Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox Google Search Redirected Often-IDP virus and ProxyCheck


  • Please log in to reply
9 replies to this topic

#1 auntna

auntna

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Pennsylvania
  • Local time:12:19 AM

Posted 17 July 2012 - 03:18 PM

My browser or Google search seems to have a mind of it's own lately. I click on a topic but often it will show up in the search bar that it is redirecting to some ad site. If I cancel that and click the topic again it will then go to the correct site.

AVG has quarantined an IDP.virus.CCE37861(or RUNDLL.32.exe), Win 32/Crytor and today found ProxyCheck.exe. I did not see the last one in there until I ran your program Rkill which also found it.

I first tried using system restore but then had problems with the system errors with LogonUI.exe and CredUI.dll and finally ended up with a black screen. Had to physically unplug from power to restart into repair mode to get my desktop back. Then I uninstalled Firefox and finally was able to restore back. But when I reinstalled a fresh Firefox still I had the redirect problem.

I have run Malwarebytes which found some Win32 things, the Rkill which found the ProxyCheck. I uninstalled the Firefox previously using RevoUninstaller in the advanced mode but did not use the delete personal settings in the Firefox Uninstaller.

I want to know that hopefully after the Rkill and some Revo Uninstaller Junk files remover that maybe this thing is gone? How can I be sure? What do you recommend or can we look at to see if I'm okay now?

Thanks Everyone for your help.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 PM

Posted 17 July 2012 - 04:01 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 auntna

auntna
  • Topic Starter

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Pennsylvania
  • Local time:12:19 AM

Posted 17 July 2012 - 10:43 PM

Thanks for your help. Here are the reports in the order which you asked for them.

