Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pestering ad at the bottom right of every site I visit. Also, browser redirection.


  • Please log in to reply
10 replies to this topic

#1 Lorekeeper_Frosty

Lorekeeper_Frosty

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 19 July 2012 - 01:27 PM

Hello! I was wandering if any of you here could assist me in removing a series of ads that appear at the bottom right of my screen. Sometimes, these ads are correlated with the site I'm visiting, other times, they are not. Here are a few screen shots.

http://i.imgur.com/YyTUN.png
http://i.imgur.com/txGBg.jpg
http://i.imgur.com/QXuO2.jpg
http://i.imgur.com/1CkZ1.jpg

This has been going on for the last few months. I'm getting rather annoyed with them and wish them gone. Also, very occasionally, my browser will redirect me to some bogus "Clean my PC now, for FREE!" website and I'll have to click back and continue with my browsing.

If anyone here could assist me in solving one, or both of these issues that would be immensely appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:44 PM

Posted 19 July 2012 - 01:29 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Lorekeeper_Frosty

Lorekeeper_Frosty
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 19 July 2012 - 03:16 PM

13:30:19.0519 2400 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
13:30:19.0884 2400 ============================================================
13:30:19.0884 2400 Current date / time: 2012/07/19 13:30:19.0884
13:30:19.0884 2400 SystemInfo:
13:30:19.0884 2400
13:30:19.0885 2400 OS Version: 6.1.7601 ServicePack: 1.0
13:30:19.0885 2400 Product type: Workstation
13:30:19.0885 2400 ComputerName: RANA-PC
13:30:19.0885 2400 UserName: Rana
13:30:19.0885 2400 Windows directory: C:\Windows
13:30:19.0885 2400 System windows directory: C:\Windows
13:30:19.0885 2400 Running under WOW64
13:30:19.0885 2400 Processor architecture: Intel x64
13:30:19.0885 2400 Number of processors: 4
13:30:19.0885 2400 Page size: 0x1000
13:30:19.0885 2400 Boot type: Normal boot
13:30:19.0885 2400 ============================================================
13:30:20.0172 2400 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:30:20.0175 2400 Drive \Device\Harddisk1\DR1 - Size: 0x746EC00000 (465.73 Gb), SectorSize: 0x200, Cylinders: 0xED7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:30:20.0485 2400 ============================================================
13:30:20.0485 2400 \Device\Harddisk0\DR0:
13:30:20.0485 2400 MBR partitions:
13:30:20.0485 2400 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A7F000
13:30:20.0485 2400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A93000, BlocksNum 0x72C73000
13:30:20.0485 2400 \Device\Harddisk1\DR1:
13:30:20.0486 2400 MBR partitions:
13:30:20.0486 2400 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A375800
13:30:20.0486 2400 ============================================================
13:30:20.0505 2400 C: <-> \Device\Harddisk0\DR0\Partition1
13:30:20.0552 2400 J: <-> \Device\Harddisk1\DR1\Partition0
13:30:20.0552 2400 ============================================================
13:30:20.0552 2400 Initialize success
13:30:20.0552 2400 ============================================================
13:30:57.0842 2644 ============================================================
13:30:57.0842 2644 Scan started
13:30:57.0842 2644 Mode: Manual; TDLFS;
13:30:57.0842 2644 ============================================================
13:30:58.0212 2644 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:30:58.0215 2644 1394ohci - ok
13:30:58.0237 2644 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:30:58.0240 2644 ACPI - ok
13:30:58.0263 2644 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:30:58.0265 2644 AcpiPmi - ok
13:30:58.0358 2644 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:30:58.0359 2644 AdobeARMservice - ok
13:30:58.0381 2644 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:30:58.0385 2644 adp94xx - ok
13:30:58.0397 2644 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:30:58.0402 2644 adpahci - ok
13:30:58.0410 2644 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:30:58.0412 2644 adpu320 - ok
13:30:58.0436 2644 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:30:58.0437 2644 AeLookupSvc - ok
13:30:58.0487 2644 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:30:58.0492 2644 AFD - ok
13:30:58.0508 2644 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:30:58.0510 2644 agp440 - ok
13:30:58.0524 2644 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:30:58.0525 2644 ALG - ok
13:30:58.0527 2644 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:30:58.0528 2644 aliide - ok
13:30:58.0577 2644 AMD External Events Utility (a359974eaac83a435497c52f62a2e590) C:\Windows\system32\atiesrxx.exe
13:30:58.0580 2644 AMD External Events Utility - ok
13:30:58.0590 2644 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:30:58.0591 2644 amdide - ok
13:30:58.0597 2644 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:30:58.0598 2644 AmdK8 - ok
13:30:58.0827 2644 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
13:30:58.0954 2644 amdkmdag - ok
13:30:59.0037 2644 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
13:30:59.0039 2644 amdkmdap - ok
13:30:59.0044 2644 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
13:30:59.0045 2644 AmdPPM - ok
13:30:59.0064 2644 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:30:59.0066 2644 amdsata - ok
13:30:59.0076 2644 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:30:59.0078 2644 amdsbs - ok
13:30:59.0090 2644 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:30:59.0091 2644 amdxata - ok
13:30:59.0115 2644 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:30:59.0117 2644 AppID - ok
13:30:59.0129 2644 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:30:59.0130 2644 AppIDSvc - ok
13:30:59.0138 2644 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:30:59.0139 2644 Appinfo - ok
13:30:59.0236 2644 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:30:59.0237 2644 Apple Mobile Device - ok
13:30:59.0243 2644 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:30:59.0245 2644 arc - ok
13:30:59.0251 2644 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:30:59.0252 2644 arcsas - ok
13:30:59.0573 2644 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:30:59.0574 2644 aspnet_state - ok
13:30:59.0599 2644 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:30:59.0601 2644 AsyncMac - ok
13:30:59.0630 2644 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:30:59.0631 2644 atapi - ok
13:30:59.0678 2644 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
13:30:59.0679 2644 AtiHDAudioService - ok
13:30:59.0706 2644 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:30:59.0712 2644 AudioEndpointBuilder - ok
13:30:59.0716 2644 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:30:59.0719 2644 AudioSrv - ok
13:30:59.0797 2644 AVP (2718dc27571bd1e37813f5759d2dc118) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
13:30:59.0799 2644 AVP - ok
13:30:59.0811 2644 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:30:59.0812 2644 AxInstSV - ok
13:30:59.0832 2644 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:30:59.0838 2644 b06bdrv - ok
13:30:59.0852 2644 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:30:59.0855 2644 b57nd60a - ok
13:30:59.0957 2644 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
13:30:59.0959 2644 BBSvc - ok
13:30:59.0976 2644 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
13:30:59.0977 2644 BBUpdate - ok
13:31:00.0056 2644 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
13:31:00.0068 2644 BCM43XX - ok
13:31:00.0183 2644 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:31:00.0185 2644 BDESVC - ok
13:31:00.0203 2644 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:31:00.0204 2644 Beep - ok
13:31:00.0236 2644 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:31:00.0244 2644 BITS - ok
13:31:00.0266 2644 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:31:00.0267 2644 blbdrive - ok
13:31:00.0323 2644 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:31:00.0325 2644 Bonjour Service - ok
13:31:00.0363 2644 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:31:00.0364 2644 bowser - ok
13:31:00.0375 2644 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:31:00.0377 2644 BrFiltLo - ok
13:31:00.0379 2644 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:31:00.0380 2644 BrFiltUp - ok
13:31:00.0396 2644 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:31:00.0398 2644 Browser - ok
13:31:00.0416 2644 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:31:00.0419 2644 Brserid - ok
13:31:00.0427 2644 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:31:00.0428 2644 BrSerWdm - ok
13:31:00.0432 2644 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:31:00.0432 2644 BrUsbMdm - ok
13:31:00.0437 2644 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:31:00.0438 2644 BrUsbSer - ok
13:31:00.0460 2644 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:31:00.0462 2644 BTHMODEM - ok
13:31:00.0485 2644 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:31:00.0487 2644 bthserv - ok
13:31:00.0501 2644 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:31:00.0503 2644 cdfs - ok
13:31:00.0519 2644 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:31:00.0521 2644 cdrom - ok
13:31:00.0535 2644 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:31:00.0537 2644 CertPropSvc - ok
13:31:00.0546 2644 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:31:00.0547 2644 circlass - ok
