Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop-up Ad & redirects


  • Please log in to reply
13 replies to this topic

#1 tbailey

tbailey

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 19 July 2012 - 11:28 PM

I have a pop up ad virus on my computer that I can't identify nor get rid of. I am using Windows 7 and in any browser, ads start popping up in the lower right hand corner of my browser. Sometimes it looks like a cell phone, sometimes it looks like and ad and sometimes is shows a video screen and says "you are missing a plugin to play videos" and wants me to click on an Update button. I cannot get rid of this.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:01 AM

Posted 19 July 2012 - 11:29 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 tbailey

tbailey
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 21 July 2012 - 01:03 AM

21:22:55.0444 3708 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
21:22:56.0166 3708 ============================================================
21:22:56.0166 3708 Current date / time: 2012/07/20 21:22:56.0166
21:22:56.0166 3708 SystemInfo:
21:22:56.0166 3708
21:22:56.0166 3708 OS Version: 6.1.7600 ServicePack: 0.0
21:22:56.0167 3708 Product type: Workstation
21:22:56.0167 3708 ComputerName: WIN-9NGVEMKHBUP
21:22:56.0167 3708 UserName: Administrator
21:22:56.0167 3708 Windows directory: C:\Windows
21:22:56.0167 3708 System windows directory: C:\Windows
21:22:56.0167 3708 Processor architecture: Intel x86
21:22:56.0167 3708 Number of processors: 2
21:22:56.0167 3708 Page size: 0x1000
21:22:56.0167 3708 Boot type: Normal boot
21:22:56.0167 3708 ============================================================
21:22:57.0034 3708 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:22:57.0036 3708 ============================================================
21:22:57.0036 3708 \Device\Harddisk0\DR0:
21:22:57.0036 3708 MBR partitions:
21:22:57.0036 3708 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:22:57.0037 3708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
21:22:57.0037 3708 ============================================================
21:22:57.0054 3708 C: <-> \Device\Harddisk0\DR0\Partition1
21:22:57.0055 3708 ============================================================
21:22:57.0055 3708 Initialize success
21:22:57.0055 3708 ============================================================
21:23:14.0235 3636 ============================================================
21:23:14.0235 3636 Scan started
21:23:14.0235 3636 Mode: Manual; TDLFS;
21:23:14.0235 3636 ============================================================
21:23:19.0850 3636 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
21:23:19.0854 3636 1394ohci - ok
21:23:19.0938 3636 A2DDA - ok
21:23:19.0993 3636 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
21:23:19.0998 3636 ACPI - ok
21:23:20.0028 3636 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
21:23:20.0030 3636 AcpiPmi - ok
21:23:20.0139 3636 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:23:20.0142 3636 AdobeARMservice - ok
21:23:20.0243 3636 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:23:20.0261 3636 AdobeFlashPlayerUpdateSvc - ok
21:23:20.0316 3636 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
21:23:20.0346 3636 adp94xx - ok
21:23:20.0406 3636 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
21:23:20.0422 3636 adpahci - ok
21:23:20.0458 3636 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
21:23:20.0462 3636 adpu320 - ok
21:23:20.0498 3636 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
21:23:20.0499 3636 AeLookupSvc - ok
21:23:20.0561 3636 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
21:23:20.0574 3636 AFD - ok
21:23:20.0612 3636 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
21:23:20.0614 3636 agp440 - ok
21:23:20.0640 3636 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
21:23:20.0642 3636 aic78xx - ok
21:23:20.0667 3636 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
21:23:20.0669 3636 ALG - ok
21:23:20.0704 3636 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
21:23:20.0706 3636 aliide - ok
21:23:20.0721 3636 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
21:23:20.0723 3636 amdagp - ok