22:37:53.0585 3568 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
22:37:55.0614 3568 ============================================================
22:37:55.0614 3568 Current date / time: 2012/07/17 22:37:55.0614
22:37:55.0614 3568 SystemInfo:
22:37:55.0614 3568
22:37:55.0614 3568 OS Version: 6.1.7601 ServicePack: 1.0
22:37:55.0614 3568 Product type: Workstation
22:37:55.0614 3568 ComputerName: MYCOMPUTER
22:37:55.0614 3568 UserName: User
22:37:55.0614 3568 Windows directory: C:\Windows
22:37:55.0614 3568 System windows directory: C:\Windows
22:37:55.0614 3568 Running under WOW64
22:37:55.0614 3568 Processor architecture: Intel x64
22:37:55.0614 3568 Number of processors: 2
22:37:55.0614 3568 Page size: 0x1000
22:37:55.0614 3568 Boot type: Normal boot
22:37:55.0614 3568 ============================================================
22:37:56.0675 3568 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:37:56.0722 3568 ============================================================
22:37:56.0722 3568 \Device\Harddisk0\DR0:
22:37:56.0722 3568 MBR partitions:
22:37:56.0722 3568 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:37:56.0722 3568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
22:37:56.0722 3568 ============================================================
22:37:56.0737 3568 C: <-> \Device\Harddisk0\DR0\Partition1
22:37:56.0737 3568 ============================================================
22:37:56.0737 3568 Initialize success
22:37:56.0737 3568 ============================================================
22:38:17.0766 3484 ============================================================
22:38:17.0766 3484 Scan started
22:38:17.0766 3484 Mode: Manual; TDLFS;
22:38:17.0766 3484 ============================================================
22:38:18.0578 3484 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:38:18.0578 3484 1394ohci - ok
22:38:18.0624 3484 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:38:18.0624 3484 ACPI - ok
22:38:18.0640 3484 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:38:18.0640 3484 AcpiPmi - ok
22:38:18.0734 3484 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:38:18.0734 3484 AdobeARMservice - ok
22:38:18.0796 3484 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:38:18.0796 3484 adp94xx - ok
22:38:18.0828 3484 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:38:18.0828 3484 adpahci - ok
22:38:18.0844 3484 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:38:18.0844 3484 adpu320 - ok
22:38:18.0859 3484 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:38:18.0859 3484 AeLookupSvc - ok
22:38:18.0922 3484 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:38:18.0922 3484 AFD - ok
22:38:18.0937 3484 AFS - ok
22:38:18.0969 3484 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:38:18.0969 3484 agp440 - ok
22:38:18.0984 3484 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:38:18.0984 3484 ALG - ok
22:38:19.0015 3484 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:38:19.0015 3484 aliide - ok
22:38:19.0047 3484 AMD External Events Utility (a359974eaac83a435497c52f62a2e590) C:\Windows\system32\atiesrxx.exe
22:38:19.0047 3484 AMD External Events Utility - ok
22:38:19.0062 3484 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:38:19.0062 3484 amdide - ok
22:38:19.0078 3484 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:38:19.0078 3484 AmdK8 - ok
22:38:19.0702 3484 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
22:38:19.0873 3484 amdkmdag - ok
22:38:19.0983 3484 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
22:38:19.0998 3484 amdkmdap - ok
22:38:20.0014 3484 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:38:20.0014 3484 AmdPPM - ok
22:38:20.0061 3484 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:38:20.0061 3484 amdsata - ok
22:38:20.0092 3484 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:38:20.0092 3484 amdsbs - ok
22:38:20.0107 3484 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:38:20.0107 3484 amdxata - ok
22:38:20.0139 3484 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:38:20.0139 3484 AppID - ok
22:38:20.0170 3484 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:38:20.0170 3484 AppIDSvc - ok
22:38:20.0201 3484 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:38:20.0201 3484 Appinfo - ok
22:38:20.0232 3484 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
22:38:20.0232 3484 AppMgmt - ok
22:38:20.0263 3484 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:38:20.0263 3484 arc - ok
22:38:20.0279 3484 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:38:20.0279 3484 arcsas - ok
22:38:20.0341 3484 aspnet_state - ok
22:38:20.0373 3484 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:38:20.0373 3484 AsyncMac - ok
22:38:20.0404 3484 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:38:20.0404 3484 atapi - ok
22:38:20.0919 3484 atikmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
22:38:20.0981 3484 atikmdag - ok
22:38:21.0106 3484 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:38:21.0106 3484 AudioEndpointBuilder - ok
22:38:21.0106 3484 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:38:21.0121 3484 AudioSrv - ok
22:38:21.0465 3484 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
22:38:21.0605 3484 AVGIDSAgent - ok
22:38:21.0730 3484 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
22:38:21.0730 3484 AVGIDSDriver - ok
22:38:21.0745 3484 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
22:38:21.0745 3484 AVGIDSFilter - ok
22:38:21.0761 3484 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
22:38:21.0761 3484 AVGIDSHA - ok
22:38:21.0792 3484 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
22:38:21.0792 3484 Avgldx64 - ok
22:38:21.0808 3484 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
22:38:21.0808 3484 Avgmfx64 - ok
22:38:21.0823 3484 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
22:38:21.0823 3484 Avgrkx64 - ok
22:38:21.0855 3484 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
22:38:21.0855 3484 Avgtdia - ok
22:38:21.0948 3484 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
22:38:21.0979 3484 avgwd - ok
22:38:22.0042 3484 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:38:22.0042 3484 AxInstSV - ok
22:38:22.0104 3484 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:38:22.0120 3484 b06bdrv - ok
22:38:22.0151 3484 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:38:22.0151 3484 b57nd60a - ok
22:38:22.0198 3484 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:38:22.0198 3484 BDESVC - ok
22:38:22.0198 3484 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:38:22.0198 3484 Beep - ok
22:38:22.0276 3484 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
22:38:22.0291 3484 BFE - ok
22:38:22.0338 3484 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
22:38:22.0354 3484 BITS - ok
22:38:22.0401 3484 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:38:22.0416 3484 blbdrive - ok
22:38:22.0447 3484 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:38:22.0447 3484 bowser - ok
22:38:22.0479 3484 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:38:22.0494 3484 BrFiltLo - ok
22:38:22.0510 3484 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:38:22.0510 3484 BrFiltUp - ok
22:38:22.0541 3484 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:38:22.0557 3484 Browser - ok
22:38:22.0572 3484 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:38:22.0588 3484 Brserid - ok
22:38:22.0603 3484 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:38:22.0603 3484 BrSerWdm - ok
22:38:22.0619 3484 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:38:22.0619 3484 BrUsbMdm - ok
22:38:22.0619 3484 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:38:22.0619 3484 BrUsbSer - ok
22:38:22.0635 3484 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:38:22.0650 3484 BTHMODEM - ok
22:38:22.0666 3484 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:38:22.0666 3484 bthserv - ok
22:38:22.0681 3484 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:38:22.0681 3484 cdfs - ok
22:38:22.0728 3484 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:38:22.0728 3484 cdrom - ok
22:38:22.0775 3484 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:38:22.0775 3484 CertPropSvc - ok
22:38:22.0791 3484 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:38:22.0791 3484 circlass - ok
22:38:22.0822 3484 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:38:22.0822 3484 CLFS - ok
22:38:22.0869 3484 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:38:22.0869 3484 clr_optimization_v2.0.50727_32 - ok
22:38:22.0900 3484 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:38:22.0915 3484 clr_optimization_v2.0.50727_64 - ok
22:38:22.0978 3484 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:38:22.0993 3484 clr_optimization_v4.0.30319_32 - ok
22:38:23.0009 3484 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:38:23.0025 3484 clr_optimization_v4.0.30319_64 - ok
22:38:23.0040 3484 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:38:23.0040 3484 CmBatt - ok
22:38:23.0071 3484 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:38:23.0071 3484 cmdide - ok
22:38:23.0149 3484 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
22:38:23.0149 3484 CNG - ok
22:38:23.0165 3484 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:38:23.0181 3484 Compbatt - ok
22:38:23.0212 3484 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:38:23.0212 3484 CompositeBus - ok
22:38:23.0227 3484 COMSysApp - ok
22:38:23.0243 3484 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:38:23.0243 3484 crcdisk - ok
22:38:23.0337 3484 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
22:38:23.0415 3484 Creative ALchemy AL6 Licensing Service - ok
22:38:23.0430 3484 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
22:38:23.0461 3484 Creative Audio Engine Licensing Service - ok
22:38:23.0493 3484 Creative Media Toolbox 6 Licensing Service (d03466c36ef0e5c7694ff38b45271d9d) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
22:38:23.0539 3484 Creative Media Toolbox 6 Licensing Service - ok
22:38:23.0586 3484 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
22:38:23.0633 3484 CryptSvc - ok
22:38:23.0711 3484 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
22:38:23.0711 3484 CSC - ok
22:38:23.0773 3484 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
22:38:23.0773 3484 CscService - ok
22:38:23.0883 3484 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
22:38:23.0929 3484 CTAudSvcService - ok
22:38:24.0007 3484 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:38:24.0023 3484 DcomLaunch - ok
22:38:24.0039 3484 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:38:24.0054 3484 defragsvc - ok
22:38:24.0117 3484 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:38:24.0117 3484 DfsC - ok
22:38:24.0148 3484 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:38:24.0163 3484 Dhcp - ok
22:38:24.0179 3484 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:38:24.0195 3484 discache - ok
22:38:24.0210 3484 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:38:24.0210 3484 Disk - ok