13:31:00.0569 2644 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:31:00.0572 2644 CLFS - ok
13:31:00.0612 2644 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:31:00.0614 2644 clr_optimization_v2.0.50727_32 - ok
13:31:00.0656 2644 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:31:00.0658 2644 clr_optimization_v2.0.50727_64 - ok
13:31:00.0692 2644 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:31:00.0694 2644 clr_optimization_v4.0.30319_32 - ok
13:31:00.0730 2644 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:31:00.0731 2644 clr_optimization_v4.0.30319_64 - ok
13:31:00.0734 2644 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
13:31:00.0735 2644 CmBatt - ok
13:31:00.0737 2644 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:31:00.0738 2644 cmdide - ok
13:31:00.0804 2644 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
13:31:00.0807 2644 CNG - ok
13:31:00.0830 2644 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:31:00.0831 2644 Compbatt - ok
13:31:00.0846 2644 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:31:00.0847 2644 CompositeBus - ok
13:31:00.0855 2644 COMSysApp - ok
13:31:00.0864 2644 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:31:00.0865 2644 crcdisk - ok
13:31:00.0910 2644 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
13:31:00.0913 2644 CryptSvc - ok
13:31:00.0935 2644 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:31:00.0940 2644 DcomLaunch - ok
13:31:00.0964 2644 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:31:00.0967 2644 defragsvc - ok
13:31:00.0983 2644 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:31:00.0984 2644 DfsC - ok
13:31:00.0997 2644 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:31:01.0000 2644 Dhcp - ok
13:31:01.0086 2644 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:31:01.0088 2644 discache - ok
13:31:01.0099 2644 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:31:01.0100 2644 Disk - ok
13:31:01.0129 2644 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:31:01.0131 2644 Dnscache - ok
13:31:01.0147 2644 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:31:01.0150 2644 dot3svc - ok
13:31:01.0179 2644 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
13:31:01.0181 2644 dot4 - ok
13:31:01.0195 2644 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:31:01.0196 2644 Dot4Print - ok
13:31:01.0208 2644 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
13:31:01.0210 2644 Dot4Scan - ok
13:31:01.0220 2644 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
13:31:01.0221 2644 dot4usb - ok
13:31:01.0240 2644 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:31:01.0242 2644 DPS - ok
13:31:01.0276 2644 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:31:01.0276 2644 drmkaud - ok
13:31:01.0332 2644 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:31:01.0334 2644 dtsoftbus01 - ok
13:31:01.0367 2644 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:31:01.0372 2644 DXGKrnl - ok
13:31:01.0399 2644 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:31:01.0401 2644 EapHost - ok
13:31:01.0484 2644 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:31:01.0524 2644 ebdrv - ok
13:31:01.0614 2644 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:31:01.0615 2644 EFS - ok
13:31:01.0678 2644 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:31:01.0684 2644 ehRecvr - ok
13:31:01.0707 2644 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:31:01.0709 2644 ehSched - ok
13:31:01.0766 2644 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:31:01.0770 2644 elxstor - ok
13:31:01.0774 2644 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:31:01.0774 2644 ErrDev - ok
13:31:01.0800 2644 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:31:01.0804 2644 EventSystem - ok
13:31:01.0816 2644 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:31:01.0821 2644 exfat - ok
13:31:01.0847 2644 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:31:01.0849 2644 fastfat - ok
13:31:01.0876 2644 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:31:01.0882 2644 Fax - ok
13:31:01.0885 2644 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:31:01.0890 2644 fdc - ok
13:31:01.0910 2644 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:31:01.0910 2644 fdPHost - ok
13:31:01.0914 2644 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:31:01.0915 2644 FDResPub - ok
13:31:01.0923 2644 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:31:01.0924 2644 FileInfo - ok
13:31:01.0933 2644 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:31:01.0934 2644 Filetrace - ok
13:31:02.0015 2644 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:31:02.0024 2644 FLEXnet Licensing Service - ok
13:31:02.0029 2644 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:31:02.0030 2644 flpydisk - ok
13:31:02.0062 2644 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:31:02.0064 2644 FltMgr - ok
13:31:02.0116 2644 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:31:02.0135 2644 FontCache - ok
13:31:02.0179 2644 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:31:02.0180 2644 FontCache3.0.0.0 - ok
13:31:02.0201 2644 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:31:02.0202 2644 FsDepends - ok
13:31:02.0251 2644 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
13:31:02.0252 2644 fssfltr - ok
13:31:02.0342 2644 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:31:02.0374 2644 fsssvc - ok
13:31:02.0454 2644 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:31:02.0454 2644 Fs_Rec - ok
13:31:02.0473 2644 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:31:02.0474 2644 fvevol - ok
13:31:02.0491 2644 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:31:02.0492 2644 gagp30kx - ok
13:31:02.0549 2644 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:31:02.0550 2644 GEARAspiWDM - ok
13:31:02.0578 2644 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:31:02.0584 2644 gpsvc - ok
13:31:02.0617 2644 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
13:31:02.0619 2644 hamachi - ok
13:31:02.0634 2644 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:31:02.0635 2644 hcw85cir - ok
13:31:02.0658 2644 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:31:02.0659 2644 HDAudBus - ok
13:31:02.0672 2644 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:31:02.0674 2644 HidBatt - ok
13:31:02.0678 2644 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:31:02.0679 2644 HidBth - ok
13:31:02.0691 2644 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:31:02.0692 2644 HidIr - ok
13:31:02.0706 2644 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:31:02.0708 2644 hidserv - ok
13:31:02.0732 2644 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:31:02.0732 2644 HidUsb - ok
13:31:02.0749 2644 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:31:02.0750 2644 hkmsvc - ok
13:31:02.0767 2644 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:31:02.0769 2644 HomeGroupListener - ok
13:31:02.0783 2644 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:31:02.0786 2644 HomeGroupProvider - ok
13:31:02.0792 2644 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:31:02.0793 2644 HpSAMD - ok
13:31:02.0827 2644 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:31:02.0834 2644 HTTP - ok
13:31:02.0843 2644 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:31:02.0843 2644 hwpolicy - ok
13:31:02.0860 2644 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:31:02.0861 2644 i8042prt - ok
13:31:02.0892 2644 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
13:31:02.0894 2644 iaStor - ok
13:31:02.0963 2644 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:31:02.0964 2644 IAStorDataMgrSvc - ok
13:31:02.0984 2644 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:31:02.0990 2644 iaStorV - ok
13:31:03.0068 2644 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:31:03.0076 2644 idsvc - ok
13:31:03.0108 2644 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:31:03.0109 2644 iirsp - ok
13:31:03.0187 2644 IJPLMSVC (f82bc30bb2b608af8b5540cdbaea93a6) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
13:31:03.0188 2644 IJPLMSVC - ok
13:31:03.0231 2644 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:31:03.0240 2644 IKEEXT - ok
13:31:03.0271 2644 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
13:31:03.0273 2644 Impcd - ok
13:31:03.0357 2644 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
13:31:03.0367 2644 IntcAzAudAddService - ok
13:31:03.0440 2644 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
13:31:03.0443 2644 IntcDAud - ok
13:31:03.0473 2644 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:31:03.0474 2644 intelide - ok
13:31:03.0491 2644 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:31:03.0493 2644 intelppm - ok
13:31:03.0508 2644 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:31:03.0510 2644 IPBusEnum - ok
13:31:03.0527 2644 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:31:03.0528 2644 IpFilterDriver - ok
13:31:03.0533 2644 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:31:03.0535 2644 IPMIDRV - ok
13:31:03.0541 2644 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:31:03.0543 2644 IPNAT - ok
13:31:03.0605 2644 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
13:31:03.0613 2644 iPod Service - ok
13:31:03.0628 2644 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:31:03.0629 2644 IRENUM - ok
13:31:03.0631 2644 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:31:03.0632 2644 isapnp - ok
13:31:03.0648 2644 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:31:03.0651 2644 iScsiPrt - ok
