.0938 5600 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
17:01:22.0941 5600 AudioEndpointBuilder - ok
17:01:22.0947 5600 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
17:01:22.0950 5600 Audiosrv - ok
17:01:22.0988 5600 Autodesk Licensing Service (ea2d28bbe98256654397cd1f6eaebdd8) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
17:01:22.0988 5600 Autodesk Licensing Service - ok
17:01:23.0020 5600 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
17:01:23.0021 5600 avgntflt - ok
17:01:23.0037 5600 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
17:01:23.0038 5600 avipbb - ok
17:01:23.0070 5600 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
17:01:23.0071 5600 AxInstSV - ok
17:01:23.0104 5600 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
17:01:23.0107 5600 b06bdrv - ok
17:01:23.0124 5600 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
17:01:23.0125 5600 b57nd60x - ok
17:01:23.0158 5600 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
17:01:23.0159 5600 BDESVC - ok
17:01:23.0163 5600 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
17:01:23.0164 5600 Beep - ok
17:01:23.0209 5600 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
17:01:23.0212 5600 BFE - ok
17:01:23.0264 5600 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
17:01:23.0268 5600 BITS - ok
17:01:23.0281 5600 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
17:01:23.0281 5600 blbdrive - ok
17:01:23.0359 5600 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
17:01:23.0361 5600 Bonjour Service - ok
17:01:23.0390 5600 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
17:01:23.0391 5600 bowser - ok
17:01:23.0415 5600 BPowMon (104c980400850ea84f86cd31ae2eeece) C:\Program Files\Broadcom\BPowMon\BPowMon.exe
17:01:23.0416 5600 BPowMon - ok
17:01:23.0434 5600 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:01:23.0435 5600 BrFiltLo - ok
17:01:23.0447 5600 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:01:23.0448 5600 BrFiltUp - ok
17:01:23.0520 5600 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
17:01:23.0521 5600 Browser - ok
17:01:23.0548 5600 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
17:01:23.0549 5600 Brserid - ok
17:01:23.0567 5600 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
17:01:23.0568 5600 BrSerWdm - ok
17:01:23.0580 5600 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:01:23.0580 5600 BrUsbMdm - ok
17:01:23.0593 5600 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
17:01:23.0594 5600 BrUsbSer - ok
17:01:23.0604 5600 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
17:01:23.0605 5600 BTHMODEM - ok
17:01:23.0637 5600 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
17:01:23.0639 5600 bthserv - ok
17:01:23.0651 5600 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
17:01:23.0652 5600 cdfs - ok
17:01:23.0697 5600 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
17:01:23.0698 5600 cdrom - ok
17:01:23.0734 5600 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
17:01:23.0735 5600 CertPropSvc - ok
17:01:23.0750 5600 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
17:01:23.0751 5600 circlass - ok
17:01:23.0769 5600 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
17:01:23.0771 5600 CLFS - ok
17:01:23.0836 5600 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:01:23.0837 5600 clr_optimization_v2.0.50727_32 - ok
17:01:23.0879 5600 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:01:23.0880 5600 clr_optimization_v4.0.30319_32 - ok
17:01:23.0897 5600 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
17:01:23.0897 5600 CmBatt - ok
17:01:23.0925 5600 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
17:01:23.0926 5600 cmdide - ok
17:01:23.0966 5600 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
17:01:23.0968 5600 CNG - ok
17:01:23.0983 5600 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
17:01:23.0983 5600 Compbatt - ok
17:01:24.0005 5600 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
17:01:24.0005 5600 CompositeBus - ok
17:01:24.0009 5600 COMSysApp - ok
17:01:24.0025 5600 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
17:01:24.0025 5600 crcdisk - ok
17:01:24.0058 5600 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
17:01:24.0059 5600 CryptSvc - ok
17:01:24.0100 5600 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
17:01:24.0103 5600 DcomLaunch - ok
17:01:24.0131 5600 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
17:01:24.0133 5600 defragsvc - ok
17:01:24.0168 5600 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
17:01:24.0169 5600 DfsC - ok
17:01:24.0188 5600 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
17:01:24.0191 5600 Dhcp - ok
17:01:24.0203 5600 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
17:01:24.0204 5600 discache - ok
17:01:24.0215 5600 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
17:01:24.0216 5600 Disk - ok
17:01:24.0255 5600 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
17:01:24.0257 5600 Dnscache - ok
17:01:24.0291 5600 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
17:01:24.0293 5600 dot3svc - ok
17:01:24.0326 5600 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
17:01:24.0328 5600 DPS - ok
17:01:24.0346 5600 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
17:01:24.0346 5600 drmkaud - ok
17:01:24.0397 5600 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
17:01:24.0402 5600 DXGKrnl - ok
17:01:24.0429 5600 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
17:01:24.0431 5600 EapHost - ok
17:01:24.0534 5600 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
17:01:24.0550 5600 ebdrv - ok
17:01:24.0641 5600 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
17:01:24.0643 5600 EFS - ok
17:01:24.0693 5600 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
17:01:24.0696 5600 ehRecvr - ok
17:01:24.0722 5600 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
17:01:24.0723 5600 ehSched - ok
17:01:24.0775 5600 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
17:01:24.0778 5600 elxstor - ok
17:01:24.0811 5600 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
17:01:24.0812 5600 ErrDev - ok
17:01:24.0844 5600 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
17:01:24.0846 5600 EventSystem - ok
17:01:24.0864 5600 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
17:01:24.0865 5600 exfat - ok
17:01:24.0884 5600 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
17:01:24.0886 5600 fastfat - ok
17:01:24.0927 5600 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
17:01:24.0930 5600 Fax - ok
17:01:24.0979 5600 FA_Scheduler (7b0cc7362aaf9977e0b534f917002f2f) C:\Program Files\Fortinet\FortiClient\scheduler.exe
17:01:24.0979 5600 FA_Scheduler - ok
17:01:24.0995 5600 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
17:01:24.0996 5600 fdc - ok
17:01:25.0008 5600 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
17:01:25.0009 5600 fdPHost - ok
17:01:25.0016 5600 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
17:01:25.0017 5600 FDResPub - ok
17:01:25.0024 5600 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
17:01:25.0026 5600 FileInfo - ok
17:01:25.0038 5600 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
17:01:25.0039 5600 Filetrace - ok
17:01:25.0112 5600 FLEXnet Licensing Service (d60ef46dc0e757fe5eb579db95b88954) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:01:25.0118 5600 FLEXnet Licensing Service - ok
17:01:25.0141 5600 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
17:01:25.0141 5600 flpydisk - ok
17:01:25.0164 5600 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
17:01:25.0166 5600 FltMgr - ok
17:01:25.0213 5600 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
17:01:25.0218 5600 FontCache - ok
17:01:25.0268 5600 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:01:25.0269 5600 FontCache3.0.0.0 - ok
17:01:25.0306 5600 fortiapd (0e5f40e5c4e129b371b4268521581ab6) C:\Windows\system32\drivers\fortiapd.sys
17:01:25.0306 5600 fortiapd - ok
17:01:25.0318 5600 Fortidrv2 (eff623353d292d52c6c353da24a6242d) C:\Windows\system32\DRIVERS\fortidrv.sys
17:01:25.0319 5600 Fortidrv2 - ok
17:01:25.0332 5600 Fortips (f7ded75f52ae42584c1ef6587abff390) C:\Windows\system32\drivers\fortips.sys
17:01:25.0333 5600 Fortips - ok
17:01:25.0345 5600 FortiRdr (facb507d321e25eee1eedcc533f6939e) C:\Windows\system32\drivers\FortiRdr2.sys
17:01:25.0346 5600 FortiRdr - ok
17:01:25.0359 5600 FortiShield (3e334c062df1e5b8e7f987bf674a3800) C:\Windows\system32\drivers\FortiShield.sys
17:01:25.0360 5600 FortiShield - ok
17:01:25.0384 5600 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
17:01:25.0385 5600 FsDepends - ok
17:01:25.0413 5600 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
17:01:25.0414 5600 Fs_Rec - ok
17:01:25.0426 5600 ft_vnic (6f8ac27b43ece9504fa5d521e086a92a) C:\Windows\system32\DRIVERS\ftvnic.sys
17:01:25.0426 5600 ft_vnic - ok
17:01:25.0456 5600 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
17:01:25.0457 5600 fvevol - ok
17:01:25.0475 5600 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:01:25.0476 5600 gagp30kx - ok
17:01:25.0507 5600 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:01:25.0508 5600 GEARAspiWDM - ok
17:01:25.0555 5600 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
17:01:25.0559 5600 gpsvc - ok
17:01:25.0603 5600 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:01:25.0604 5600 gupdate - ok
17:01:25.0608 5600 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:01:25.0609 5600 gupdatem - ok
17:01:25.0630 5600 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
17:01:25.0630 5600 hcw85cir - ok
17:01:25.0663 5600 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
17:01:25.0664 5600 HDAudBus - ok
17:01:25.0678 5600 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
17:01:25.0678 5600 HidBatt - ok
17:01:25.0696 5600 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
17:01:25.0697 5600 HidBth - ok
17:01:25.0712 5600 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
17:01:25.0713 5600 HidIr - ok
17:01:25.0736 5600 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
17:01:25.0738 5600 hidserv - ok
17:01:25.0749 5600 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
17:01:25.0750 5600 HidUsb - ok
17:01:25.0784 5600 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