22:38:24.0241 3484 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:38:24.0241 3484 Dnscache - ok
22:38:24.0288 3484 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:38:24.0304 3484 dot3svc - ok
22:38:24.0335 3484 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:38:24.0335 3484 DPS - ok
22:38:24.0351 3484 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:38:24.0351 3484 drmkaud - ok
22:38:24.0429 3484 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:38:24.0429 3484 DXGKrnl - ok
22:38:24.0460 3484 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:38:24.0460 3484 EapHost - ok
22:38:24.0663 3484 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:38:24.0756 3484 ebdrv - ok
22:38:24.0865 3484 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:38:24.0865 3484 EFS - ok
22:38:24.0959 3484 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:38:24.0959 3484 ehRecvr - ok
22:38:24.0990 3484 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:38:25.0006 3484 ehSched - ok
22:38:25.0115 3484 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:38:25.0115 3484 elxstor - ok
22:38:25.0162 3484 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:38:25.0162 3484 ErrDev - ok
22:38:25.0209 3484 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:38:25.0224 3484 EventSystem - ok
22:38:25.0255 3484 EvoMouseDriverFilterHidUsb (d3b9937ec5e63246907df01cedb4e081) C:\Windows\system32\DRIVERS\EvoMouseDriverFilterHidUsb.sys
22:38:25.0302 3484 EvoMouseDriverFilterHidUsb - ok
22:38:25.0333 3484 EvoMouseDriverMini (ec0fe22eb2f3b32e046e01496b88d523) C:\Windows\system32\drivers\EvoMouseDriverMini.sys
22:38:25.0365 3484 EvoMouseDriverMini - ok
22:38:25.0396 3484 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:38:25.0411 3484 exfat - ok
22:38:25.0427 3484 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:38:25.0443 3484 fastfat - ok
22:38:25.0521 3484 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:38:25.0521 3484 Fax - ok
22:38:25.0552 3484 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:38:25.0552 3484 fdc - ok
22:38:25.0567 3484 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:38:25.0567 3484 fdPHost - ok
22:38:25.0583 3484 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:38:25.0583 3484 FDResPub - ok
22:38:25.0614 3484 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:38:25.0614 3484 FileInfo - ok
22:38:25.0614 3484 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:38:25.0630 3484 Filetrace - ok
22:38:25.0645 3484 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:38:25.0645 3484 flpydisk - ok
22:38:25.0677 3484 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:38:25.0677 3484 FltMgr - ok
22:38:25.0755 3484 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:38:25.0786 3484 FontCache - ok
22:38:25.0864 3484 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:38:25.0864 3484 FontCache3.0.0.0 - ok
22:38:25.0911 3484 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:38:25.0911 3484 FsDepends - ok
22:38:25.0942 3484 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:38:25.0942 3484 Fs_Rec - ok
22:38:25.0989 3484 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:38:25.0989 3484 fvevol - ok
22:38:26.0020 3484 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:38:26.0035 3484 gagp30kx - ok
22:38:26.0098 3484 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:38:26.0098 3484 gpsvc - ok
22:38:26.0129 3484 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:38:26.0129 3484 hcw85cir - ok
22:38:26.0191 3484 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:38:26.0191 3484 HdAudAddService - ok
22:38:26.0223 3484 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:38:26.0238 3484 HDAudBus - ok
22:38:26.0254 3484 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:38:26.0254 3484 HidBatt - ok
22:38:26.0269 3484 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:38:26.0269 3484 HidBth - ok
22:38:26.0285 3484 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:38:26.0285 3484 HidIr - ok
22:38:26.0301 3484 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:38:26.0301 3484 hidserv - ok
22:38:26.0332 3484 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:38:26.0347 3484 HidUsb - ok
22:38:26.0363 3484 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:38:26.0379 3484 hkmsvc - ok
22:38:26.0410 3484 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:38:26.0425 3484 HomeGroupListener - ok
22:38:26.0441 3484 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:38:26.0441 3484 HomeGroupProvider - ok
22:38:26.0472 3484 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:38:26.0472 3484 HpSAMD - ok
22:38:26.0519 3484 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:38:26.0535 3484 HTTP - ok
22:38:26.0566 3484 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:38:26.0566 3484 hwpolicy - ok
22:38:26.0581 3484 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:38:26.0581 3484 i8042prt - ok
22:38:26.0613 3484 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:38:26.0613 3484 iaStorV - ok
22:38:26.0722 3484 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:38:26.0722 3484 idsvc - ok
22:38:26.0753 3484 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:38:26.0753 3484 iirsp - ok
22:38:26.0831 3484 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:38:26.0847 3484 IKEEXT - ok
22:38:26.0862 3484 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:38:26.0862 3484 intelide - ok
22:38:26.0925 3484 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:38:26.0925 3484 intelppm - ok
22:38:26.0956 3484 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:38:26.0956 3484 IPBusEnum - ok
22:38:27.0003 3484 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:38:27.0003 3484 IpFilterDriver - ok
22:38:27.0081 3484 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
22:38:27.0096 3484 iphlpsvc - ok
22:38:27.0127 3484 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:38:27.0127 3484 IPMIDRV - ok
22:38:27.0159 3484 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:38:27.0159 3484 IPNAT - ok
22:38:27.0190 3484 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:38:27.0190 3484 IRENUM - ok
22:38:27.0205 3484 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:38:27.0205 3484 isapnp - ok
22:38:27.0237 3484 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:38:27.0237 3484 iScsiPrt - ok
22:38:27.0252 3484 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
22:38:27.0252 3484 kbdclass - ok
22:38:27.0315 3484 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
22:38:27.0330 3484 kbdhid - ok
22:38:27.0361 3484 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:38:27.0361 3484 KeyIso - ok
22:38:27.0393 3484 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
22:38:27.0393 3484 KSecDD - ok
22:38:27.0424 3484 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
22:38:27.0424 3484 KSecPkg - ok
22:38:27.0455 3484 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:38:27.0455 3484 ksthunk - ok
22:38:27.0486 3484 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:38:27.0486 3484 KtmRm - ok
22:38:27.0549 3484 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
22:38:27.0549 3484 LanmanServer - ok
22:38:27.0580 3484 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:38:27.0595 3484 LanmanWorkstation - ok
22:38:27.0627 3484 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:38:27.0627 3484 lltdio - ok
22:38:27.0642 3484 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:38:27.0658 3484 lltdsvc - ok
22:38:27.0658 3484 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:38:27.0673 3484 lmhosts - ok
22:38:27.0705 3484 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:38:27.0705 3484 LSI_FC - ok
22:38:27.0720 3484 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:38:27.0720 3484 LSI_SAS - ok
22:38:27.0736 3484 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:38:27.0736 3484 LSI_SAS2 - ok
22:38:27.0751 3484 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:38:27.0751 3484 LSI_SCSI - ok
22:38:27.0783 3484 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:38:27.0783 3484 luafv - ok
22:38:27.0829 3484 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:38:27.0829 3484 Mcx2Svc - ok
22:38:27.0845 3484 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:38:27.0845 3484 megasas - ok
22:38:27.0876 3484 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:38:27.0876 3484 MegaSR - ok
22:38:27.0892 3484 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:38:27.0892 3484 MMCSS - ok
22:38:27.0892 3484 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:38:27.0907 3484 Modem - ok
22:38:27.0939 3484 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:38:27.0939 3484 monitor - ok
22:38:28.0001 3484 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:38:28.0001 3484 mouclass - ok
22:38:28.0032 3484 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:38:28.0032 3484 mouhid - ok
22:38:28.0063 3484 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:38:28.0063 3484 mountmgr - ok
22:38:28.0204 3484 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:38:28.0204 3484 MozillaMaintenance - ok
22:38:28.0235 3484 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:38:28.0251 3484 mpio - ok
22:38:28.0266 3484 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:38:28.0266 3484 mpsdrv - ok
22:38:28.0344 3484 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
22:38:28.0360 3484 MpsSvc - ok
22:38:28.0407 3484 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:38:28.0407 3484 MRxDAV - ok
22:38:28.0453 3484 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:38:28.0453 3484 mrxsmb - ok
22:38:28.0469 3484 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:38:28.0485 3484 mrxsmb10 - ok
22:38:28.0500 3484 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:38:28.0500 3484 mrxsmb20 - ok
22:38:28.0531 3484 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:38:28.0531 3484 msahci - ok
22:38:28.0563 3484 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:38:28.0563 3484 msdsm - ok
22:38:28.0594 3484 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:38:28.0594 3484 MSDTC - ok
22:38:28.0625 3484 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:38:28.0625 3484 Msfs - ok
22:38:28.0625 3484 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:38:28.0625 3484 mshidkmdf - ok
22:38:28.0656 3484 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:38:28.0656 3484 msisadrv - ok
22:38:28.0687 3484 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:38:28.0687 3484 MSiSCSI - ok
22:38:28.0703 3484 msiserver - ok
22:38:28.0719 3484 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:38:28.0719 3484 MSKSSRV - ok
22:38:28.0734 3484 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:38:28.0734 3484 MSPCLOCK - ok
22:38:28.0734 3484 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:38:28.0734 3484 MSPQM - ok
22:38:28.0781 3484 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:38:28.0797 3484 MsRPC - ok
22:38:28.0797 3484 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:38:28.0797 3484 mssmbios - ok