13:31:03.0684 2644 k57nd60a (12e27942dbb7c91880163634b0d8a776) C:\Windows\system32\DRIVERS\k57nd60a.sys
13:31:03.0688 2644 k57nd60a - ok
13:31:03.0710 2644 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:31:03.0710 2644 kbdclass - ok
13:31:03.0728 2644 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
13:31:03.0729 2644 kbdhid - ok
13:31:03.0754 2644 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:31:03.0755 2644 KeyIso - ok
13:31:03.0804 2644 KL1 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\kl1.sys
13:31:03.0808 2644 KL1 - ok
13:31:03.0811 2644 kl2 (d865dd8b0448e3f963d68c04c532858f) C:\Windows\system32\DRIVERS\kl2.sys
13:31:03.0811 2644 kl2 - ok
13:31:03.0890 2644 KLIF (c7d4f357c482dd37e2b05f34093b7b0c) C:\Windows\system32\DRIVERS\klif.sys
13:31:03.0892 2644 KLIF - ok
13:31:03.0902 2644 KLIM6 (89fb5a33d7171b6d84f5eb721d5055e1) C:\Windows\system32\DRIVERS\klim6.sys
13:31:03.0902 2644 KLIM6 - ok
13:31:03.0908 2644 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
13:31:03.0908 2644 klmouflt - ok
13:31:03.0955 2644 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
13:31:03.0957 2644 KSecDD - ok
13:31:03.0962 2644 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
13:31:03.0964 2644 KSecPkg - ok
13:31:03.0976 2644 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:31:03.0977 2644 ksthunk - ok
13:31:04.0010 2644 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:31:04.0014 2644 KtmRm - ok
13:31:04.0046 2644 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:31:04.0049 2644 LanmanServer - ok
13:31:04.0067 2644 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:31:04.0069 2644 LanmanWorkstation - ok
13:31:04.0094 2644 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:31:04.0095 2644 lltdio - ok
13:31:04.0121 2644 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:31:04.0125 2644 lltdsvc - ok
13:31:04.0135 2644 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:31:04.0137 2644 lmhosts - ok
13:31:04.0175 2644 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:31:04.0177 2644 LSI_FC - ok
13:31:04.0189 2644 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:31:04.0190 2644 LSI_SAS - ok
13:31:04.0195 2644 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:31:04.0197 2644 LSI_SAS2 - ok
13:31:04.0203 2644 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:31:04.0205 2644 LSI_SCSI - ok
13:31:04.0218 2644 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:31:04.0219 2644 luafv - ok
13:31:04.0237 2644 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:31:04.0240 2644 Mcx2Svc - ok
13:31:04.0243 2644 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:31:04.0244 2644 megasas - ok
13:31:04.0262 2644 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:31:04.0265 2644 MegaSR - ok
13:31:04.0288 2644 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
13:31:04.0288 2644 MEIx64 - ok
13:31:04.0296 2644 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:31:04.0297 2644 MMCSS - ok
13:31:04.0301 2644 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:31:04.0302 2644 Modem - ok
13:31:04.0314 2644 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:31:04.0315 2644 monitor - ok
13:31:04.0333 2644 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:31:04.0334 2644 mouclass - ok
13:31:04.0346 2644 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:31:04.0347 2644 mouhid - ok
13:31:04.0356 2644 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:31:04.0357 2644 mountmgr - ok
13:31:04.0365 2644 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:31:04.0367 2644 mpio - ok
13:31:04.0375 2644 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:31:04.0377 2644 mpsdrv - ok
13:31:04.0391 2644 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:31:04.0392 2644 MRxDAV - ok
13:31:04.0421 2644 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:31:04.0423 2644 mrxsmb - ok
13:31:04.0465 2644 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:31:04.0468 2644 mrxsmb10 - ok
13:31:04.0480 2644 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:31:04.0481 2644 mrxsmb20 - ok
13:31:04.0492 2644 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:31:04.0493 2644 msahci - ok
13:31:04.0517 2644 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:31:04.0519 2644 msdsm - ok
13:31:04.0537 2644 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:31:04.0540 2644 MSDTC - ok
13:31:04.0551 2644 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:31:04.0552 2644 Msfs - ok
13:31:04.0562 2644 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:31:04.0563 2644 mshidkmdf - ok
13:31:04.0568 2644 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:31:04.0569 2644 msisadrv - ok
13:31:04.0608 2644 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:31:04.0610 2644 MSiSCSI - ok
13:31:04.0612 2644 msiserver - ok
13:31:04.0639 2644 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:31:04.0640 2644 MSKSSRV - ok
13:31:04.0652 2644 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:31:04.0652 2644 MSPCLOCK - ok
13:31:04.0664 2644 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:31:04.0665 2644 MSPQM - ok
13:31:04.0694 2644 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:31:04.0697 2644 MsRPC - ok
13:31:04.0709 2644 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:31:04.0709 2644 mssmbios - ok
13:31:04.0723 2644 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:31:04.0724 2644 MSTEE - ok
13:31:04.0725 2644 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:31:04.0726 2644 MTConfig - ok
13:31:04.0739 2644 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:31:04.0740 2644 Mup - ok
13:31:04.0765 2644 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:31:04.0769 2644 napagent - ok
13:31:04.0798 2644 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:31:04.0801 2644 NativeWifiP - ok
13:31:04.0835 2644 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
13:31:04.0843 2644 NDIS - ok
13:31:04.0862 2644 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:31:04.0863 2644 NdisCap - ok
13:31:04.0880 2644 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:31:04.0881 2644 NdisTapi - ok
13:31:04.0895 2644 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:31:04.0897 2644 Ndisuio - ok
13:31:04.0907 2644 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:31:04.0908 2644 NdisWan - ok
13:31:04.0920 2644 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:31:04.0921 2644 NDProxy - ok
13:31:04.0931 2644 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:31:04.0932 2644 NetBIOS - ok
13:31:04.0947 2644 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:31:04.0949 2644 NetBT - ok
13:31:04.0977 2644 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:31:04.0978 2644 Netlogon - ok
13:31:05.0005 2644 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:31:05.0009 2644 Netman - ok
13:31:05.0060 2644 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:31:05.0062 2644 NetMsmqActivator - ok
13:31:05.0063 2644 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:31:05.0064 2644 NetPipeActivator - ok
13:31:05.0091 2644 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:31:05.0096 2644 netprofm - ok
13:31:05.0098 2644 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:31:05.0099 2644 NetTcpActivator - ok
13:31:05.0100 2644 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:31:05.0101 2644 NetTcpPortSharing - ok
13:31:05.0141 2644 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:31:05.0143 2644 nfrd960 - ok
13:31:05.0166 2644 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:31:05.0169 2644 NlaSvc - ok
13:31:05.0178 2644 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:31:05.0179 2644 Npfs - ok
13:31:05.0186 2644 npggsvc - ok
13:31:05.0198 2644 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:31:05.0199 2644 nsi - ok
13:31:05.0212 2644 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:31:05.0212 2644 nsiproxy - ok
13:31:05.0267 2644 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:31:05.0290 2644 Ntfs - ok
13:31:05.0348 2644 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:31:05.0349 2644 Null - ok
13:31:05.0369 2644 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:31:05.0371 2644 nvraid - ok
13:31:05.0389 2644 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:31:05.0391 2644 nvstor - ok
13:31:05.0412 2644 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:31:05.0414 2644 nv_agp - ok
13:31:05.0543 2644 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:31:05.0548 2644 odserv - ok
13:31:05.0569 2644 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:31:05.0570 2644 ohci1394 - ok
13:31:05.0591 2644 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:31:05.0592 2644 ose - ok
13:31:05.0623 2644 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:31:05.0627 2644 p2pimsvc - ok
13:31:05.0660 2644 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:31:05.0665 2644 p2psvc - ok
13:31:05.0677 2644 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:31:05.0679 2644 Parport - ok
13:31:05.0709 2644 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:31:05.0710 2644 partmgr - ok
13:31:05.0727 2644 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:31:05.0730 2644 PcaSvc - ok
13:31:05.0802 2644 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
13:31:05.0810 2644 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
13:31:05.0829 2644 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:31:05.0831 2644 pci - ok
13:31:05.0853 2644 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:31:05.0853 2644 pciide - ok