21:23:20.0750 3636 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
21:23:20.0752 3636 amdide - ok
21:23:20.0770 3636 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
21:23:20.0772 3636 AmdK8 - ok
21:23:20.0793 3636 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
21:23:20.0795 3636 AmdPPM - ok
21:23:20.0856 3636 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
21:23:20.0859 3636 amdsata - ok
21:23:20.0897 3636 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
21:23:20.0901 3636 amdsbs - ok
21:23:20.0922 3636 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
21:23:20.0924 3636 amdxata - ok
21:23:20.0939 3636 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
21:23:20.0941 3636 AppID - ok
21:23:20.0969 3636 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
21:23:20.0971 3636 AppIDSvc - ok
21:23:20.0987 3636 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
21:23:20.0989 3636 Appinfo - ok
21:23:21.0124 3636 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:23:21.0128 3636 Apple Mobile Device - ok
21:23:21.0150 3636 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
21:23:21.0152 3636 arc - ok
21:23:21.0178 3636 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
21:23:21.0181 3636 arcsas - ok
21:23:21.0333 3636 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:23:21.0335 3636 aspnet_state - ok
21:23:21.0358 3636 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
21:23:21.0360 3636 AsyncMac - ok
21:23:21.0385 3636 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
21:23:21.0387 3636 atapi - ok
21:23:21.0441 3636 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
21:23:21.0458 3636 AudioEndpointBuilder - ok
21:23:21.0467 3636 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
21:23:21.0472 3636 Audiosrv - ok
21:23:21.0500 3636 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
21:23:21.0502 3636 AxInstSV - ok
21:23:21.0547 3636 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
21:23:21.0582 3636 b06bdrv - ok
21:23:21.0644 3636 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
21:23:21.0662 3636 b57nd60x - ok
21:23:21.0714 3636 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
21:23:21.0716 3636 Beep - ok
21:23:21.0789 3636 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\System32\qmgr.dll
21:23:21.0817 3636 BITS - ok
21:23:21.0872 3636 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
21:23:21.0904 3636 blbdrive - ok
21:23:22.0063 3636 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
21:23:22.0093 3636 Bonjour Service - ok
21:23:22.0149 3636 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
21:23:22.0152 3636 bowser - ok
21:23:22.0175 3636 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:23:22.0177 3636 BrFiltLo - ok
21:23:22.0201 3636 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:23:22.0203 3636 BrFiltUp - ok
21:23:22.0242 3636 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
21:23:22.0246 3636 Browser - ok
21:23:22.0296 3636 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
21:23:22.0327 3636 Brserid - ok
21:23:22.0361 3636 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
21:23:22.0363 3636 BrSerWdm - ok
21:23:22.0376 3636 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:23:22.0378 3636 BrUsbMdm - ok
21:23:22.0395 3636 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
21:23:22.0397 3636 BrUsbSer - ok
21:23:22.0416 3636 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
21:23:22.0418 3636 BTHMODEM - ok
21:23:22.0451 3636 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
21:23:22.0454 3636 bthserv - ok
21:23:22.0476 3636 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
21:23:22.0478 3636 cdfs - ok
21:23:22.0511 3636 cdrom (656d1ec977e3c5316a62dbbe52cb9663) C:\Windows\system32\DRIVERS\cdrom.sys
21:23:22.0514 3636 cdrom - ok
21:23:22.0537 3636 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
21:23:22.0539 3636 CertPropSvc - ok
21:23:22.0564 3636 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
21:23:22.0566 3636 circlass - ok
21:23:22.0606 3636 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
21:23:22.0624 3636 CLFS - ok
21:23:22.0701 3636 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:23:22.0704 3636 clr_optimization_v2.0.50727_32 - ok