17:01:25.0785 5600 hkmsvc - ok
17:01:25.0801 5600 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
17:01:25.0804 5600 HomeGroupListener - ok
17:01:25.0818 5600 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
17:01:25.0821 5600 HomeGroupProvider - ok
17:01:25.0840 5600 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
17:01:25.0840 5600 HpSAMD - ok
17:01:25.0881 5600 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
17:01:25.0884 5600 HTTP - ok
17:01:25.0920 5600 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
17:01:25.0920 5600 hwpolicy - ok
17:01:25.0939 5600 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
17:01:25.0940 5600 i8042prt - ok
17:01:25.0967 5600 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
17:01:25.0968 5600 iaStorV - ok
17:01:26.0065 5600 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:01:26.0070 5600 idsvc - ok
17:01:26.0386 5600 igfx (dce0b53570703cce580d066f89ef58cd) C:\Windows\system32\DRIVERS\igdkmd32.sys
17:01:26.0436 5600 igfx - ok
17:01:26.0537 5600 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
17:01:26.0537 5600 iirsp - ok
17:01:26.0585 5600 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
17:01:26.0590 5600 IKEEXT - ok
17:01:26.0698 5600 IntcAzAudAddService (94b1ff5d243d34b31380a2f79fc48959) C:\Windows\system32\drivers\RTKVHDA.sys
17:01:26.0712 5600 IntcAzAudAddService - ok
17:01:26.0770 5600 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
17:01:26.0770 5600 intelide - ok
17:01:26.0797 5600 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
17:01:26.0798 5600 intelppm - ok
17:01:26.0819 5600 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
17:01:26.0821 5600 IPBusEnum - ok
17:01:26.0835 5600 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:01:26.0835 5600 IpFilterDriver - ok
17:01:26.0874 5600 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
17:01:26.0877 5600 iphlpsvc - ok
17:01:26.0897 5600 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
17:01:26.0898 5600 IPMIDRV - ok
17:01:26.0913 5600 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
17:01:26.0914 5600 IPNAT - ok
17:01:26.0974 5600 iPod Service (f62c69376a95795fe7cdb1c778edaca4) C:\Program Files\iPod\bin\iPodService.exe
17:01:26.0978 5600 iPod Service - ok
17:01:26.0994 5600 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
17:01:26.0995 5600 IRENUM - ok
17:01:27.0007 5600 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
17:01:27.0007 5600 isapnp - ok
17:01:27.0028 5600 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
17:01:27.0029 5600 iScsiPrt - ok
17:01:27.0061 5600 k57nd60x (7ea81534e80570bdf6ee4a4248bba4d6) C:\Windows\system32\DRIVERS\k57nd60x.sys
17:01:27.0062 5600 k57nd60x - ok
17:01:27.0075 5600 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
17:01:27.0076 5600 kbdclass - ok
17:01:27.0088 5600 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
17:01:27.0088 5600 kbdhid - ok
17:01:27.0130 5600 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:01:27.0132 5600 KeyIso - ok
17:01:27.0146 5600 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
17:01:27.0147 5600 KSecDD - ok
17:01:27.0162 5600 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
17:01:27.0164 5600 KSecPkg - ok
17:01:27.0193 5600 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
17:01:27.0196 5600 KtmRm - ok
17:01:27.0233 5600 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
17:01:27.0236 5600 LanmanServer - ok
17:01:27.0275 5600 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
17:01:27.0278 5600 LanmanWorkstation - ok
17:01:27.0305 5600 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
17:01:27.0305 5600 lltdio - ok
17:01:27.0326 5600 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
17:01:27.0328 5600 lltdsvc - ok
17:01:27.0342 5600 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
17:01:27.0344 5600 lmhosts - ok
17:01:27.0410 5600 LMIGuardianSvc (6e7d0424132a7c2113f7f0912045b137) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
17:01:27.0412 5600 LMIGuardianSvc - ok
17:01:27.0423 5600 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
17:01:27.0423 5600 LMIInfo - ok
17:01:27.0441 5600 LMIMaint (3bece8c5ff78c90c1a5a9ef517ae77fd) C:\Program Files\LogMeIn\x86\RaMaint.exe
17:01:27.0442 5600 LMIMaint - ok
17:01:27.0477 5600 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
17:01:27.0478 5600 lmimirr - ok
17:01:27.0486 5600 LMIRfsClientNP - ok
17:01:27.0498 5600 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
17:01:27.0499 5600 LMIRfsDriver - ok
17:01:27.0529 5600 LogMeIn (9015122d04c195bdab88febcbae229db) C:\Program Files\LogMeIn\x86\LogMeIn.exe
17:01:27.0529 5600 LogMeIn - ok
17:01:27.0553 5600 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:01:27.0553 5600 LSI_FC - ok
17:01:27.0584 5600 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:01:27.0585 5600 LSI_SAS - ok
17:01:27.0594 5600 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:01:27.0595 5600 LSI_SAS2 - ok
17:01:27.0616 5600 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:01:27.0617 5600 LSI_SCSI - ok
17:01:27.0645 5600 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
17:01:27.0646 5600 luafv - ok
17:01:27.0688 5600 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
17:01:27.0689 5600 McComponentHostService - ok
17:01:27.0729 5600 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
17:01:27.0731 5600 Mcx2Svc - ok
17:01:27.0748 5600 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
17:01:27.0749 5600 megasas - ok
17:01:27.0772 5600 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
17:01:27.0773 5600 MegaSR - ok
17:01:27.0805 5600 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
17:01:27.0807 5600 MMCSS - ok
17:01:27.0821 5600 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
17:01:27.0822 5600 Modem - ok
17:01:27.0851 5600 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
17:01:27.0852 5600 monitor - ok
17:01:27.0884 5600 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
17:01:27.0885 5600 mouclass - ok
17:01:27.0894 5600 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
17:01:27.0895 5600 mouhid - ok
17:01:27.0931 5600 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
17:01:27.0932 5600 mountmgr - ok
17:01:27.0982 5600 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
17:01:27.0983 5600 mpio - ok
17:01:28.0002 5600 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
17:01:28.0003 5600 mpsdrv - ok
17:01:28.0048 5600 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
17:01:28.0052 5600 MpsSvc - ok
17:01:28.0090 5600 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
17:01:28.0091 5600 MRxDAV - ok
17:01:28.0121 5600 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:01:28.0123 5600 mrxsmb - ok
17:01:28.0162 5600 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:01:28.0164 5600 mrxsmb10 - ok
17:01:28.0177 5600 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:01:28.0178 5600 mrxsmb20 - ok
17:01:28.0210 5600 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
17:01:28.0211 5600 msahci - ok
17:01:28.0235 5600 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
17:01:28.0236 5600 msdsm - ok
17:01:28.0261 5600 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
17:01:28.0263 5600 MSDTC - ok
17:01:28.0295 5600 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
17:01:28.0296 5600 Msfs - ok
17:01:28.0307 5600 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
17:01:28.0308 5600 mshidkmdf - ok
17:01:28.0318 5600 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
17:01:28.0319 5600 msisadrv - ok
17:01:28.0341 5600 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
17:01:28.0343 5600 MSiSCSI - ok
17:01:28.0347 5600 msiserver - ok
17:01:28.0359 5600 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
17:01:28.0360 5600 MSKSSRV - ok
17:01:28.0366 5600 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
17:01:28.0366 5600 MSPCLOCK - ok
17:01:28.0376 5600 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
17:01:28.0377 5600 MSPQM - ok
17:01:28.0395 5600 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
17:01:28.0396 5600 MsRPC - ok
17:01:28.0416 5600 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
17:01:28.0417 5600 mssmbios - ok
17:01:28.0434 5600 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
17:01:28.0435 5600 MSTEE - ok
17:01:28.0446 5600 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
17:01:28.0447 5600 MTConfig - ok
17:01:28.0459 5600 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
17:01:28.0459 5600 Mup - ok
17:01:28.0516 5600 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
17:01:28.0520 5600 napagent - ok
17:01:28.0539 5600 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
17:01:28.0541 5600 NativeWifiP - ok
17:01:28.0576 5600 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
17:01:28.0581 5600 NDIS - ok
17:01:28.0604 5600 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
17:01:28.0605 5600 NdisCap - ok
17:01:28.0611 5600 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
17:01:28.0612 5600 NdisTapi - ok
17:01:28.0644 5600 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
17:01:28.0645 5600 Ndisuio - ok
17:01:28.0659 5600 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
17:01:28.0660 5600 NdisWan - ok
17:01:28.0695 5600 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
17:01:28.0695 5600 NDProxy - ok
17:01:28.0705 5600 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
17:01:28.0706 5600 NetBIOS - ok
17:01:28.0741 5600 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
17:01:28.0742 5600 NetBT - ok
17:01:28.0770 5600 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:01:28.0772 5600 Netlogon - ok
17:01:28.0803 5600 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
17:01:28.0806 5600 Netman - ok
17:01:28.0830 5600 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
17:01:28.0834 5600 netprofm - ok
17:01:28.0884 5600 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:01:28.0885 5600 NetTcpPortSharing - ok
17:01:28.0905 5600 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
17:01:28.0906 5600 nfrd960 - ok
17:01:28.0940 5600 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
17:01:28.0943 5600 NlaSvc - ok
17:01:28.0951 5600 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