13:31:05.0872 2644 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:31:05.0876 2644 pcmcia - ok
13:31:05.0887 2644 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:31:05.0887 2644 pcw - ok
13:31:05.0910 2644 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:31:05.0915 2644 PEAUTH - ok
13:31:05.0961 2644 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:31:05.0962 2644 PerfHost - ok
13:31:06.0008 2644 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:31:06.0042 2644 pla - ok
13:31:06.0098 2644 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:31:06.0103 2644 PlugPlay - ok
13:31:06.0111 2644 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:31:06.0112 2644 PNRPAutoReg - ok
13:31:06.0133 2644 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:31:06.0135 2644 PNRPsvc - ok
13:31:06.0170 2644 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:31:06.0175 2644 PolicyAgent - ok
13:31:06.0209 2644 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:31:06.0211 2644 Power - ok
13:31:06.0240 2644 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:31:06.0241 2644 PptpMiniport - ok
13:31:06.0251 2644 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:31:06.0253 2644 Processor - ok
13:31:06.0364 2644 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
13:31:06.0383 2644 ProfSvc - ok
13:31:06.0409 2644 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:31:06.0411 2644 ProtectedStorage - ok
13:31:06.0429 2644 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:31:06.0430 2644 Psched - ok
13:31:06.0466 2644 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
13:31:06.0467 2644 PxHlpa64 - ok
13:31:06.0518 2644 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:31:06.0541 2644 ql2300 - ok
13:31:07.0639 2644 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:31:07.0641 2644 ql40xx - ok
13:31:07.0667 2644 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:31:07.0671 2644 QWAVE - ok
13:31:07.0680 2644 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:31:07.0682 2644 QWAVEdrv - ok
13:31:07.0684 2644 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:31:07.0685 2644 RasAcd - ok
13:31:07.0694 2644 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:31:07.0694 2644 RasAgileVpn - ok
13:31:07.0708 2644 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:31:07.0710 2644 RasAuto - ok
13:31:07.0722 2644 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:31:07.0723 2644 Rasl2tp - ok
13:31:07.0750 2644 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:31:07.0753 2644 RasMan - ok
13:31:07.0767 2644 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:31:07.0769 2644 RasPppoe - ok
13:31:07.0782 2644 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:31:07.0783 2644 RasSstp - ok
13:31:07.0804 2644 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:31:07.0807 2644 rdbss - ok
13:31:07.0822 2644 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:31:07.0823 2644 rdpbus - ok
13:31:07.0836 2644 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:31:07.0837 2644 RDPCDD - ok
13:31:07.0848 2644 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:31:07.0849 2644 RDPENCDD - ok
13:31:07.0857 2644 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:31:07.0858 2644 RDPREFMP - ok
13:31:07.0894 2644 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
13:31:07.0896 2644 RDPWD - ok
13:31:07.0916 2644 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:31:07.0918 2644 rdyboost - ok
13:31:07.0933 2644 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:31:07.0935 2644 RemoteAccess - ok
13:31:07.0946 2644 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:31:07.0949 2644 RemoteRegistry - ok
13:31:08.0055 2644 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
13:31:08.0070 2644 RoxMediaDB12OEM - ok
13:31:08.0095 2644 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
13:31:08.0097 2644 RoxWatch12 - ok
13:31:09.0211 2644 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:31:09.0215 2644 RpcEptMapper - ok
13:31:09.0223 2644 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:31:09.0225 2644 RpcLocator - ok
13:31:09.0244 2644 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:31:09.0247 2644 RpcSs - ok
13:31:09.0282 2644 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:31:09.0283 2644 rspndr - ok
13:31:09.0315 2644 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:31:09.0316 2644 SamSs - ok
13:31:09.0331 2644 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:31:09.0332 2644 sbp2port - ok
13:31:09.0343 2644 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:31:09.0346 2644 SCardSvr - ok
13:31:09.0354 2644 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:31:09.0355 2644 scfilter - ok
13:31:09.0385 2644 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:31:09.0407 2644 Schedule - ok
13:31:09.0429 2644 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:31:09.0430 2644 SCPolicySvc - ok
13:31:09.0441 2644 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:31:09.0444 2644 SDRSVC - ok
13:31:09.0461 2644 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:31:09.0462 2644 secdrv - ok
13:31:09.0468 2644 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:31:09.0470 2644 seclogon - ok
13:31:09.0489 2644 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:31:09.0490 2644 SENS - ok
13:31:09.0499 2644 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:31:09.0506 2644 SensrSvc - ok
13:31:09.0529 2644 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:31:09.0529 2644 Serenum - ok
13:31:09.0537 2644 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:31:09.0539 2644 Serial - ok
13:31:09.0542 2644 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:31:09.0543 2644 sermouse - ok
13:31:09.0572 2644 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:31:09.0574 2644 SessionEnv - ok
13:31:09.0577 2644 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:31:09.0578 2644 sffdisk - ok
13:31:09.0580 2644 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:31:09.0581 2644 sffp_mmc - ok
13:31:09.0584 2644 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:31:09.0585 2644 sffp_sd - ok
13:31:09.0587 2644 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:31:09.0588 2644 sfloppy - ok
13:31:09.0607 2644 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:31:09.0611 2644 ShellHWDetection - ok
13:31:09.0621 2644 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:31:09.0623 2644 SiSRaid2 - ok
13:31:09.0638 2644 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:31:09.0639 2644 SiSRaid4 - ok
13:31:09.0697 2644 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
13:31:09.0699 2644 SkypeUpdate - ok
13:31:09.0706 2644 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:31:09.0708 2644 Smb - ok
13:31:09.0724 2644 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:31:09.0727 2644 SNMPTRAP - ok
13:31:09.0730 2644 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:31:09.0730 2644 spldr - ok
13:31:09.0754 2644 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:31:09.0760 2644 Spooler - ok
13:31:09.0847 2644 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:31:09.0904 2644 sppsvc - ok
13:31:10.0623 2644 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:31:10.0626 2644 sppuinotify - ok
13:31:10.0660 2644 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:31:10.0664 2644 srv - ok
13:31:10.0701 2644 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:31:10.0713 2644 srv2 - ok
13:31:10.0728 2644 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:31:10.0730 2644 srvnet - ok
13:31:10.0761 2644 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:31:10.0764 2644 SSDPSRV - ok
13:31:10.0779 2644 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:31:10.0782 2644 SstpSvc - ok
13:31:10.0806 2644 Steam Client Service - ok
13:31:10.0833 2644 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:31:10.0835 2644 stexstor - ok
13:31:10.0872 2644 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:31:10.0878 2644 stisvc - ok
13:31:10.0923 2644 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:31:10.0925 2644 stllssvr - ok
13:31:10.0937 2644 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:31:10.0937 2644 swenum - ok
13:31:11.0064 2644 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:31:11.0067 2644 SwitchBoard - ok
13:31:11.0093 2644 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:31:11.0099 2644 swprv - ok
13:31:11.0145 2644 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:31:11.0177 2644 SysMain - ok
13:31:11.0988 2644 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:31:11.0991 2644 TabletInputService - ok
13:31:12.0014 2644 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:31:12.0018 2644 TapiSrv - ok
13:31:12.0024 2644 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:31:12.0025 2644 TBS - ok
13:31:12.0113 2644 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:31:12.0143 2644 Tcpip - ok
13:31:13.0017 2644 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:31:13.0027 2644 TCPIP6 - ok
13:31:13.0912 2644 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:31:13.0913 2644 tcpipreg - ok
13:31:13.0927 2644 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:31:13.0928 2644 TDPIPE - ok
13:31:13.0956 2644 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:31:13.0957 2644 TDTCP - ok
13:31:13.0967 2644 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:31:13.0969 2644 tdx - ok
13:31:14.0080 2644 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
13:31:14.0092 2644 TeamViewer7 - ok
13:31:14.0977 2644 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
13:31:14.0978 2644 TermDD - ok