21:23:22.0822 3636 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:23:22.0840 3636 clr_optimization_v4.0.30319_32 - ok
21:23:22.0881 3636 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
21:23:22.0884 3636 CmBatt - ok
21:23:22.0905 3636 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
21:23:22.0907 3636 cmdide - ok
21:23:22.0975 3636 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
21:23:23.0022 3636 CNG - ok
21:23:23.0092 3636 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
21:23:23.0095 3636 Compbatt - ok
21:23:23.0115 3636 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:23:23.0118 3636 CompositeBus - ok
21:23:23.0126 3636 COMSysApp - ok
21:23:23.0253 3636 cpuz134 - ok
21:23:23.0304 3636 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
21:23:23.0306 3636 crcdisk - ok
21:23:23.0342 3636 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
21:23:23.0345 3636 CryptSvc - ok
21:23:23.0380 3636 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
21:23:23.0391 3636 CSC - ok
21:23:23.0463 3636 CscService (56fb5f222ea30d3d3fc459879772cb73) C:\Windows\System32\cscsvc.dll
21:23:23.0470 3636 CscService - ok
21:23:23.0534 3636 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
21:23:23.0545 3636 DcomLaunch - ok
21:23:23.0588 3636 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
21:23:23.0599 3636 defragsvc - ok
21:23:23.0708 3636 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
21:23:23.0710 3636 DfsC - ok
21:23:23.0746 3636 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
21:23:23.0787 3636 Dhcp - ok
21:23:23.0849 3636 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
21:23:23.0852 3636 discache - ok
21:23:23.0866 3636 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
21:23:23.0868 3636 Disk - ok
21:23:23.0924 3636 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll
21:23:23.0928 3636 Dnscache - ok
21:23:23.0964 3636 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
21:23:23.0974 3636 dot3svc - ok
21:23:24.0018 3636 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
21:23:24.0021 3636 DPS - ok
21:23:24.0058 3636 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
21:23:24.0060 3636 drmkaud - ok
21:23:24.0112 3636 DSI_SiUSBXp_3_1 (bc9c2ef22ee0320c079e3ff9b4d29951) C:\Windows\system32\drivers\DSI_SiUSBXp_3_1.sys
21:23:24.0114 3636 DSI_SiUSBXp_3_1 - ok
21:23:24.0211 3636 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
21:23:24.0223 3636 DXGKrnl - ok
21:23:24.0258 3636 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
21:23:24.0281 3636 EapHost - ok
21:23:24.0547 3636 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
21:23:24.0646 3636 ebdrv - ok
21:23:24.0799 3636 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe
21:23:24.0803 3636 EFS - ok
21:23:24.0897 3636 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
21:23:24.0914 3636 elxstor - ok
21:23:24.0937 3636 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
21:23:24.0939 3636 ErrDev - ok
21:23:25.0009 3636 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
21:23:25.0026 3636 EventSystem - ok
21:23:25.0060 3636 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
21:23:25.0063 3636 exfat - ok
21:23:25.0092 3636 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
21:23:25.0094 3636 fastfat - ok
21:23:25.0138 3636 fasttx2k (8958fc7f2df3c4f0a363a8644583485c) C:\Windows\system32\DRIVERS\fasttx2k.sys
21:23:25.0141 3636 fasttx2k - ok
21:23:25.0195 3636 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
21:23:25.0209 3636 Fax - ok
21:23:25.0230 3636 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
21:23:25.0232 3636 fdc - ok
21:23:25.0261 3636 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
21:23:25.0263 3636 fdPHost - ok
21:23:25.0271 3636 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
21:23:25.0273 3636 FDResPub - ok
21:23:25.0294 3636 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
21:23:25.0296 3636 FileInfo - ok
21:23:25.0310 3636 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
21:23:25.0312 3636 Filetrace - ok
21:23:25.0323 3636 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
21:23:25.0324 3636 flpydisk - ok
21:23:25.0360 3636 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
21:23:25.0371 3636 FltMgr - ok