22:38:28.0812 3484 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:38:28.0812 3484 MSTEE - ok
22:38:28.0812 3484 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:38:28.0812 3484 MTConfig - ok
22:38:28.0828 3484 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:38:28.0828 3484 Mup - ok
22:38:28.0859 3484 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:38:28.0875 3484 napagent - ok
22:38:28.0906 3484 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:38:28.0906 3484 NativeWifiP - ok
22:38:28.0953 3484 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:38:28.0968 3484 NDIS - ok
22:38:28.0984 3484 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:38:28.0984 3484 NdisCap - ok
22:38:28.0999 3484 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:38:29.0015 3484 NdisTapi - ok
22:38:29.0046 3484 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:38:29.0046 3484 Ndisuio - ok
22:38:29.0093 3484 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:38:29.0093 3484 NdisWan - ok
22:38:29.0124 3484 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:38:29.0124 3484 NDProxy - ok
22:38:29.0171 3484 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:38:29.0171 3484 NetBIOS - ok
22:38:29.0202 3484 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:38:29.0218 3484 NetBT - ok
22:38:29.0233 3484 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:38:29.0249 3484 Netlogon - ok
22:38:29.0296 3484 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:38:29.0311 3484 Netman - ok
22:38:29.0343 3484 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:38:29.0358 3484 netprofm - ok
22:38:29.0436 3484 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:38:29.0436 3484 NetTcpPortSharing - ok
22:38:29.0467 3484 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:38:29.0467 3484 nfrd960 - ok
22:38:29.0530 3484 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:38:29.0545 3484 NlaSvc - ok
22:38:29.0561 3484 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:38:29.0561 3484 Npfs - ok
22:38:29.0592 3484 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:38:29.0592 3484 nsi - ok
22:38:29.0608 3484 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:38:29.0608 3484 nsiproxy - ok
22:38:29.0701 3484 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:38:29.0733 3484 Ntfs - ok
22:38:29.0811 3484 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:38:29.0811 3484 Null - ok
22:38:29.0857 3484 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:38:29.0857 3484 nvraid - ok
22:38:29.0889 3484 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:38:29.0904 3484 nvstor - ok
22:38:29.0935 3484 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:38:29.0935 3484 nv_agp - ok
22:38:29.0951 3484 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:38:29.0951 3484 ohci1394 - ok
22:38:29.0998 3484 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:38:30.0013 3484 ose - ok
22:38:30.0325 3484 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:38:30.0419 3484 osppsvc - ok
22:38:30.0497 3484 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:38:30.0513 3484 p2pimsvc - ok
22:38:30.0528 3484 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:38:30.0544 3484 p2psvc - ok
22:38:30.0591 3484 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:38:30.0591 3484 Parport - ok
22:38:30.0637 3484 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:38:30.0637 3484 partmgr - ok
22:38:30.0669 3484 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:38:30.0669 3484 PcaSvc - ok
22:38:30.0715 3484 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:38:30.0715 3484 pci - ok
22:38:30.0731 3484 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:38:30.0731 3484 pciide - ok
22:38:30.0762 3484 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:38:30.0762 3484 pcmcia - ok
22:38:30.0778 3484 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:38:30.0778 3484 pcw - ok
22:38:30.0809 3484 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:38:30.0809 3484 PEAUTH - ok
22:38:30.0903 3484 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
22:38:30.0918 3484 PeerDistSvc - ok
22:38:30.0996 3484 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:38:30.0996 3484 PerfHost - ok
22:38:31.0137 3484 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:38:31.0168 3484 pla - ok
22:38:31.0246 3484 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:38:31.0246 3484 PlugPlay - ok
22:38:31.0277 3484 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:38:31.0293 3484 PNRPAutoReg - ok
22:38:31.0324 3484 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:38:31.0324 3484 PNRPsvc - ok
22:38:31.0386 3484 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:38:31.0386 3484 PolicyAgent - ok
22:38:31.0417 3484 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:38:31.0433 3484 Power - ok
22:38:31.0495 3484 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:38:31.0495 3484 PptpMiniport - ok
22:38:31.0527 3484 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:38:31.0527 3484 Processor - ok
22:38:31.0573 3484 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
22:38:31.0667 3484 ProfSvc - ok
22:38:31.0714 3484 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:38:31.0714 3484 ProtectedStorage - ok
22:38:31.0761 3484 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:38:31.0776 3484 Psched - ok
22:38:31.0885 3484 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:38:31.0917 3484 ql2300 - ok
22:38:32.0010 3484 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:38:32.0026 3484 ql40xx - ok
22:38:32.0057 3484 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:38:32.0073 3484 QWAVE - ok
22:38:32.0088 3484 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:38:32.0088 3484 QWAVEdrv - ok
22:38:32.0104 3484 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:38:32.0104 3484 RasAcd - ok
22:38:32.0135 3484 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:38:32.0135 3484 RasAgileVpn - ok
22:38:32.0151 3484 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:38:32.0151 3484 RasAuto - ok
22:38:32.0197 3484 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:38:32.0197 3484 Rasl2tp - ok
22:38:32.0244 3484 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:38:32.0291 3484 RasMan - ok
22:38:32.0322 3484 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:38:32.0322 3484 RasPppoe - ok
22:38:32.0353 3484 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:38:32.0353 3484 RasSstp - ok
22:38:32.0385 3484 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:38:32.0385 3484 rdbss - ok
22:38:32.0400 3484 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:38:32.0416 3484 rdpbus - ok
22:38:32.0416 3484 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:38:32.0416 3484 RDPCDD - ok
22:38:32.0463 3484 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
22:38:32.0463 3484 RDPDR - ok
22:38:32.0478 3484 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:38:32.0478 3484 RDPENCDD - ok
22:38:32.0494 3484 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:38:32.0494 3484 RDPREFMP - ok
22:38:32.0525 3484 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
22:38:32.0556 3484 RDPWD - ok
22:38:32.0619 3484 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:38:32.0619 3484 rdyboost - ok
22:38:32.0650 3484 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:38:32.0665 3484 RemoteAccess - ok
22:38:32.0697 3484 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:38:32.0712 3484 RemoteRegistry - ok
22:38:32.0743 3484 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:38:32.0743 3484 RpcEptMapper - ok
22:38:32.0759 3484 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:38:32.0759 3484 RpcLocator - ok
22:38:32.0821 3484 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:38:32.0837 3484 RpcSs - ok
22:38:32.0868 3484 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:38:32.0868 3484 rspndr - ok
22:38:32.0931 3484 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
22:38:32.0946 3484 RTL8167 - ok
22:38:32.0962 3484 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
22:38:32.0962 3484 s3cap - ok
22:38:33.0009 3484 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:38:33.0009 3484 SamSs - ok
22:38:33.0024 3484 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:38:33.0024 3484 sbp2port - ok
22:38:33.0149 3484 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
22:38:33.0196 3484 SBSDWSCService - ok
22:38:33.0243 3484 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:38:33.0243 3484 SCardSvr - ok
22:38:33.0305 3484 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:38:33.0305 3484 scfilter - ok
22:38:33.0383 3484 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:38:33.0414 3484 Schedule - ok
22:38:33.0461 3484 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:38:33.0461 3484 SCPolicySvc - ok
22:38:33.0477 3484 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:38:33.0492 3484 SDRSVC - ok
22:38:33.0523 3484 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:38:33.0539 3484 secdrv - ok
22:38:33.0570 3484 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:38:33.0617 3484 seclogon - ok
22:38:33.0633 3484 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:38:33.0648 3484 SENS - ok
22:38:33.0648 3484 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:38:33.0664 3484 SensrSvc - ok
22:38:33.0679 3484 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:38:33.0679 3484 Serenum - ok
22:38:33.0711 3484 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:38:33.0711 3484 Serial - ok
22:38:33.0726 3484 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:38:33.0726 3484 sermouse - ok
22:38:33.0773 3484 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:38:33.0773 3484 SessionEnv - ok
22:38:33.0789 3484 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:38:33.0789 3484 sffdisk - ok
22:38:33.0804 3484 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:38:33.0804 3484 sffp_mmc - ok
22:38:33.0820 3484 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:38:33.0820 3484 sffp_sd - ok
22:38:33.0835 3484 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:38:33.0835 3484 sfloppy - ok
22:38:33.0913 3484 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:38:33.0929 3484 SharedAccess - ok
22:38:33.0960 3484 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:38:33.0960 3484 ShellHWDetection - ok
22:38:33.0976 3484 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:38:33.0991 3484 SiSRaid2 - ok
22:38:33.0991 3484 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:38:34.0007 3484 SiSRaid4 - ok
22:38:34.0023 3484 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:38:34.0023 3484 Smb - ok
22:38:34.0054 3484 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:38:34.0069 3484 SNMPTRAP - ok
22:38:34.0069 3484 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:38:34.0069 3484 spldr - ok
22:38:34.0101 3484 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:38:34.0116 3484 Spooler - ok
22:38:34.0288 3484 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:38:34.0366 3484 sppsvc - ok