17:01:28.0952 5600 Npfs - ok
17:01:28.0972 5600 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
17:01:28.0974 5600 nsi - ok
17:01:28.0986 5600 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
17:01:28.0986 5600 nsiproxy - ok
17:01:29.0057 5600 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
17:01:29.0064 5600 Ntfs - ok
17:01:29.0125 5600 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
17:01:29.0128 5600 Null - ok
17:01:29.0173 5600 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
17:01:29.0180 5600 nvraid - ok
17:01:29.0217 5600 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
17:01:29.0224 5600 nvstor - ok
17:01:29.0237 5600 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
17:01:29.0244 5600 nv_agp - ok
17:01:29.0257 5600 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
17:01:29.0264 5600 ohci1394 - ok
17:01:29.0354 5600 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:01:29.0355 5600 ose - ok
17:01:29.0549 5600 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:01:29.0618 5600 osppsvc - ok
17:01:29.0685 5600 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
17:01:29.0696 5600 p2pimsvc - ok
17:01:29.0713 5600 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
17:01:29.0726 5600 p2psvc - ok
17:01:29.0759 5600 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
17:01:29.0765 5600 Parport - ok
17:01:29.0796 5600 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
17:01:29.0802 5600 partmgr - ok
17:01:29.0811 5600 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
17:01:29.0814 5600 Parvdm - ok
17:01:29.0827 5600 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
17:01:29.0830 5600 PcaSvc - ok
17:01:29.0863 5600 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
17:01:29.0871 5600 pci - ok
17:01:29.0878 5600 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
17:01:29.0882 5600 pciide - ok
17:01:29.0901 5600 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
17:01:29.0910 5600 pcmcia - ok
17:01:29.0922 5600 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
17:01:29.0927 5600 pcw - ok
17:01:29.0956 5600 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
17:01:29.0972 5600 PEAUTH - ok
17:01:30.0051 5600 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
17:01:30.0088 5600 pla - ok
17:01:30.0187 5600 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
17:01:30.0191 5600 PlugPlay - ok
17:01:30.0211 5600 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
17:01:30.0214 5600 PNRPAutoReg - ok
17:01:30.0234 5600 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
17:01:30.0237 5600 PNRPsvc - ok
17:01:30.0263 5600 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
17:01:30.0274 5600 PolicyAgent - ok
17:01:30.0314 5600 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
17:01:30.0317 5600 Power - ok
17:01:30.0359 5600 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
17:01:30.0364 5600 PptpMiniport - ok
17:01:30.0384 5600 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
17:01:30.0390 5600 Processor - ok
17:01:30.0424 5600 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
17:01:30.0427 5600 ProfSvc - ok
17:01:30.0460 5600 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:01:30.0462 5600 ProtectedStorage - ok
17:01:30.0489 5600 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
17:01:30.0491 5600 Psched - ok
17:01:30.0540 5600 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
17:01:30.0570 5600 ql2300 - ok
17:01:30.0657 5600 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
17:01:30.0677 5600 ql40xx - ok
17:01:30.0703 5600 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
17:01:30.0713 5600 QWAVE - ok
17:01:30.0723 5600 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
17:01:30.0729 5600 QWAVEdrv - ok
17:01:30.0746 5600 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
17:01:30.0750 5600 RasAcd - ok
17:01:30.0787 5600 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:01:30.0792 5600 RasAgileVpn - ok
17:01:30.0808 5600 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
17:01:30.0816 5600 RasAuto - ok
17:01:30.0831 5600 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:01:30.0837 5600 Rasl2tp - ok
17:01:30.0887 5600 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
17:01:30.0898 5600 RasMan - ok
17:01:30.0921 5600 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
17:01:30.0928 5600 RasPppoe - ok
17:01:30.0941 5600 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
17:01:30.0947 5600 RasSstp - ok
17:01:30.0992 5600 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
17:01:31.0003 5600 rdbss - ok
17:01:31.0014 5600 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
17:01:31.0017 5600 rdpbus - ok
17:01:31.0057 5600 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:01:31.0058 5600 RDPCDD - ok
17:01:31.0086 5600 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
17:01:31.0087 5600 RDPENCDD - ok
17:01:31.0096 5600 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
17:01:31.0097 5600 RDPREFMP - ok
17:01:31.0129 5600 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
17:01:31.0137 5600 RDPWD - ok
17:01:31.0189 5600 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
17:01:31.0198 5600 rdyboost - ok
17:01:31.0221 5600 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
17:01:31.0229 5600 RemoteAccess - ok
17:01:31.0263 5600 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
17:01:31.0271 5600 RemoteRegistry - ok
17:01:31.0290 5600 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
17:01:31.0292 5600 RpcEptMapper - ok
17:01:31.0312 5600 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
17:01:31.0316 5600 RpcLocator - ok
17:01:31.0360 5600 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
17:01:31.0364 5600 RpcSs - ok
17:01:31.0396 5600 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
17:01:31.0401 5600 rspndr - ok
17:01:31.0443 5600 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:01:31.0445 5600 SamSs - ok
17:01:31.0487 5600 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
17:01:31.0494 5600 sbp2port - ok
17:01:31.0517 5600 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
17:01:31.0526 5600 SCardSvr - ok
17:01:31.0560 5600 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
17:01:31.0565 5600 scfilter - ok
17:01:31.0615 5600 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
17:01:31.0622 5600 Schedule - ok
17:01:31.0659 5600 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
17:01:31.0660 5600 SCPolicySvc - ok
17:01:31.0676 5600 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
17:01:31.0684 5600 SDRSVC - ok
17:01:31.0755 5600 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:01:31.0764 5600 SeaPort - ok
17:01:31.0821 5600 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:01:31.0824 5600 secdrv - ok
17:01:31.0852 5600 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
17:01:31.0859 5600 seclogon - ok
17:01:31.0874 5600 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
17:01:31.0877 5600 SENS - ok
17:01:31.0901 5600 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
17:01:31.0907 5600 SensrSvc - ok
17:01:31.0912 5600 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
17:01:31.0916 5600 Serenum - ok
17:01:31.0946 5600 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
17:01:31.0952 5600 Serial - ok
17:01:31.0989 5600 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
17:01:31.0993 5600 sermouse - ok
17:01:32.0037 5600 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
17:01:32.0039 5600 SessionEnv - ok
17:01:32.0049 5600 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
17:01:32.0052 5600 sffdisk - ok
17:01:32.0063 5600 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
17:01:32.0067 5600 sffp_mmc - ok
17:01:32.0081 5600 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
17:01:32.0085 5600 sffp_sd - ok
17:01:32.0098 5600 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
17:01:32.0103 5600 sfloppy - ok
17:01:32.0136 5600 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
17:01:32.0147 5600 SharedAccess - ok
17:01:32.0190 5600 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
17:01:32.0194 5600 ShellHWDetection - ok
17:01:32.0211 5600 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
17:01:32.0217 5600 sisagp - ok
17:01:32.0268 5600 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:01:32.0272 5600 SiSRaid2 - ok
17:01:32.0282 5600 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
17:01:32.0288 5600 SiSRaid4 - ok
17:01:32.0325 5600 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
17:01:32.0331 5600 Smb - ok
17:01:32.0360 5600 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
17:01:32.0366 5600 SNMPTRAP - ok
17:01:32.0373 5600 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
17:01:32.0377 5600 spldr - ok
17:01:32.0425 5600 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
17:01:32.0429 5600 Spooler - ok
17:01:32.0537 5600 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
17:01:32.0585 5600 sppsvc - ok
17:01:32.0750 5600 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
17:01:32.0771 5600 sppuinotify - ok
17:01:32.0868 5600 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
17:01:32.0881 5600 srv - ok
17:01:32.0925 5600 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
17:01:32.0937 5600 srv2 - ok
17:01:32.0953 5600 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
17:01:32.0960 5600 srvnet - ok
17:01:32.0979 5600 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
17:01:32.0982 5600 SSDPSRV - ok
17:01:33.0011 5600 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
17:01:33.0016 5600 ssmdrv - ok
17:01:33.0032 5600 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
17:01:33.0040 5600 SstpSvc - ok
17:01:33.0063 5600 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
17:01:33.0069 5600 stexstor - ok
17:01:33.0113 5600 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
17:01:33.0128 5600 StiSvc - ok
17:01:33.0158 5600 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
17:01:33.0162 5600 swenum - ok
17:01:33.0184 5600 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
17:01:33.0195 5600 swprv - ok
17:01:33.0252 5600 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
17:01:33.0264 5600 SysMain - ok
17:01:33.0278 5600 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