21:23:25.0468 3636 FontCache (7fe4995528a7529a761875151ee3d512) C:\Windows\system32\FntCache.dll
21:23:25.0485 3636 FontCache - ok
21:23:25.0523 3636 FontCache3.0.0.0 - ok
21:23:25.0544 3636 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
21:23:25.0545 3636 FsDepends - ok
21:23:25.0591 3636 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\Windows\system32\drivers\Fs_Rec.sys
21:23:25.0593 3636 Fs_Rec - ok
21:23:25.0639 3636 FTDIBUS (8142d5d886829b9876cb93af59475c09) C:\Windows\system32\drivers\ftdibus.sys
21:23:25.0641 3636 FTDIBUS - ok
21:23:25.0678 3636 FTSER2K (63d72a4cf9f163b59db0ceed940a7d76) C:\Windows\system32\drivers\ftser2k.sys
21:23:25.0681 3636 FTSER2K - ok
21:23:25.0715 3636 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:23:25.0717 3636 gagp30kx - ok
21:23:25.0789 3636 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:23:25.0791 3636 GEARAspiWDM - ok
21:23:25.0865 3636 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
21:23:25.0882 3636 gpsvc - ok
21:23:26.0019 3636 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
21:23:26.0023 3636 gupdate - ok
21:23:26.0048 3636 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
21:23:26.0051 3636 gupdatem - ok
21:23:26.0077 3636 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
21:23:26.0079 3636 hcw85cir - ok
21:23:26.0139 3636 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
21:23:26.0156 3636 HdAudAddService - ok
21:23:26.0190 3636 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:23:26.0192 3636 HDAudBus - ok
21:23:26.0211 3636 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
21:23:26.0213 3636 HidBatt - ok
21:23:26.0235 3636 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
21:23:26.0237 3636 HidBth - ok
21:23:26.0250 3636 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
21:23:26.0252 3636 HidIr - ok
21:23:26.0285 3636 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
21:23:26.0288 3636 hidserv - ok
21:23:26.0302 3636 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
21:23:26.0304 3636 HidUsb - ok
21:23:26.0333 3636 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
21:23:26.0335 3636 hkmsvc - ok
21:23:26.0351 3636 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
21:23:26.0353 3636 HpSAMD - ok
21:23:26.0407 3636 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
21:23:26.0434 3636 HTTP - ok
21:23:26.0467 3636 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
21:23:26.0468 3636 hwpolicy - ok
21:23:26.0500 3636 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
21:23:26.0503 3636 i8042prt - ok
21:23:26.0571 3636 iaNvStor (89a5bf70f2f23f502f4b87aa38b7eb74) C:\Windows\system32\DRIVERS\iaNvStor.sys
21:23:26.0579 3636 iaNvStor - ok
21:23:26.0638 3636 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\Windows\system32\DRIVERS\iaStor.sys
21:23:26.0643 3636 iaStor - ok
21:23:26.0710 3636 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
21:23:26.0725 3636 iaStorV - ok
21:23:26.0767 3636 idsvc - ok
21:23:27.0099 3636 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
21:23:27.0231 3636 igfx - ok
21:23:27.0372 3636 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
21:23:27.0375 3636 iirsp - ok
21:23:27.0457 3636 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
21:23:27.0481 3636 IKEEXT - ok
21:23:27.0496 3636 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
21:23:27.0497 3636 intelide - ok
21:23:27.0515 3636 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
21:23:27.0516 3636 intelppm - ok
21:23:27.0530 3636 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
21:23:27.0532 3636 IPBusEnum - ok
21:23:27.0554 3636 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:23:27.0556 3636 IpFilterDriver - ok
21:23:27.0567 3636 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:23:27.0570 3636 IPMIDRV - ok
21:23:27.0594 3636 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
21:23:27.0596 3636 IPNAT - ok
21:23:27.0744 3636 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
21:23:27.0766 3636 iPod Service - ok
21:23:27.0774 3636 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
21:23:27.0776 3636 IRENUM - ok
21:23:27.0799 3636 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
21:23:27.0801 3636 isapnp - ok
21:23:27.0829 3636 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