22:38:34.0444 3484 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:38:34.0459 3484 sppuinotify - ok
22:38:34.0522 3484 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:38:34.0522 3484 srv - ok
22:38:34.0569 3484 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:38:34.0584 3484 srv2 - ok
22:38:34.0600 3484 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:38:34.0600 3484 srvnet - ok
22:38:34.0631 3484 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:38:34.0631 3484 SSDPSRV - ok
22:38:34.0662 3484 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:38:34.0709 3484 SstpSvc - ok
22:38:34.0725 3484 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:38:34.0740 3484 stexstor - ok
22:38:34.0803 3484 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:38:34.0803 3484 stisvc - ok
22:38:34.0834 3484 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
22:38:34.0834 3484 storflt - ok
22:38:34.0849 3484 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
22:38:34.0849 3484 StorSvc - ok
22:38:34.0849 3484 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
22:38:34.0865 3484 storvsc - ok
22:38:34.0865 3484 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:38:34.0865 3484 swenum - ok
22:38:34.0896 3484 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:38:34.0927 3484 swprv - ok
22:38:35.0037 3484 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:38:35.0068 3484 SysMain - ok
22:38:35.0239 3484 t3 (6b153e518dbe6ef59191152e1ecf7ed4) C:\Windows\system32\drivers\t3.sys
22:38:35.0239 3484 t3 - ok
22:38:35.0286 3484 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:38:35.0286 3484 TabletInputService - ok
22:38:35.0333 3484 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:38:35.0364 3484 TapiSrv - ok
22:38:35.0380 3484 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:38:35.0395 3484 TBS - ok
22:38:35.0505 3484 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:38:35.0551 3484 Tcpip - ok
22:38:35.0740 3484 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:38:35.0755 3484 TCPIP6 - ok
22:38:35.0849 3484 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:38:35.0849 3484 tcpipreg - ok
22:38:35.0880 3484 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:38:35.0880 3484 TDPIPE - ok
22:38:35.0911 3484 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:38:35.0911 3484 TDTCP - ok
22:38:35.0958 3484 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:38:35.0974 3484 tdx - ok
22:38:36.0005 3484 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:38:36.0005 3484 TermDD - ok
22:38:36.0052 3484 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:38:36.0067 3484 TermService - ok
22:38:36.0083 3484 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:38:36.0098 3484 Themes - ok
22:38:36.0161 3484 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:38:36.0161 3484 THREADORDER - ok
22:38:36.0192 3484 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:38:36.0208 3484 TrkWks - ok
22:38:36.0270 3484 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:38:36.0270 3484 TrustedInstaller - ok
22:38:36.0332 3484 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:38:36.0332 3484 tssecsrv - ok
22:38:36.0379 3484 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:38:36.0395 3484 TsUsbFlt - ok
22:38:36.0442 3484 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:38:36.0442 3484 tunnel - ok
22:38:36.0473 3484 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:38:36.0473 3484 uagp35 - ok
22:38:36.0504 3484 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:38:36.0520 3484 udfs - ok
22:38:36.0535 3484 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:38:36.0535 3484 UI0Detect - ok
22:38:36.0582 3484 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:38:36.0582 3484 uliagpkx - ok
22:38:36.0598 3484 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:38:36.0598 3484 umbus - ok
22:38:36.0629 3484 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:38:36.0629 3484 UmPass - ok
22:38:36.0660 3484 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
22:38:36.0660 3484 UmRdpService - ok
22:38:36.0691 3484 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:38:36.0691 3484 upnphost - ok
22:38:36.0707 3484 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:38:36.0707 3484 usbccgp - ok
22:38:36.0738 3484 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:38:36.0738 3484 usbcir - ok
22:38:36.0769 3484 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
22:38:36.0769 3484 usbehci - ok
22:38:36.0785 3484 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:38:36.0785 3484 usbhub - ok
22:38:36.0800 3484 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
22:38:36.0800 3484 usbohci - ok
22:38:36.0832 3484 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:38:36.0832 3484 usbprint - ok
22:38:36.0847 3484 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:38:36.0847 3484 usbscan - ok
22:38:36.0863 3484 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:38:36.0863 3484 USBSTOR - ok
22:38:36.0878 3484 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:38:36.0894 3484 usbuhci - ok
22:38:36.0910 3484 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:38:36.0910 3484 UxSms - ok
22:38:36.0941 3484 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:38:36.0941 3484 VaultSvc - ok
22:38:37.0003 3484 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:38:37.0003 3484 vdrvroot - ok
22:38:37.0050 3484 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:38:37.0066 3484 vds - ok
22:38:37.0097 3484 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:38:37.0097 3484 vga - ok
22:38:37.0097 3484 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:38:37.0112 3484 VgaSave - ok
22:38:37.0128 3484 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:38:37.0128 3484 vhdmp - ok
22:38:37.0144 3484 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:38:37.0144 3484 viaide - ok
22:38:37.0144 3484 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
22:38:37.0144 3484 vmbus - ok
22:38:37.0159 3484 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
22:38:37.0159 3484 VMBusHID - ok
22:38:37.0175 3484 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:38:37.0175 3484 volmgr - ok
22:38:37.0222 3484 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:38:37.0222 3484 volmgrx - ok
22:38:37.0237 3484 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:38:37.0253 3484 volsnap - ok
22:38:37.0284 3484 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:38:37.0284 3484 vsmraid - ok
22:38:37.0346 3484 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:38:37.0378 3484 VSS - ok
22:38:37.0424 3484 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
22:38:37.0424 3484 vwifibus - ok
22:38:37.0456 3484 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:38:37.0471 3484 W32Time - ok
22:38:37.0471 3484 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:38:37.0487 3484 WacomPen - ok
22:38:37.0534 3484 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:38:37.0534 3484 WANARP - ok
22:38:37.0549 3484 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:38:37.0549 3484 Wanarpv6 - ok
22:38:37.0658 3484 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:38:37.0690 3484 WatAdminSvc - ok
22:38:37.0799 3484 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:38:37.0830 3484 wbengine - ok
22:38:37.0924 3484 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:38:37.0939 3484 WbioSrvc - ok
22:38:37.0986 3484 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:38:37.0986 3484 wcncsvc - ok
22:38:38.0017 3484 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:38:38.0017 3484 WcsPlugInService - ok
22:38:38.0033 3484 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:38:38.0048 3484 Wd - ok
22:38:38.0080 3484 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:38:38.0095 3484 Wdf01000 - ok
22:38:38.0126 3484 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:38:38.0126 3484 WdiServiceHost - ok
22:38:38.0126 3484 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:38:38.0142 3484 WdiSystemHost - ok
22:38:38.0173 3484 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:38:38.0189 3484 WebClient - ok
22:38:38.0204 3484 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:38:38.0204 3484 Wecsvc - ok
22:38:38.0220 3484 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:38:38.0236 3484 wercplsupport - ok
22:38:38.0251 3484 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:38:38.0267 3484 WerSvc - ok
22:38:38.0314 3484 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:38:38.0314 3484 WfpLwf - ok
22:38:38.0329 3484 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:38:38.0329 3484 WIMMount - ok
22:38:38.0360 3484 WinDefend - ok
22:38:38.0376 3484 WinHttpAutoProxySvc - ok
22:38:38.0438 3484 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:38:38.0454 3484 Winmgmt - ok
22:38:38.0579 3484 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:38:38.0626 3484 WinRM - ok
22:38:38.0750 3484 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:38:38.0766 3484 Wlansvc - ok
22:38:38.0953 3484 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:38:39.0016 3484 wlidsvc - ok
22:38:39.0078 3484 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:38:39.0094 3484 WmiAcpi - ok
22:38:39.0156 3484 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:38:39.0156 3484 wmiApSrv - ok
22:38:39.0172 3484 WMPNetworkSvc - ok
22:38:39.0218 3484 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:38:39.0218 3484 WPCSvc - ok
22:38:39.0265 3484 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:38:39.0265 3484 WPDBusEnum - ok
22:38:39.0296 3484 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:38:39.0312 3484 ws2ifsl - ok
22:38:39.0328 3484 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
22:38:39.0328 3484 wscsvc - ok
22:38:39.0343 3484 WSearch - ok
22:38:39.0484 3484 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:38:39.0562 3484 wuauserv - ok
22:38:39.0671 3484 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:38:39.0686 3484 WudfPf - ok
22:38:39.0718 3484 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:38:39.0733 3484 WUDFRd - ok
22:38:39.0764 3484 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:38:39.0780 3484 wudfsvc - ok
22:38:39.0811 3484 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:38:39.0827 3484 WwanSvc - ok
22:38:39.0858 3484 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:38:40.0139 3484 \Device\Harddisk0\DR0 - ok
22:38:40.0139 3484 Boot (0x1200) (a0fa9d8bf44867487850e003522734d9) \Device\Harddisk0\DR0\Partition0
22:38:40.0154 3484 \Device\Harddisk0\DR0\Partition0 - ok
22:38:40.0170 3484 Boot (0x1200) (017620f60bddac3c8382f83456e611b2) \Device\Harddisk0\DR0\Partition1
22:38:40.0186 3484 \Device\Harddisk0\DR0\Partition1 - ok
22:38:40.0186 3484 ============================================================
22:38:40.0186 3484 Scan finished
22:38:40.0186 3484 ============================================================
22:38:40.0201 0560 Detected object count: 0
22:38:40.0201 0560 Actual detected object count: 0