17:01:33.0287 5600 TabletInputService - ok
17:01:33.0302 5600 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
17:01:33.0312 5600 TapiSrv - ok
17:01:33.0330 5600 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
17:01:33.0338 5600 TBS - ok
17:01:33.0428 5600 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
17:01:33.0479 5600 Tcpip - ok
17:01:33.0582 5600 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
17:01:33.0589 5600 TCPIP6 - ok
17:01:33.0654 5600 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
17:01:33.0658 5600 tcpipreg - ok
17:01:33.0693 5600 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
17:01:33.0697 5600 TDPIPE - ok
17:01:33.0731 5600 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
17:01:33.0736 5600 TDTCP - ok
17:01:33.0772 5600 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
17:01:33.0778 5600 tdx - ok
17:01:33.0810 5600 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
17:01:33.0815 5600 TermDD - ok
17:01:33.0862 5600 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
17:01:33.0868 5600 TermService - ok
17:01:33.0887 5600 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
17:01:33.0889 5600 Themes - ok
17:01:33.0908 5600 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
17:01:33.0910 5600 THREADORDER - ok
17:01:33.0922 5600 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
17:01:33.0925 5600 TrkWks - ok
17:01:33.0983 5600 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
17:01:33.0984 5600 TrustedInstaller - ok
17:01:34.0021 5600 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:01:34.0025 5600 tssecsrv - ok
17:01:34.0068 5600 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
17:01:34.0074 5600 TsUsbFlt - ok
17:01:34.0137 5600 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
17:01:34.0144 5600 tunnel - ok
17:01:34.0172 5600 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
17:01:34.0179 5600 uagp35 - ok
17:01:34.0214 5600 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
17:01:34.0224 5600 udfs - ok
17:01:34.0246 5600 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
17:01:34.0253 5600 UI0Detect - ok
17:01:34.0287 5600 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
17:01:34.0292 5600 uliagpkx - ok
17:01:34.0312 5600 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
17:01:34.0317 5600 umbus - ok
17:01:34.0334 5600 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
17:01:34.0338 5600 UmPass - ok
17:01:34.0361 5600 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
17:01:34.0365 5600 upnphost - ok
17:01:34.0382 5600 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
17:01:34.0387 5600 USBAAPL - ok
17:01:34.0425 5600 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
17:01:34.0430 5600 usbccgp - ok
17:01:34.0448 5600 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
17:01:34.0458 5600 usbcir - ok
17:01:34.0470 5600 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
17:01:34.0475 5600 usbehci - ok
17:01:34.0498 5600 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
17:01:34.0508 5600 usbhub - ok
17:01:34.0519 5600 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
17:01:34.0523 5600 usbohci - ok
17:01:34.0545 5600 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
17:01:34.0549 5600 usbprint - ok
17:01:34.0568 5600 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:01:34.0574 5600 USBSTOR - ok
17:01:34.0586 5600 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
17:01:34.0590 5600 usbuhci - ok
17:01:34.0668 5600 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
17:01:34.0671 5600 UxSms - ok
17:01:34.0706 5600 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:01:34.0708 5600 VaultSvc - ok
17:01:34.0725 5600 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
17:01:34.0730 5600 vdrvroot - ok
17:01:34.0766 5600 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
17:01:34.0780 5600 vds - ok
17:01:34.0799 5600 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
17:01:34.0805 5600 vga - ok
17:01:34.0825 5600 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
17:01:34.0829 5600 VgaSave - ok
17:01:34.0850 5600 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
17:01:34.0859 5600 vhdmp - ok
17:01:34.0890 5600 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
17:01:34.0895 5600 viaagp - ok
17:01:34.0908 5600 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
17:01:34.0913 5600 ViaC7 - ok
17:01:34.0925 5600 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
17:01:34.0929 5600 viaide - ok
17:01:34.0946 5600 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
17:01:34.0951 5600 volmgr - ok
17:01:34.0968 5600 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
17:01:34.0971 5600 volmgrx - ok
17:01:34.0989 5600 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
17:01:35.0000 5600 volsnap - ok
17:01:35.0022 5600 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
17:01:35.0029 5600 vsmraid - ok
17:01:35.0084 5600 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
17:01:35.0106 5600 VSS - ok
17:01:35.0125 5600 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
17:01:35.0134 5600 vwifibus - ok
17:01:35.0175 5600 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
17:01:35.0180 5600 W32Time - ok
17:01:35.0198 5600 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
17:01:35.0202 5600 WacomPen - ok
17:01:35.0254 5600 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
17:01:35.0260 5600 WANARP - ok
17:01:35.0265 5600 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
17:01:35.0266 5600 Wanarpv6 - ok
17:01:35.0340 5600 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
17:01:35.0394 5600 WatAdminSvc - ok
17:01:35.0509 5600 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
17:01:35.0543 5600 wbengine - ok
17:01:35.0575 5600 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
17:01:35.0585 5600 WbioSrvc - ok
17:01:35.0624 5600 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
17:01:35.0629 5600 wcncsvc - ok
17:01:35.0644 5600 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
17:01:35.0651 5600 WcsPlugInService - ok
17:01:35.0696 5600 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
17:01:35.0701 5600 Wd - ok
17:01:35.0724 5600 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
17:01:35.0727 5600 WDC_SAM - ok
17:01:35.0823 5600 WDDMService (7d1e301e2eeaf6d3730887de933413e6) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
17:01:35.0830 5600 WDDMService - ok
17:01:35.0855 5600 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
17:01:35.0871 5600 Wdf01000 - ok
17:01:35.0916 5600 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
17:01:35.0919 5600 WdiServiceHost - ok
17:01:35.0928 5600 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
17:01:35.0931 5600 WdiSystemHost - ok
17:01:35.0940 5600 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
17:01:35.0944 5600 WDSmartWareBackgroundService - ok
17:01:35.0984 5600 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
17:01:35.0994 5600 WebClient - ok
17:01:36.0014 5600 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
17:01:36.0023 5600 Wecsvc - ok
17:01:36.0040 5600 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
17:01:36.0043 5600 wercplsupport - ok
17:01:36.0063 5600 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
17:01:36.0066 5600 WerSvc - ok
17:01:36.0081 5600 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
17:01:36.0085 5600 WfpLwf - ok
17:01:36.0102 5600 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
17:01:36.0107 5600 WIMMount - ok
17:01:36.0166 5600 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
17:01:36.0185 5600 WinDefend - ok
17:01:36.0190 5600 WinHttpAutoProxySvc - ok
17:01:36.0230 5600 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
17:01:36.0231 5600 Winmgmt - ok
17:01:36.0290 5600 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
17:01:36.0304 5600 WinRM - ok
17:01:36.0375 5600 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
17:01:36.0380 5600 WinUsb - ok
17:01:36.0421 5600 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
17:01:36.0441 5600 Wlansvc - ok
17:01:36.0613 5600 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:01:36.0644 5600 wlidsvc - ok
17:01:36.0724 5600 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
17:01:36.0727 5600 WmiAcpi - ok
17:01:36.0775 5600 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
17:01:36.0783 5600 wmiApSrv - ok
17:01:36.0863 5600 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
17:01:36.0871 5600 WMPNetworkSvc - ok
17:01:36.0920 5600 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
17:01:36.0926 5600 WPCSvc - ok
17:01:36.0966 5600 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
17:01:36.0969 5600 WPDBusEnum - ok
17:01:36.0995 5600 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
17:01:36.0999 5600 ws2ifsl - ok
17:01:37.0013 5600 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
17:01:37.0016 5600 wscsvc - ok
17:01:37.0023 5600 WSearch - ok
17:01:37.0131 5600 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
17:01:37.0168 5600 wuauserv - ok
17:01:37.0245 5600 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
17:01:37.0251 5600 WudfPf - ok
17:01:37.0280 5600 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:01:37.0286 5600 WUDFRd - ok
17:01:37.0334 5600 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
17:01:37.0337 5600 wudfsvc - ok
17:01:37.0362 5600 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
17:01:37.0372 5600 WwanSvc - ok
17:01:37.0399 5600 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
17:01:37.0605 5600 \Device\Harddisk0\DR0 - ok
17:01:37.0608 5600 Boot (0x1200) (cfc9cfbe7aff9c375d0dbf0b2c7f85d3) \Device\Harddisk0\DR0\Partition0
17:01:37.0609 5600 \Device\Harddisk0\DR0\Partition0 - ok
17:01:37.0639 5600 Boot (0x1200) (06efe51f1b54731ab5f2d46d97074fc6) \Device\Harddisk0\DR0\Partition1
17:01:37.0641 5600 \Device\Harddisk0\DR0\Partition1 - ok
17:01:37.0641 5600 ============================================================
17:01:37.0641 5600 Scan finished
17:01:37.0641 5600 ============================================================
17:01:37.0650 1072 Detected object count: 0
17:01:37.0650 1072 Actual detected object count: 0
17:02:10.0150 6000 Deinitialize success

aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-21 17:08:46
-----------------------------
17:08:46.597 OS Version: Windows 6.1.7601 Service Pack 1
17:08:46.597 Number of processors: 2 586 0x170A
17:08:46.598 ComputerName: DESKTOP3 UserName: Jun
17:09:06.125 Initialize success
17:17:33.506 AVAST engine defs: 12062101
17:19:36.577 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:19:36.579 Disk 0 Vendor: ST3320418AS CC46 Size: 305245MB BusType: 3
17:19:36.593 Disk 0 MBR read successfully
17:19:36.595 Disk 0 MBR scan
17:19:36.615 Disk 0 Windows VISTA default MBR code
17:19:36.618 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
17:19:36.636 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 10018 MB offset 81920
17:19:36.649 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 295186 MB offset 20598784
17:19:36.661 Disk 0 scanning sectors +625139712
17:19:36.748 Disk 0 scanning C:\Windows\system32\drivers
17:19:48.540 Service scanning
17:20:08.056 Modules scanning
17:20:14.711 Disk 0 trace - called modules:
17:20:14.735 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
17:20:14.740 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85d25030]
17:20:14.744 3 CLASSPNP.SYS[8b17359e] -> nt!IofCallDriver -> [0x8586b228]
17:20:14.748 5 ACPI.sys[8acbf3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84f85610]
17:20:18.181 AVAST engine scan C:\Windows
17:20:19.945 AVAST engine scan C:\Windows\system32
17:24:19.243 AVAST engine scan C:\Windows\system32\drivers
17:24:33.736 AVAST engine scan C:\Users\Jun
17:38:39.925 AVAST engine scan C:\ProgramData
17:42:24.000 Scan finished successfully
17:58:15.745 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
17:58:15.753 The log file has been saved successfully to "C:\aswMBR.txt"