21:23:27.0864 3636 iScsiPrt - ok
21:23:27.0929 3636 ivusb (37412294ea4b70ed8b4a9338ebaeecaa) C:\Windows\system32\DRIVERS\ivusb.sys
21:23:27.0932 3636 ivusb - ok
21:23:27.0961 3636 JRAID (c1632fe31d1824a43dea29725312e3fa) C:\Windows\system32\DRIVERS\jraid.sys
21:23:27.0963 3636 JRAID - ok
21:23:27.0983 3636 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:23:27.0985 3636 kbdclass - ok
21:23:28.0015 3636 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
21:23:28.0017 3636 kbdhid - ok
21:23:28.0054 3636 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
21:23:28.0057 3636 KeyIso - ok
21:23:28.0075 3636 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
21:23:28.0077 3636 KSecDD - ok
21:23:28.0134 3636 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
21:23:28.0138 3636 KSecPkg - ok
21:23:28.0188 3636 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
21:23:28.0235 3636 KtmRm - ok
21:23:28.0295 3636 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\system32\srvsvc.dll
21:23:28.0307 3636 LanmanServer - ok
21:23:28.0358 3636 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
21:23:28.0363 3636 LanmanWorkstation - ok
21:23:28.0426 3636 libusb0 (1163cb1ad970b0f207ed671bf7a8a793) C:\Windows\system32\DRIVERS\libusb0.sys
21:23:28.0428 3636 libusb0 - ok
21:23:28.0444 3636 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
21:23:28.0447 3636 lltdio - ok
21:23:28.0497 3636 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
21:23:28.0508 3636 lltdsvc - ok
21:23:28.0530 3636 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
21:23:28.0533 3636 lmhosts - ok
21:23:28.0558 3636 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:23:28.0561 3636 LSI_FC - ok
21:23:28.0590 3636 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:23:28.0592 3636 LSI_SAS - ok
21:23:28.0610 3636 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:23:28.0612 3636 LSI_SAS2 - ok
21:23:28.0634 3636 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:23:28.0638 3636 LSI_SCSI - ok
21:23:28.0659 3636 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
21:23:28.0661 3636 luafv - ok
21:23:28.0739 3636 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
21:23:28.0742 3636 MBAMProtector - ok
21:23:28.0892 3636 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:23:28.0920 3636 MBAMService - ok
21:23:28.0957 3636 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
21:23:28.0960 3636 mcdbus - ok
21:23:28.0994 3636 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
21:23:28.0996 3636 megasas - ok
21:23:29.0035 3636 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
21:23:29.0043 3636 MegaSR - ok
21:23:29.0147 3636 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:23:29.0149 3636 Microsoft Office Groove Audit Service - ok
21:23:29.0181 3636 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:23:29.0184 3636 MMCSS - ok
21:23:29.0209 3636 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
21:23:29.0211 3636 Modem - ok
21:23:29.0219 3636 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
21:23:29.0220 3636 monitor - ok
21:23:29.0237 3636 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
21:23:29.0239 3636 mouclass - ok
21:23:29.0255 3636 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
21:23:29.0257 3636 mouhid - ok
21:23:29.0276 3636 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
21:23:29.0278 3636 mountmgr - ok
21:23:29.0321 3636 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:23:29.0325 3636 MozillaMaintenance - ok
21:23:29.0353 3636 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
21:23:29.0356 3636 mpio - ok
21:23:29.0442 3636 MpKsl0089ab9e - ok
21:23:29.0467 3636 MpKsl0c92fa43 - ok
21:23:29.0506 3636 MpKsl25107c1a - ok
21:23:29.0517 3636 MpKsl292b9853 - ok
21:23:29.0531 3636 MpKsl2ae0d689 - ok
21:23:29.0538 3636 MpKsl416b1f30 - ok
21:23:29.0542 3636 MpKsl4a5fd85a - ok
21:23:29.0547 3636 MpKsl5ae932fa - ok
21:23:29.0570 3636 MpKsl87bcfa81 - ok
21:23:29.0591 3636 MpKsl91914b93 - ok
21:23:29.0620 3636 MpKsl9a881816 - ok
21:23:29.0635 3636 MpKslb42e19eb - ok
21:23:29.0640 3636 MpKslc78f624e - ok
21:23:29.0665 3636 MpKsld84845f0 - ok
21:23:29.0677 3636 MpKsldd6e5af4 - ok
21:23:29.0681 3636 MpKslffac228a - ok
21:23:29.0728 3636 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