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-17 22:42:31
-----------------------------
22:42:31.786 OS Version: Windows x64 6.1.7601 Service Pack 1
22:42:31.786 Number of processors: 2 586 0x602
22:42:31.786 ComputerName: MYCOMPUTER UserName: User
22:42:32.644 Initialize success
22:46:28.079 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:46:28.079 Disk 0 Vendor: ST3320418AS CC45 Size: 305245MB BusType: 3
22:46:28.094 Disk 0 MBR read successfully
22:46:28.094 Disk 0 MBR scan
22:46:28.110 Disk 0 Windows 7 default MBR code
22:46:28.125 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:46:28.125 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
22:46:28.141 Disk 0 scanning C:\Windows\system32\drivers
22:46:35.099 Service scanning
22:46:47.891 Modules scanning
22:46:47.906 Disk 0 trace - called modules:
22:46:47.922 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
22:46:47.922 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80024c1530]
22:46:47.937 3 CLASSPNP.SYS[fffff8800196d43f] -> nt!IofCallDriver -> [0xfffffa8002040520]
22:46:47.953 5 ACPI.sys[fffff88000f8a7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002287060]
22:46:47.953 Scan finished successfully
22:47:06.938 Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
22:47:06.938 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"




C:\Users\User\AppData\Local\{5A1D5326-CAE6-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\User\Documents\Downloads\New folder\Setup_FreeConverter(2).exe Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\User\Downloads\7zip_installer_1650.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\User\Downloads\SoftonicDownloader_for_photofiltre.exe Win32/SoftonicDownloader.D application cleaned by deleting - quarantined
C:\Users\User\Downloads\New folder\WAVtoMP3Converter.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 PM