ESET online scanner

C:\Program Files\Uniblue\RegistryBooster\Launcher.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\RegistryBooster\rbnotifier.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\RegistryBooster\rb_move_serial.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\RegistryBooster\rb_track_install.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Jun\AppData\Local\Temp\mia3632.tmp\data\OFFLINE\60209F62\E4B51402\rb_track_install.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Jun\AppData\Local\Temp\mia3632.tmp\data\OFFLINE\7C1CA27A\E4B51402\registrybooster.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Jun\AppData\Local\Temp\mia3632.tmp\data\OFFLINE\8341161D\E4B51402\rbmonitor.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Jun\AppData\Local\Temp\mia3632.tmp\data\OFFLINE\BA577A69\E4B51402\Launcher.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Jun\AppData\Local\Temp\mia3632.tmp\data\OFFLINE\BD35BBB2\E4B51402\rbnotifier.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Jun\AppData\Local\Temp\mia3632.tmp\data\OFFLINE\DFAA8030\E4B51402\rb_move_serial.exe Win32/RegistryBooster application cleaned by deleting - quarantined
Operating memory probably a variant of Win32/Ponmocup.AA trojan

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 PM

Posted 21 June 2012 - 07:31 PM

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Uninstall firefox,make sure to check mark remove my personal data option

Reinstall firefox again

Let me know if you still have redirects

#5 lbai0002

lbai0002
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:46 PM

Posted 24 June 2012 - 08:42 PM

  • Ran MBAM until log was clean
  • Downloaded and ran MiniToolbox.
  • Uninstalled Firefox and checkmarked "remove my personal data"
  • Reinstalled Firefox
Google is still redirecting me to random sites.

MiniToolbox:

MiniToolBox by Farbar Version: 09-06-2012
Ran by Jun (administrator) on 24-06-2012 at 21:08:46
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)
Fortinet virtual adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Desktop3
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : myhome.westell.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : myhome.westell.com
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 84-2B-2B-89-46-76
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9de6:97b5:ee8e:d9c6%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.47(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, June 24, 2012 11:20:32 AM
Lease Expires . . . . . . . . . . : Monday, June 25, 2012 11:20:32 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 243542827
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-4E-5A-2C-84-2B-2B-89-46-76
DNS Servers . . . . . . . . . . . : 192.168.1.1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Fortinet virtual adapter
Physical Address. . . . . . . . . : 00-09-0F-FE-00-01
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.myhome.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : myhome.westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{89ED6E5D-0C71-44C5-896D-1809BFC7C825}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3836:33d9:3f57:fed0(Preferred)
Link-local IPv6 Address . . . . . : fe80::3836:33d9:3f57:fed0%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslrouter
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:802::1002
173.194.43.32
173.194.43.46
173.194.43.36
173.194.43.40
173.194.43.35
173.194.43.37
173.194.43.39
173.194.43.34
173.194.43.33
173.194.43.41
173.194.43.38


Pinging google.com [173.194.43.32] with 32 bytes of data:
Reply from 173.194.43.32: bytes=32 time=30ms TTL=56
Reply from 173.194.43.32: bytes=32 time=42ms TTL=56

Ping statistics for 173.194.43.32:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 42ms, Average = 36ms
Server: dslrouter
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=83ms TTL=57
Reply from 209.191.122.70: bytes=32 time=116ms TTL=57

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 83ms, Maximum = 116ms, Average = 99ms
Server: dslrouter
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...84 2b 2b 89 46 76 ......Broadcom NetLink ™ Gigabit Ethernet
14...00 09 0f fe 00 01 ......Fortinet virtual adapter
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.47 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.47 276
192.168.1.47 255.255.255.255 On-link 192.168.1.47 276
192.168.1.255 255.255.255.255 On-link 192.168.1.47 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.47 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.47 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:3836:33d9:3f57:fed0/128
On-link
10 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::3836:33d9:3f57:fed0/128
On-link
10 276 fe80::9de6:97b5:ee8e:d9c6/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/24/2012 11:52:11 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/23/2012 00:05:44 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/22/2012 03:36:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/21/2012 09:15:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: WSCommCntr2.exe, version: 3.0.267.0, time stamp: 0x4b7176b9
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc0000005
Fault offset: 0x0003224d
Faulting process id: 0x528
Faulting application start time: 0xWSCommCntr2.exe0
Faulting application path: WSCommCntr2.exe1
Faulting module path: WSCommCntr2.exe2
Report Id: WSCommCntr2.exe3

Error: (06/21/2012 07:48:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/21/2012 06:18:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: WSCommCntr2.exe, version: 3.0.267.0, time stamp: 0x4b7176b9
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc0000005
Fault offset: 0x0003224d
Faulting process id: 0x1498
Faulting application start time: 0xWSCommCntr2.exe0
Faulting application path: WSCommCntr2.exe1
Faulting module path: WSCommCntr2.exe2
Report Id: WSCommCntr2.exe3

Error: (06/20/2012 09:41:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: WSCommCntr2.exe, version: 3.0.267.0, time stamp: 0x4b7176b9
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc0000005
Fault offset: 0x0003224d
Faulting process id: 0x14a8
Faulting application start time: 0xWSCommCntr2.exe0
Faulting application path: WSCommCntr2.exe1
Faulting module path: WSCommCntr2.exe2
Report Id: WSCommCntr2.exe3

Error: (06/20/2012 07:34:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/19/2012 07:30:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/18/2012 11:24:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (06/13/2012 04:44:05 PM) (Source: Service Control Manager) (User: )
Description: The iPod Service service failed to start due to the following error:
%%1053

Error: (06/13/2012 04:44:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.

Error: (06/13/2012 04:44:05 PM) (Source: DCOM) (User: )
Description: 1053iPod Service{063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (06/07/2012 00:39:31 AM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service failed to start due to the following error:
%%1069

Error: (06/07/2012 00:39:31 AM) (Source: Service Control Manager) (User: )
Description: The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%1352

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (06/07/2012 00:39:31 AM) (Source: DCOM) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (06/04/2012 09:58:37 AM) (Source: DCOM) (User: )
Description: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (06/04/2012 09:58:10 AM) (Source: Service Control Manager) (User: )
Description: The iPod Service service terminated with the following error:
%%-2147417831

Error: (06/02/2012 00:34:23 PM) (Source: Microsoft-Windows-Application-Experience) (User: SYSTEM)
Description: The Program Compatibility Assistant service failed to perform the phase two initialization.