13:31:15.0009 2644 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:31:15.0016 2644 TermService - ok
13:31:15.0023 2644 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:31:15.0024 2644 Themes - ok
13:31:15.0045 2644 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:31:15.0046 2644 THREADORDER - ok
13:31:15.0058 2644 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:31:15.0061 2644 TrkWks - ok
13:31:15.0083 2644 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:31:15.0085 2644 TrustedInstaller - ok
13:31:15.0116 2644 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:31:15.0117 2644 tssecsrv - ok
13:31:15.0132 2644 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:31:15.0133 2644 TsUsbFlt - ok
13:31:15.0136 2644 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:31:15.0137 2644 TsUsbGD - ok
13:31:15.0170 2644 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:31:15.0172 2644 tunnel - ok
13:31:15.0184 2644 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:31:15.0186 2644 uagp35 - ok
13:31:15.0203 2644 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:31:15.0208 2644 udfs - ok
13:31:15.0231 2644 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:31:15.0233 2644 UI0Detect - ok
13:31:15.0246 2644 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:31:15.0247 2644 uliagpkx - ok
13:31:15.0258 2644 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:31:15.0259 2644 umbus - ok
13:31:15.0261 2644 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:31:15.0262 2644 UmPass - ok
13:31:15.0355 2644 Updater Service for StartNow Toolbar (7ccf424450af71461ca5aca14fb45b72) C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
13:31:15.0357 2644 Updater Service for StartNow Toolbar - ok
13:31:15.0373 2644 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:31:15.0377 2644 upnphost - ok
13:31:15.0430 2644 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
13:31:15.0431 2644 USBAAPL64 - ok
13:31:15.0480 2644 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
13:31:15.0481 2644 usbaudio - ok
13:31:15.0507 2644 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
13:31:15.0508 2644 usbccgp - ok
13:31:15.0526 2644 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:31:15.0528 2644 usbcir - ok
13:31:15.0544 2644 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:31:15.0545 2644 usbehci - ok
13:31:15.0568 2644 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:31:15.0571 2644 usbhub - ok
13:31:15.0589 2644 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:31:15.0591 2644 usbohci - ok
13:31:15.0610 2644 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:31:15.0612 2644 usbprint - ok
13:31:15.0651 2644 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:31:15.0652 2644 usbscan - ok
13:31:15.0666 2644 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:31:15.0667 2644 USBSTOR - ok
13:31:15.0691 2644 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:31:15.0692 2644 usbuhci - ok
13:31:15.0707 2644 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
13:31:15.0709 2644 usbvideo - ok
13:31:15.0730 2644 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:31:15.0732 2644 UxSms - ok
13:31:15.0759 2644 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:31:15.0760 2644 VaultSvc - ok
13:31:15.0790 2644 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:31:15.0791 2644 vdrvroot - ok
13:31:15.0812 2644 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:31:15.0818 2644 vds - ok
13:31:15.0833 2644 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:31:15.0834 2644 vga - ok
13:31:15.0906 2644 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:31:15.0908 2644 VgaSave - ok
13:31:15.0921 2644 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:31:15.0923 2644 vhdmp - ok
13:31:15.0932 2644 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:31:15.0933 2644 viaide - ok
13:31:15.0945 2644 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:31:15.0946 2644 volmgr - ok
13:31:15.0967 2644 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:31:15.0970 2644 volmgrx - ok
13:31:15.0988 2644 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:31:15.0990 2644 volsnap - ok
13:31:16.0005 2644 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:31:16.0007 2644 vsmraid - ok
13:31:16.0053 2644 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:31:16.0095 2644 VSS - ok
13:31:17.0091 2644 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:31:17.0092 2644 vwifibus - ok
13:31:17.0103 2644 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:31:17.0104 2644 vwififlt - ok
13:31:17.0131 2644 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
13:31:17.0132 2644 vwifimp - ok
13:31:17.0154 2644 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:31:17.0158 2644 W32Time - ok
13:31:17.0163 2644 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:31:17.0164 2644 WacomPen - ok
13:31:17.0181 2644 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:31:17.0182 2644 WANARP - ok
13:31:17.0184 2644 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:31:17.0184 2644 Wanarpv6 - ok
13:31:17.0256 2644 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:31:17.0292 2644 WatAdminSvc - ok
13:31:17.0340 2644 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:31:17.0363 2644 wbengine - ok
13:31:18.0334 2644 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:31:18.0339 2644 WbioSrvc - ok
13:31:18.0359 2644 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:31:18.0363 2644 wcncsvc - ok
13:31:18.0368 2644 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:31:18.0370 2644 WcsPlugInService - ok
13:31:18.0381 2644 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:31:18.0384 2644 Wd - ok
13:31:18.0430 2644 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
13:31:18.0431 2644 WDC_SAM - ok
13:31:18.0453 2644 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:31:18.0459 2644 Wdf01000 - ok
13:31:18.0473 2644 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:31:18.0476 2644 WdiServiceHost - ok
13:31:18.0477 2644 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:31:18.0478 2644 WdiSystemHost - ok
13:31:18.0497 2644 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:31:18.0501 2644 WebClient - ok
13:31:18.0519 2644 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:31:18.0522 2644 Wecsvc - ok
13:31:18.0532 2644 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:31:18.0534 2644 wercplsupport - ok
13:31:18.0550 2644 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:31:18.0552 2644 WerSvc - ok
13:31:18.0568 2644 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:31:18.0569 2644 WfpLwf - ok
13:31:18.0598 2644 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
13:31:18.0600 2644 WimFltr - ok
13:31:18.0614 2644 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:31:18.0615 2644 WIMMount - ok
13:31:18.0619 2644 WinHttpAutoProxySvc - ok
13:31:18.0652 2644 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:31:18.0655 2644 Winmgmt - ok
13:31:18.0735 2644 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:31:18.0764 2644 WinRM - ok
13:31:19.0777 2644 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:31:19.0778 2644 WinUsb - ok
13:31:19.0835 2644 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:31:19.0844 2644 Wlansvc - ok
13:31:19.0890 2644 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:31:19.0892 2644 wlcrasvc - ok
13:31:19.0997 2644 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:31:20.0007 2644 wlidsvc - ok
13:31:20.0986 2644 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:31:20.0988 2644 WmiAcpi - ok
13:31:21.0023 2644 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:31:21.0025 2644 wmiApSrv - ok
13:31:21.0059 2644 WMPNetworkSvc - ok
13:31:21.0078 2644 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:31:21.0079 2644 WPCSvc - ok
13:31:21.0101 2644 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:31:21.0103 2644 WPDBusEnum - ok
13:31:21.0141 2644 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:31:21.0142 2644 ws2ifsl - ok
13:31:21.0144 2644 WSearch - ok
13:31:21.0233 2644 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:31:21.0266 2644 wuauserv - ok
13:31:22.0367 2644 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:31:22.0369 2644 WudfPf - ok
13:31:22.0418 2644 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:31:22.0421 2644 WUDFRd - ok
13:31:22.0440 2644 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:31:22.0442 2644 wudfsvc - ok
13:31:22.0468 2644 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:31:22.0471 2644 WwanSvc - ok
13:31:22.0520 2644 X6va005 - ok
13:31:22.0577 2644 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
13:31:22.0868 2644 \Device\Harddisk0\DR0 - ok
13:31:22.0871 2644 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
13:31:23.0304 2644 \Device\Harddisk1\DR1 - ok
13:31:23.0327 2644 Boot (0x1200) (687966df377776c00297ef850c84c1a8) \Device\Harddisk0\DR0\Partition0
13:31:23.0328 2644 \Device\Harddisk0\DR0\Partition0 - ok
13:31:23.0343 2644 Boot (0x1200) (274018ec33ee8bf3635ad2cc8d7d451e) \Device\Harddisk0\DR0\Partition1
13:31:23.0344 2644 \Device\Harddisk0\DR0\Partition1 - ok
13:31:23.0346 2644 Boot (0x1200) (e164ab8671c941be3d308aa6e0e547d4) \Device\Harddisk1\DR1\Partition0
13:31:23.0348 2644 \Device\Harddisk1\DR1\Partition0 - ok
13:31:23.0349 2644 ============================================================
13:31:23.0349 2644 Scan finished
13:31:23.0349 2644 ============================================================
13:31:23.0353 4712 Detected object count: 0
13:31:23.0353 4712 Actual detected object count: 0






aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-19 13:32:42
-----------------------------
13:32:42.689 OS Version: Windows x64 6.1.7601 Service Pack 1
13:32:42.689 Number of processors: 4 586 0x2A07
13:32:42.690 ComputerName: RANA-PC UserName: Rana
13:32:48.156 Initialize success
13:34:31.522 AVAST engine defs: 12071901
13:34:39.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:34:39.611 Disk 0 Vendor: ST310005 CC49 Size: 953869MB BusType: 3
13:34:39.624 Disk 0 MBR read successfully
13:34:39.626 Disk 0 MBR scan
13:34:39.629 Disk 0 Windows VISTA default MBR code
13:34:39.630 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
13:34:39.641 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 13566 MB offset 81920
13:34:39.657 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 940262 MB offset 27865088
13:34:39.681 Disk 0 scanning C:\Windows\system32\drivers
13:34:47.359 Service scanning
13:35:00.024 Modules scanning
13:35:00.029 Disk 0 trace - called modules:
13:35:00.038 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
13:35:00.365 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007b9b060]
13:35:00.368 3 CLASSPNP.SYS[fffff880023c843f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005d7a050]
13:35:07.293 Disk 0 MBR has been saved successfully to "C:\Users\Rana\Desktop\MBR.dat"
13:35:07.296 The log file has been saved successfully to "C:\Users\Rana\Desktop\aswMBR.txt"





ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=99732c719ef21f41b591353407c8e32c
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-19 08:09:09
# local_time=2012-07-19 03:09:09 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1280 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 66 94 5492223 94266642 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=368280
# found=4
# cleaned=4
# scan_time=5368
C:\Program Files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe Win32/Toolbar.Zugo application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll a variant of Win32/Toolbar.Zugo application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\Users\Rana\AppData\Local\Temp\NODA2C9.tmp a variant of Win32/Toolbar.Zugo application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
esets_scanner_update returned -1 esets_gle=53251

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:44 PM

Posted 19 July 2012 - 03:57 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Lorekeeper_Frosty

Lorekeeper_Frosty
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 19 July 2012 - 09:46 PM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.19.15

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Rana :: RANA-PC [administrator]

7/19/2012 5:47:02 PM
mbam-log-2012-07-19 (17-47-02).txt

Scan type: Full scan (C:\|J:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 486076
Time elapsed: 1 hour(s), 16 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)





RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Rana [Admin rights]
Mode: HOSTSFix -- Date: 07/19/2012 21:39:32

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt






MiniToolBox by Farbar Version: 15-07-2012
Ran by Rana (administrator) on 19-07-2012 at 21:33:04
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Rana-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : D0-DF-9A-75-31-0E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : D0-DF-9A-75-31-0E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::88b2:90f5:69c7:1262%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, July 19, 2012 12:58:36 PM
Lease Expires . . . . . . . . . . : Friday, July 20, 2012 12:58:39 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 198238106
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-05-CA-34-18-03-73-C5-64-C1
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{101295C7-5766-4E41-9224-A2043226AEAD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 2001:4860:800a::65
74.125.134.102
74.125.134.113
74.125.134.138
74.125.134.139
74.125.134.100
74.125.134.101


Pinging google.com [173.194.37.71] with 32 bytes of data:
Reply from 173.194.37.71: bytes=32 time=24ms TTL=49
Reply from 173.194.37.71: bytes=32 time=29ms TTL=49

Ping statistics for 173.194.37.71:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 24ms, Maximum = 29ms, Average = 26ms
Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=113ms TTL=45
Reply from 72.30.38.140: bytes=32 time=112ms TTL=45

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 112ms, Maximum = 113ms, Average = 112ms
Server: UnKnown
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...d0 df 9a 75 31 0e ......Microsoft Virtual WiFi Miniport Adapter
11...d0 df 9a 75 31 0e ......DW1501 Wireless-N WLAN Half-Mini Card
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.5 25
10.0.0.0 255.255.255.0 On-link 10.0.0.5 281
10.0.0.5 255.255.255.255 On-link 10.0.0.5 281
10.0.0.255 255.255.255.255 On-link 10.0.0.5 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.5 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::88b2:90f5:69c7:1262/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/19/2012 03:12:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/19/2012 01:35:44 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/19/2012 01:35:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/19/2012 00:58:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe_EptMon64.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc9e0
Faulting module name: EptMon64.dll, version: 1.0.0.2, time stamp: 0x4ad6b3e9
Exception code: 0xc0000005
Fault offset: 0x0000000000002fbc
Faulting process id: 0xb00
Faulting application start time: 0xrundll32.exe_EptMon64.dll0
Faulting application path: rundll32.exe_EptMon64.dll1
Faulting module path: rundll32.exe_EptMon64.dll2
Report Id: rundll32.exe_EptMon64.dll3