Posted 18 July 2012 - 12:44 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#5 auntna

auntna
  • Topic Starter

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Pennsylvania
  • Local time:12:19 AM

Posted 18 July 2012 - 08:27 AM

Malwarebytes did not find anything so I didn't even do the second scan. Here are the other two log reports.

MiniToolBox by Farbar Version: 15-07-2012
Ran by User (administrator) on 18-07-2012 at 09:11:01
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15193 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MyComputer
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-25-64-D3-37-7F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c165:f0c5:a523:6647%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.64(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, July 18, 2012 7:49:48 AM
Lease Expires . . . . . . . . . . : Thursday, July 19, 2012 7:49:48 AM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 234890596
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-07-A2-AD-00-25-64-D3-37-7F
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{A7C81C8D-1CBA-4397-803D-517E8FF617E5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:d6:4db:3f57:febf(Preferred)
Link-local IPv6 Address . . . . . : fe80::d6:4db:3f57:febf%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4004:803::1003
74.125.228.101
74.125.228.102
74.125.228.103
74.125.228.104
74.125.228.105
74.125.228.110
74.125.228.96
74.125.228.97
74.125.228.98
74.125.228.99
74.125.228.100


Pinging google.com [74.125.228.110] with 32 bytes of data:
Reply from 74.125.228.110: bytes=32 time=31ms TTL=55
Reply from 74.125.228.110: bytes=32 time=31ms TTL=55

Ping statistics for 74.125.228.110:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 31ms, Average = 31ms
Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=141ms TTL=51
Reply from 98.139.183.24: bytes=32 time=58ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 58ms, Maximum = 141ms, Average = 99ms
Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 25 64 d3 37 7f ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.64 276
192.168.1.64 255.255.255.255 On-link 192.168.1.64 276
192.168.1.255 255.255.255.255 On-link 192.168.1.64 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.64 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.64 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:4137:9e76:d6:4db:3f57:febf/128
On-link
10 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::d6:4db:3f57:febf/128
On-link
10 276 fe80::c165:f0c5:a523:6647/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/17/2012 10:48:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/17/2012 10:48:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/17/2012 04:41:47 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Configuration.Install, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070005

Error: (07/17/2012 10:53:10 AM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Scheduled Checkpoint). Additional information: 0xc0000056.