Error: (06/02/2012 01:46:04 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error:
%%1069


Microsoft Office Sessions:
=========================
Error: (06/24/2012 11:52:11 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\pdf995\res\drivedir\copy64.exe

Error: (06/23/2012 00:05:44 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\pdf995\res\drivedir\copy64.exe

Error: (06/22/2012 03:36:18 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\pdf995\res\drivedir\copy64.exe

Error: (06/21/2012 09:15:17 PM) (Source: Application Error)(User: )
Description: WSCommCntr2.exe3.0.267.04b7176b9ntdll.dll6.1.7601.177254ec49b60c00000050003224d52801cd50147a0178c1C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\WSCommCntr2.exeC:\Windows\SYSTEM32\ntdll.dllb9a61a1c-bc07-11e1-8d7f-00090ffe0001

Error: (06/21/2012 07:48:58 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\pdf995\res\drivedir\copy64.exe

Error: (06/21/2012 06:18:28 PM) (Source: Application Error)(User: )
Description: WSCommCntr2.exe3.0.267.04b7176b9ntdll.dll6.1.7601.177254ec49b60c00000050003224d149801cd4ffbc5ff441fC:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\WSCommCntr2.exeC:\Windows\SYSTEM32\ntdll.dll0645a617-bbef-11e1-8d7f-00090ffe0001

Error: (06/20/2012 09:41:08 PM) (Source: Application Error)(User: )
Description: WSCommCntr2.exe3.0.267.04b7176b9ntdll.dll6.1.7601.177254ec49b60c00000050003224d14a801cd4f4eed96a4aaC:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\WSCommCntr2.exeC:\Windows\SYSTEM32\ntdll.dll2bc6c900-bb42-11e1-97eb-00090ffe0001

Error: (06/20/2012 07:34:53 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\pdf995\res\drivedir\copy64.exe

Error: (06/19/2012 07:30:41 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\pdf995\res\drivedir\copy64.exe

Error: (06/18/2012 11:24:25 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\pdf995\res\drivedir\copy64.exe


=========================== Installed Programs ============================

快玩 V2.7.0.8 (Version: V2.7.0.8)
搜索更新服务 (Version: 6.1.0.0)
百度影音1.0.21.25 (Version: 1.0.21)
Adobe AIR (Version: 2.5.0.16600)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader 9.4.4 (Version: 9.4.4)
Adobe SVG Viewer 3.0 (Version: 3.0)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.4.0)
Ask Toolbar Updater (Version: 1.2.2.23821)
AutoCAD LT 2009 - English (Version: 17.2.56.0)
AutoCAD LT 2011 - English (Version: 18.1.52.0)
AutoCAD LT 2011 Language Pack - English (Version: 18.1.52.0)
Autodesk Material Library 2011 (Version: 2.0.0.49)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.707)
Bonjour (Version: 3.0.0.2)
Broadcom Gigabit NetLink Controller (Version: 12.33.02)
Broadcom Management Programs (Version: 12.35.01)
CAPS 3.10 (Version: 3.10)
Chvac Version 7
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Backup and Recovery Manager (Version: 1.3)
Dell Edoc Viewer (Version: 1.0.0)
Dropbox (Version: 1.4.7)
eQUEST 3-64 (Version: 3.64)
ESET Online Scanner v3
Fire Version 6.0
FortiClient Endpoint Security (Version: 4.2.2.0267)
GASVENT 2 for Windows
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 19.0.1084.56)
Google SketchUp 8 (Version: 3.0.4811)
Google Update Helper (Version: 1.3.21.111)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1995)
iTunes (Version: 10.4.1.10)
Japanese Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 24 (Version: 6.0.240)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
LogMeIn (Version: 4.1.1558)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Microsoft XML Parser (Version: 8.50.2162.6)
Mozilla Firefox 5.0 (x86 en-US) (Version: 5.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NJStar Chinese WP (Version: 5.25)
OverDrive Media Console (Version: 3.2.5)
Pdf995
PPLite 1.0.0.0078
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
PsyChart Version 2.01
QuickTime (Version: 7.70.80.34)
QUOTE Version 2.0
QvodPlayer 5.0.81 (Version: 5.0.81)
Realtek High Definition Audio Driver (Version: 6.0.1.5936)
RHVAC Version 8
Simple Hydraulic Calculator (Version: 1.4.8)
SOSO AddressBar Search (Version: 6.1.1.8)
SOSO??? (Version: 5.0.2.3)
Taco 2002 HX Selection
Uniblue RegistryBooster (Version: 4.7.7.19)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
UTAU ??????? (Version: 1.0.74)
WD SmartWare (Version: 1.2.0.8)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinHex
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 3036.8 MB
Available physical RAM: 1441.53 MB
Total Pagefile: 6071.89 MB
Available Pagefile: 4205.19 MB
Total Virtual: 2047.88 MB
Available Virtual: 1926.2 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:288.27 GB) (Free:169.24 GB) NTFS
3 Drive e: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\DESKTOP3

Administrator Guest Jun
Jun Bai logmeinremoteuser


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 PM

Posted 25 June 2012 - 12:11 AM

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Copy ,paste the contents of autoruns.txt here