21:23:29.0729 3636 MpNWMon - ok
21:23:29.0748 3636 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
21:23:29.0750 3636 mpsdrv - ok
21:23:29.0772 3636 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
21:23:29.0774 3636 MRxDAV - ok
21:23:29.0814 3636 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:23:29.0816 3636 mrxsmb - ok
21:23:29.0877 3636 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:23:29.0885 3636 mrxsmb10 - ok
21:23:29.0901 3636 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:23:29.0904 3636 mrxsmb20 - ok
21:23:29.0929 3636 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
21:23:29.0931 3636 msahci - ok
21:23:29.0960 3636 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
21:23:29.0963 3636 msdsm - ok
21:23:30.0005 3636 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
21:23:30.0009 3636 MSDTC - ok
21:23:30.0046 3636 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
21:23:30.0048 3636 Msfs - ok
21:23:30.0062 3636 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
21:23:30.0063 3636 mshidkmdf - ok
21:23:30.0079 3636 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
21:23:30.0081 3636 msisadrv - ok
21:23:30.0121 3636 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
21:23:30.0124 3636 MSiSCSI - ok
21:23:30.0128 3636 msiserver - ok
21:23:30.0159 3636 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
21:23:30.0162 3636 MSKSSRV - ok
21:23:30.0191 3636 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
21:23:30.0193 3636 MSPCLOCK - ok
21:23:30.0202 3636 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
21:23:30.0202 3636 MSPQM - ok
21:23:30.0225 3636 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
21:23:30.0228 3636 MsRPC - ok
21:23:30.0259 3636 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
21:23:30.0260 3636 mssmbios - ok
21:23:30.0274 3636 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
21:23:30.0275 3636 MSTEE - ok
21:23:30.0295 3636 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
21:23:30.0296 3636 MTConfig - ok
21:23:30.0328 3636 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys
21:23:30.0330 3636 MTsensor - ok
21:23:30.0345 3636 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
21:23:30.0347 3636 Mup - ok
21:23:30.0392 3636 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
21:23:30.0406 3636 napagent - ok
21:23:30.0454 3636 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
21:23:30.0507 3636 NativeWifiP - ok
21:23:30.0573 3636 NDIS (779e9149d3662ed6beb58a67e3c775f4) C:\Windows\system32\drivers\ndis.sys
21:23:30.0584 3636 NDIS - ok
21:23:30.0609 3636 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
21:23:30.0611 3636 NdisCap - ok
21:23:30.0626 3636 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
21:23:30.0627 3636 NdisTapi - ok
21:23:30.0642 3636 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
21:23:30.0644 3636 Ndisuio - ok
21:23:30.0665 3636 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
21:23:30.0667 3636 NdisWan - ok
21:23:30.0678 3636 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
21:23:30.0679 3636 NDProxy - ok
21:23:30.0693 3636 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
21:23:30.0695 3636 NetBIOS - ok
21:23:30.0726 3636 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
21:23:30.0738 3636 NetBT - ok
21:23:30.0787 3636 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
21:23:30.0790 3636 Netlogon - ok
21:23:30.0831 3636 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
21:23:30.0837 3636 Netman - ok
21:23:30.0969 3636 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:23:30.0983 3636 NetMsmqActivator - ok
21:23:31.0007 3636 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:23:31.0010 3636 NetPipeActivator - ok
21:23:31.0072 3636 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
21:23:31.0094 3636 netprofm - ok
21:23:31.0103 3636 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:23:31.0107 3636 NetTcpActivator - ok
21:23:31.0116 3636 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:23:31.0119 3636 NetTcpPortSharing - ok
21:23:31.0401 3636 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
21:23:31.0499 3636 netw5v32 - ok
21:23:31.0641 3636 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