Error: (07/17/2012 10:33:13 AM) (Source: Application Hang) (User: )
Description: The program Gmail Notifier.exe version 1.0.0.87 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d80

Start Time: 01cd6428b77b1c27

Termination Time: 9

Application Path: C:\Program Files (x86)\Gmail Notifier\Gmail Notifier.exe

Report Id: 5285b69e-d01c-11e1-833f-002564d3377f

Error: (07/17/2012 09:11:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/16/2012 08:46:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/16/2012 08:24:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/15/2012 08:48:14 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/15/2012 07:53:53 AM) (Source: MsiInstaller) (User: MyComputer)MyComputer
Description: Product: The Print Shop 20 -- Error 1706. Installation has been canceled. You may run this installation at a later time.


System errors:
=============
Error: (07/18/2012 07:25:18 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (07/18/2012 00:02:07 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/17/2012 03:45:33 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (07/17/2012 03:44:03 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/17/2012 03:29:17 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (07/17/2012 03:26:32 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/17/2012 02:04:19 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (07/17/2012 01:54:17 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/17/2012 11:57:01 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (07/17/2012 11:56:49 AM) (Source: Service Control Manager) (User: )
Description: The SBSD Security Center Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (07/17/2012 10:48:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (07/17/2012 10:48:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (07/17/2012 04:41:47 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Configuration.Install, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070005
System.Configuration.Install, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a

Error: (07/17/2012 10:53:10 AM) (Source: System Restore)(User: )
Description: Scheduled Checkpoint0xc0000056

Error: (07/17/2012 10:33:13 AM) (Source: Application Hang)(User: )
Description: Gmail Notifier.exe1.0.0.87d8001cd6428b77b1c279C:\Program Files (x86)\Gmail Notifier\Gmail Notifier.exe5285b69e-d01c-11e1-833f-002564d3377f

Error: (07/17/2012 09:11:42 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (07/16/2012 08:46:16 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (07/16/2012 08:24:09 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (07/15/2012 08:48:14 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (07/15/2012 07:53:53 AM) (Source: MsiInstaller)(User: MyComputer)MyComputer
Description: Product: The Print Shop 20 -- Error 1706. Installation has been canceled. You may run this installation at a later time.(NULL)(NULL)(NULL)(NULL)(NULL)


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Auslogics Disk Defrag (Version: version 3.4)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Canon Easy-WebPrint EX
Canon MP Navigator EX 3.1
Canon MX870 series MP Drivers
Canon MX870 series User Registration
Canon Speed Dial Utility
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Creative ALchemy (Version: 1.41)
Creative Audio Control Panel (Version: 3.00)
Creative Diagnostics (Version: 5.11)
Creative Media Toolbox 6 (Shared Components) (Version: 2.80.12)
Creative Media Toolbox 6 (Version: 6.02)
Creative MediaSource 5 (Version: 5.26)
Creative Software AutoUpdate (Version: 1.40)
Creative Sound Blaster Properties x64 Edition
Creative WaveStudio 7 (Version: 7.12)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Resource CD (Version: 1.00.0000)
Dmailer_Backup_Manager.exe (Version: 1.0.0)
ESET Online Scanner v3
Evoluent Mouse Manager (Version: 3.9.1)
Gmail Notifier
Host OpenAL (Version: 1.00)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mavis Beacon Teaches Typing Platinum 20 (Version: 20.00.0000)
Media Player Classic - Home Cinema v1.5.1.2903 (Version: 1.5.1.2903)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Web Publishing Wizard 1.52
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PhotoFiltre
PhotoScape
Quicken 2006 (Version: 15.1.1.29)
QuickTime (Version: 7.71.80.42)
Revo Uninstaller 1.94 (Version: 1.94)
Sound Blaster X-Fi (Version: 1.0)
Spybot - Search & Destroy (Version: 1.6.2)
swMSM (Version: 12.0.0.1)
The Print Shop 20 (Version: 20.00.0000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Win7codecs (Version: 3.6.0)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 1791.12 MB
Available physical RAM: 765.84 MB
Total Pagefile: 3582.23 MB
Available Pagefile: 2058.96 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.41 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:297.99 GB) (Free:209.52 GB) NTFS

========================= Users: ========================================

User accounts for \\MYCOMPUTER

Administrator ASPNET Guest
User


**** End of log ****



Farbar Service Scanner Version: 08-07-2012
Ran by User (administrator) on 18-07-2012 at 09:23:29
Running from "C:\Users\User\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 PM

Posted 18 July 2012 - 02:58 PM

Do you still have redirects?

Download

adware cleaner

Launch it click on Delete

System should reboot and a log should be generated

post the log contents

#7 auntna

auntna
  • Topic Starter

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Pennsylvania
  • Local time:12:19 AM

Posted 18 July 2012 - 04:00 PM

I have not had any redirects today. A bit of a relief! Another thing though I did not mention is that I have been having trouble with disconnects where I have to reset my modem this past month. I had a couple today. It may be that this modem is going bad or something else. I was thinking of calling the ISP soon if it keeps getting worse.

Here is the log. By the way, AVG tried to quarantine this program but I let it keep the file as good.


# AdwCleaner v1.702 - Logfile created 07/18/2012 at 16:51:30
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : User - MYCOMPUTER
# Running from : C:\Users\User\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Softonic

***** [Registre - GUID] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

*************************

AdwCleaner[R1].txt - [1015 octets] - [18/07/2012 16:49:49]
AdwCleaner[S1].txt - [786 octets] - [18/07/2012 16:51:30]

########## EOF - C:\AdwCleaner[S1].txt - [913 octets] ##########

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 PM

Posted 18 July 2012 - 04:10 PM

I'm not finding any serious infections that could cause modem reset.Contacting ISP would be better.

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 auntna

auntna
  • Topic Starter

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Pennsylvania
  • Local time:12:19 AM

Posted 18 July 2012 - 05:51 PM

Thanks so much. Got everything done! Looking forward to much better internet experience without the redirects. May look to install a different firewall than just using the MS Windows version. One that blocks both ways.

Thanks again! :busy:

Auntna


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 PM

Posted 18 July 2012 - 08:40 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users