#7 lbai0002

lbai0002
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:46 PM

Posted 25 June 2012 - 06:20 PM

AutoRuns:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "ApnUpdater" "Ask Updater" "Ask" "c:\program files\ask.com\updater\updater.exe"
+ "avgnt" "Avira System Tray Tool" "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\avgnt.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "LogMeIn GUI" "LogMeIn Desktop Application" "LogMeIn, Inc." "c:\program files\logmein\x86\logmeinsystray.exe"
+ "mocgcos" "" "" "c:\users\jun\appdata\roaming\scarddlgo.dll"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "QvodTerminal" "QvodTerminal" "Shenzhen QVOD Technology Co.,Ltd" "c:\program files\qvodplayer\qvodterminal.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rthdvcpl.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files\mcafee security scan\2.0.181\ssscheduler.exe"
+ "WDDMStatus.lnk" "WD Drive Manager" "WDC" "c:\program files\western digital\wd smartware\wd drive manager\wddmstatus.exe"
+ "WDSmartWare.lnk" "WD SmartWare" "Western Digital" "c:\program files\western digital\wd smartware\front parlor\wdsmartware.exe"
"C:\Users\Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\jun\appdata\roaming\dropbox\bin\dropbox.exe"
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files\microsoft office\office14\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "BAIDUMEDIA" "百度影音" "" "c:\program files\baidu\baiduplayer\baiduplayer.exe"
+ "Kuaiwan" "快玩" "Shenzhen QVOD Technology Co.,Ltd" "c:\program files\kuaiwan\kuaiwan.exe"
+ "PPAP" "PPTV网络电视" "PPLive Corporation" "c:\program files\common files\pplivenetwork\ppap.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help" "Microsoft Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "tmpx" "" "" "File not found: c:\Program Files\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\jun\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AcShellExtension.AcContextMenuHandler" "AutoCAD Dwg common shell extension handler" "Autodesk" "c:\program files\common files\autodesk shared\acshellex\acshellextension.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library" "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\shlext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\jun\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\jun\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "AcColumnHandler" "AutoCAD Dwg common shell extension handler" "Autodesk" "c:\program files\common files\autodesk shared\acshellex\acshellextension.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library" "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\shlext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "AutoCAD Digital Signatures Icon Overlay Handler" "AutoCAD component" "Autodesk, Inc." "c:\windows\system32\acsignicon.dll"
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\jun\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\jun\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\jun\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Ask Toolbar" "Ask Toolbar" "Ask" "c:\program files\ask.com\genericasktoolbar.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "QvodGameExtend" "KuaiwanGameExtend 动态链接库" "Shenzhen QVOD Technology Co.,Ltd" "c:\program files\kuaiwan\qvodgameextend.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "TmIEPlugInBHO Class" "" "" "File not found: c:\Program Files\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "UrlSearchHook Class" "Ask Toolbar" "Ask" "c:\program files\ask.com\genericasktoolbar.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Ask Toolbar" "Ask Toolbar" "Ask" "c:\program files\ask.com\genericasktoolbar.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "c:\program files\ask.com\updatetask.exe"
+ "\{11C31311-00AA-40E4-A601-9A89A8F45440}" "Chvac application file" "Elite Software Development, Inc." "c:\program files\elite\chvacw\chvac7.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters" "Andrea filters APO access service (32-bit)" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsrv.exe"
+ "AntiVirSchedulerService" "Service to schedule Avira Free Antivirus jobs and updates." "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\sched.exe"
+ "AntiVirService" "Offers permanent protection against viruses and malware with the Avira search engine." "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\avguard.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "ARUpdate" "搜搜E点通" "Tencent" "c:\program files\tencent\addrupdate\addrupdate.exe"
+ "Autodesk Licensing Service" "Anchor service for Autodesk products licensed with SafeCast" "Autodesk" "c:\program files\common files\autodesk shared\service\adskscsrv.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "BPowMon" "Power monitoring service for Broadcom applications." "Broadcom Corp." "c:\program files\broadcom\bpowmon\bpowmon.exe"
+ "FA_Scheduler" "FortiClient Service Scheduler" "Fortinet Inc." "c:\program files\fortinet\forticlient\scheduler.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LMIGuardianSvc" "Support LogMeIn processes with quality assurance feedback" "LogMeIn, Inc." "c:\program files\logmein\x86\lmiguardiansvc.exe"
+ "LMIMaint" "LogMeIn Maintenance Service" "LogMeIn, Inc." "c:\program files\logmein\x86\ramaint.exe"
+ "LogMeIn" "LogMeIn" "LogMeIn, Inc." "c:\program files\logmein\x86\logmein.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files\mcafee security scan\2.0.181\mcchsvc.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files\microsoft\search enhancement pack\seaport\seaport.exe"
+ "WDDMService" "Provides functionality for Western Digital disk drives." "WDC" "c:\program files\western digital\wd smartware\wd drive manager\wddmservice.exe"
+ "WDSmartWareBackgroundService" "Manages background tasks for WDSmartWare Applications" "Memeo" "c:\program files\western digital\wd smartware\front parlor\wdsmartwarebackgroundservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "avgntflt" "Avira mini-filter driver" "Avira GmbH" "c:\windows\system32\drivers\avgntflt.sys"
+ "avipbb" "Avira Security Enhancement Driver" "Avira GmbH" "c:\windows\system32\drivers\avipbb.sys"
+ "avkmgr" "Avira Manager Driver" "Avira GmbH" "c:\windows\system32\drivers\avkmgr.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "fortiapd" "FortiClient Application Driver" "Fortinet Inc" "c:\windows\system32\drivers\fortiapd.sys"
+ "Fortidrv2" "FortiClient Network Driver" "Fortinet Inc" "c:\windows\system32\drivers\fortidrv.sys"
+ "Fortips" "FortiClient IPSec Driver" "Fortinet Inc" "c:\windows\system32\drivers\fortips.sys"
+ "FortiRdr" "FortiClient Redirect Driver" "Fortinet Inc" "c:\windows\system32\drivers\fortirdr2.sys"
+ "FortiShield" "FortiShield mini-filter driver" "Fortinet Inc" "c:\windows\system32\drivers\fortishield.sys"
+ "ft_vnic" "FortiClient Virtual Network Adpater" "Fortinet Inc." "c:\windows\system32\drivers\ftvnic.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "k57nd60x" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60x.sys"
+ "LMIInfo" "RemotelyAnywhere Kernel Information Provider" "LogMeIn, Inc." "c:\program files\logmein\x86\rainfo.sys"
+ "lmimirr" "LogMeIn Mirror Miniport Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\lmimirr.sys"
+ "LMIRfsDriver" "LogMeIn Rfs Drivemap Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\lmirfsdriver.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "ssmdrv" "Avira Snapshot Driver" "Avira GmbH" "c:\windows\system32\drivers\ssmdrv.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\qvodplayer\codecs\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\qvodplayer\codecs\vsfilter.dll"
+ "LogMeIn Video Decoder" "LogMeIn Video Codec" "LogMeIn, Inc." "c:\program files\logmein\x86\racodec.ax"
+ "LogMeIn Video Encoder" "LogMeIn Video Codec" "LogMeIn, Inc." "c:\program files\logmein\x86\racodec.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "FortiClientVPNStarter" "FortiClient VPN Starter" "Fortinet Inc." "c:\program files\fortinet\forticlient\fortivpnst.dll"
+ "LogMeInCredProv" "LogMeIn Remote Control Helper" "LogMeIn, Inc." "c:\windows\system32\lmiinit.dll"
+ "WLIDCredentialProvider" "Microsoft Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LogMeIn Printer Port Monitor" "RemotelyAnywhere Printer Port Monitor" "LogMeIn, Inc." "c:\windows\system32\lmiport.dll"
+ "PDF995 Monitor" "" "" "c:\windows\system32\pdf995mon.dll"
+ "PrimoMon" "" "" "c:\windows\system32\primomonnt.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "LMIRfsClientNP" "LogMeIn Virtual Disk Network" "LogMeIn, Inc." "c:\windows\system32\lmirfsclientnp.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 PM

Posted 25 June 2012 - 09:39 PM

Launch autoruns and uncheck this entry(do you know this entry?)

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "mocgcos" "" "" "c:\users\jun\appdata\roaming\scarddlgo.dll"

Restart the PC and let me know if you still have redirects

Edited by narenxp, 25 June 2012 - 09:41 PM.


#9 lbai0002

lbai0002
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:46 PM

Posted 29 June 2012 - 01:39 PM

No more redirects!

Thanks again for the help!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 PM

Posted 29 June 2012 - 01:52 PM

Browse to this path and manually delete the file

c:\users\jun\appdata\roaming\scarddlgo.dll

Uninstall Ask toolbar

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 lbai0002

lbai0002
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:46 PM

Posted 29 June 2012 - 05:52 PM

I tried to delete scardlgo.dll, but I got this message:

You need permission to perform this action

You require permission from Desktop3/Jun to make changes to this file

SCardDlgo.dll
Date created: 6/17/2012 9:59 PM
Size: 128 KB

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 PM

Posted 29 June 2012 - 06:34 PM

Boot into safemode and delete it :thumbup2:

#13 lbai0002

lbai0002
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:46 PM

Posted 05 July 2012 - 08:41 PM

  • Deleted scarddlgo.dll
  • Downloaded and launched TFC, but it didn't tell me to restart
  • System restore was already turned off. I'm not sure how to create a new restore point, though.
  • Updated JAVA
  • Avira Antivir set to automatic updates


#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 PM

Posted 05 July 2012 - 08:42 PM

Follow this guide

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

good luck

#15 lbai0002

lbai0002
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:46 PM

Posted 06 July 2012 - 05:21 PM

  • New system restore point created

A few days ago, my Internet dramatically slowed down. Anything I download fails, and I can't load any PDF files or videos. It's affecting all three of the computers that are connected to the router, not just the one that had the redirects. Could it be the same malware?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users