21:23:31.0644 3636 nfrd960 - ok
21:23:31.0720 3636 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:23:31.0724 3636 NisDrv - ok
21:23:31.0839 3636 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
21:23:31.0848 3636 NisSrv - ok
21:23:31.0899 3636 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
21:23:31.0916 3636 NlaSvc - ok
21:23:31.0948 3636 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
21:23:31.0951 3636 Npfs - ok
21:23:31.0965 3636 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
21:23:31.0970 3636 nsi - ok
21:23:31.0981 3636 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
21:23:31.0983 3636 nsiproxy - ok
21:23:32.0124 3636 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
21:23:32.0172 3636 Ntfs - ok
21:23:32.0191 3636 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
21:23:32.0193 3636 Null - ok
21:23:32.0240 3636 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
21:23:32.0244 3636 nvraid - ok
21:23:32.0312 3636 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
21:23:32.0316 3636 nvstor - ok
21:23:32.0357 3636 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
21:23:32.0360 3636 nv_agp - ok
21:23:32.0406 3636 NWADI (8261ca50939f83b87c0e474c51c8ef67) C:\Windows\system32\DRIVERS\NWADIenum.sys
21:23:32.0410 3636 NWADI - ok
21:23:32.0493 3636 NWUSBModem (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbmdm.sys
21:23:32.0506 3636 NWUSBModem - ok
21:23:32.0557 3636 NWUSBPort (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbser.sys
21:23:32.0560 3636 NWUSBPort - ok
21:23:32.0687 3636 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:23:32.0707 3636 odserv - ok
21:23:32.0742 3636 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
21:23:32.0744 3636 ohci1394 - ok
21:23:32.0781 3636 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:23:32.0785 3636 ose - ok
21:23:32.0836 3636 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:23:32.0842 3636 p2pimsvc - ok
21:23:32.0894 3636 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
21:23:32.0908 3636 p2psvc - ok
21:23:32.0931 3636 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
21:23:32.0933 3636 Parport - ok
21:23:32.0962 3636 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
21:23:32.0965 3636 partmgr - ok
21:23:32.0984 3636 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
21:23:32.0985 3636 Parvdm - ok
21:23:33.0002 3636 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
21:23:33.0007 3636 PcaSvc - ok
21:23:33.0038 3636 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
21:23:33.0042 3636 pci - ok
21:23:33.0060 3636 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
21:23:33.0062 3636 pciide - ok
21:23:33.0095 3636 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
21:23:33.0107 3636 pcmcia - ok
21:23:33.0126 3636 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
21:23:33.0128 3636 pcw - ok
21:23:33.0186 3636 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
21:23:33.0208 3636 PEAUTH - ok
21:23:33.0358 3636 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
21:23:33.0405 3636 pla - ok
21:23:33.0568 3636 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll
21:23:33.0583 3636 PlugPlay - ok
21:23:33.0601 3636 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
21:23:33.0605 3636 PNRPAutoReg - ok
21:23:33.0636 3636 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:23:33.0641 3636 PNRPsvc - ok
21:23:33.0720 3636 Point32 (60a044879c4fa76314494f5fddc43b93) C:\Windows\system32\DRIVERS\point32.sys
21:23:33.0723 3636 Point32 - ok
21:23:33.0777 3636 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
21:23:33.0813 3636 PolicyAgent - ok
21:23:33.0857 3636 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
21:23:33.0862 3636 Power - ok
21:23:33.0893 3636 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
21:23:33.0902 3636 PptpMiniport - ok
21:23:33.0925 3636 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
21:23:33.0928 3636 Processor - ok
21:23:33.0960 3636 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
21:23:33.0972 3636 ProfSvc - ok
21:23:34.0009 3636 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
21:23:34.0012 3636 ProtectedStorage - ok
21:23:34.0036 3636 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
21:23:34.0038 3636 Psched - ok