Error: (07/19/2012 00:58:47 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2012 00:58:47 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2012 00:58:47 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2012 00:58:47 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (07/19/2012 00:58:47 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2012 00:58:47 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (07/19/2012 00:59:17 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (07/19/2012 00:59:01 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/19/2012 00:59:01 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/19/2012 00:58:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/19/2012 00:58:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (07/19/2012 00:58:37 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/19/2012 00:58:37 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/19/2012 00:58:36 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (07/19/2012 00:58:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/19/2012 00:57:56 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.1.3)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Alliance of Valiant Arms
Amnesia: The Dark Descent
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ATI AVIVO64 Codecs (Version: 11.6.0.10104)
ATI Catalyst Install Manager (Version: 3.0.808.0)
Audacity 2.0
Audiosurf
Bing Bar (Version: 7.1.361.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Brawl Busters
C3 (Version: 0.4.1415)
Canon Easy-PhotoPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MX410 series MP Drivers
Canon MX410 series User Registration
Canon My Printer
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center InstallProxy (Version: 2011.0104.2155.39304)
Catalyst Control Center Localization All (Version: 2011.0104.2155.39304)
ccc-core-static (Version: 2011.0104.2155.39304)
ccc-utility64 (Version: 2011.0104.2155.39304)
CCC Help Chinese Standard (Version: 2011.0104.2154.39304)
CCC Help Chinese Traditional (Version: 2011.0104.2154.39304)
CCC Help Czech (Version: 2011.0104.2154.39304)
CCC Help Danish (Version: 2011.0104.2154.39304)
CCC Help Dutch (Version: 2011.0104.2154.39304)
CCC Help English (Version: 2011.0104.2154.39304)
CCC Help Finnish (Version: 2011.0104.2154.39304)
CCC Help French (Version: 2011.0104.2154.39304)
CCC Help German (Version: 2011.0104.2154.39304)
CCC Help Greek (Version: 2011.0104.2154.39304)
CCC Help Hungarian (Version: 2011.0104.2154.39304)
CCC Help Italian (Version: 2011.0104.2154.39304)
CCC Help Japanese (Version: 2011.0104.2154.39304)
CCC Help Korean (Version: 2011.0104.2154.39304)
CCC Help Norwegian (Version: 2011.0104.2154.39304)
CCC Help Polish (Version: 2011.0104.2154.39304)
CCC Help Portuguese (Version: 2011.0104.2154.39304)
CCC Help Russian (Version: 2011.0104.2154.39304)
CCC Help Spanish (Version: 2011.0104.2154.39304)
CCC Help Swedish (Version: 2011.0104.2154.39304)
CCC Help Thai (Version: 2011.0104.2154.39304)
CCC Help Turkish (Version: 2011.0104.2154.39304)
CCleaner (Version: 3.20)
Counter-Strike
Counter-Strike: Source
Cozi (Version: 1.0.6505.38692)
Curse Client (Version: 5.1.1.370)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.2.0287)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Product Registration (Version: 1.0.6)
Dell Stage (Version: 1.5.201.0)
Dell Support Center (Version: 3.1.5907.39)
Dell VideoStage (Version: 1.2.0.1712)
DirectX 9 Runtime (Version: 1.00.0000)
DW WLAN Card (Version: 5.60.48.35)
ESET Online Scanner v3
Explorer Suite III
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Fallout 3
Google Chrome (Version: 20.0.1132.57)
Half-Life 2
Half-Life 2: Deathmatch
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Internet Security 2012 (Version: 12.0.0.374)
League of Legends (Version: 1.3)
Left 4 Dead
LIMBO
Magicka
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.672.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Monday Night Combat
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.7.915.93)
NVIDIA PhysX (Version: 9.10.0513)
Pando Media Booster (Version: 2.3.6.0)
PDF Settings CS5 (Version: 10.0)
PhotoShowExpress (Version: 2.0.063)
Portal
Portal 2
QuickTime (Version: 7.72.80.56)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realm of the Mad God
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
RUSH
Sid Meier's Civilization V
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.115)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spiral Knights
StarCraft II (Version: 1.4.2.20141)
StartNow Toolbar (Version: 2.3.0)
Steam (Version: 1.0.0.0)
System Requirements Lab CYRI (Version: 4.5.1.0)
Team Fortress 2
TeamSpeak 3 Client (Version: 3.0.7)
TeamViewer 7 (Version: 7.0.12541)
The Ball
The Wonderful End of the World
THX TruStudio PC (Version: 1.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.1 (Version: 2.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.10 beta 5 (64-bit) (Version: 4.10.5)

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 6126.46 MB
Available physical RAM: 2973.57 MB
Total Pagefile: 12251.11 MB
Available Pagefile: 9283.82 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.26 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:918.22 GB) (Free:726.88 GB) NTFS
8 Drive j: (My Passport) (Fixed) (Total:465.73 GB) (Free:312.74 GB) NTFS

========================= Users: ========================================

User accounts for \\RANA-PC

Administrator Guest Rana


**** End of log ****






exist.
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****










# AdwCleaner v1.703 - Logfile created 07/19/2012 at 21:35:16
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Rana - RANA-PC
# Running from : C:\Users\Rana\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Updater Service for StartNow Toolbar

***** [Files / Folders] *****

Folder Deleted : C:\Users\Rana\AppData\Local\Conduit
Folder Deleted : C:\Users\Rana\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Rana\AppData\Roaming\Mozilla\Firefox\Profiles\hn29mwk4.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\StartNow Toolbar

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKCU\Software\StartNow Toolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DT Soft
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\StartNow Toolbar
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [StartNowToolbarHelper]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v9.0.1 (en-US)

Profile name : default
File : C:\Users\Rana\AppData\Roaming\Mozilla\Firefox\Profiles\hn29mwk4.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Rana\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "default_title": "uTorrentBar Community Toolbar",
Deleted : "name": "uTorrentBar",
Deleted : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT278667[...]
Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [3726 octets] - [19/07/2012 21:35:16]

########## EOF - C:\AdwCleaner[S1].txt - [3854 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:44 PM

Posted 19 July 2012 - 09:48 PM

FSS log is incomplete

#7 Lorekeeper_Frosty

Lorekeeper_Frosty
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 19 July 2012 - 09:52 PM

System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:44 PM

Posted 19 July 2012 - 09:53 PM

It is still incomplete.Run it again and post the log

#9 Lorekeeper_Frosty

Lorekeeper_Frosty
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:44 PM

Posted 19 July 2012 - 10:09 PM

I get an error every time I attempt to create a restore point ergo, one was not created. Is that the issue?

Also, am I doing anything wrong when I actually get the log? Here's some screens

http://i.imgur.com/hRgYV.jpg


http://i.imgur.com/fooYy.jpg
I copy that, then paste it as a reply.




Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile. The key does not exist.
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:44 PM

Posted 19 July 2012 - 10:17 PM

.

Edited by narenxp, 19 July 2012 - 10:19 PM.


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:44 PM

Posted 19 July 2012 - 10:19 PM

No problem..The screenshot should be ok now

Create a restore point before trying this

Download

MpsSvc
BFE
wscsvc
defender
Sharedaccess


Launch them ,click YES when you get UAC prompt

restart the PC and post the new FSS log


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

Edited by narenxp, 19 July 2012 - 10:20 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users