21:23:34.0086 3636 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
21:23:34.0088 3636 PxHelp20 - ok
21:23:34.0212 3636 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
21:23:34.0274 3636 ql2300 - ok
21:23:34.0432 3636 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
21:23:34.0435 3636 ql40xx - ok
21:23:34.0484 3636 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
21:23:34.0503 3636 QWAVE - ok
21:23:34.0518 3636 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
21:23:34.0521 3636 QWAVEdrv - ok
21:23:34.0572 3636 R5U870FLx86 (c7978ab193c145bc82625a5516c5224b) C:\Windows\system32\Drivers\R5U870FLx86.sys
21:23:34.0574 3636 R5U870FLx86 - ok
21:23:34.0598 3636 R5U870FUx86 (0caf10cfa5a3dbf334aba05058407291) C:\Windows\system32\Drivers\R5U870FUx86.sys
21:23:34.0599 3636 R5U870FUx86 - ok
21:23:34.0618 3636 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
21:23:34.0619 3636 RasAcd - ok
21:23:34.0641 3636 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:23:34.0643 3636 RasAgileVpn - ok
21:23:34.0680 3636 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
21:23:34.0683 3636 RasAuto - ok
21:23:34.0692 3636 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:23:34.0694 3636 Rasl2tp - ok
21:23:34.0726 3636 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
21:23:34.0743 3636 RasMan - ok
21:23:34.0758 3636 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
21:23:34.0760 3636 RasPppoe - ok
21:23:34.0793 3636 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
21:23:34.0796 3636 RasSstp - ok
21:23:34.0822 3636 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
21:23:34.0830 3636 rdbss - ok
21:23:34.0852 3636 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
21:23:34.0874 3636 rdpbus - ok
21:23:34.0896 3636 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:23:34.0898 3636 RDPCDD - ok
21:23:34.0914 3636 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
21:23:34.0916 3636 RDPENCDD - ok
21:23:34.0930 3636 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
21:23:34.0931 3636 RDPREFMP - ok
21:23:34.0979 3636 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\Windows\system32\drivers\RDPWD.sys
21:23:34.0992 3636 RDPWD - ok
21:23:35.0034 3636 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
21:23:35.0046 3636 rdyboost - ok
21:23:35.0085 3636 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
21:23:35.0088 3636 RemoteAccess - ok
21:23:35.0110 3636 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
21:23:35.0114 3636 RemoteRegistry - ok
21:23:35.0289 3636 RichVideo (41ddcf1add1fb7de23dcf671740ddbe6) C:\Program Files\CyberLink\Shared files\RichVideo.exe
21:23:35.0307 3636 RichVideo - ok
21:23:35.0336 3636 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
21:23:35.0340 3636 RpcEptMapper - ok
21:23:35.0362 3636 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
21:23:35.0365 3636 RpcLocator - ok
21:23:35.0412 3636 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
21:23:35.0421 3636 RpcSs - ok
21:23:35.0448 3636 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
21:23:35.0450 3636 rspndr - ok
21:23:35.0463 3636 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
21:23:35.0478 3636 s3cap - ok
21:23:35.0507 3636 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
21:23:35.0511 3636 SamSs - ok
21:23:35.0546 3636 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
21:23:35.0548 3636 sbp2port - ok
21:23:35.0572 3636 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
21:23:35.0577 3636 SCardSvr - ok
21:23:35.0588 3636 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
21:23:35.0589 3636 scfilter - ok
21:23:35.0686 3636 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
21:23:35.0710 3636 Schedule - ok
21:23:35.0741 3636 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
21:23:35.0742 3636 SCPolicySvc - ok
21:23:35.0753 3636 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
21:23:35.0756 3636 SDRSVC - ok
21:23:35.0777 3636 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:23:35.0779 3636 secdrv - ok
21:23:35.0794 3636 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
21:23:35.0797 3636 seclogon - ok
21:23:35.0814 3636 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
21:23:35.0816 3636 SENS - ok
21:23:35.0825 3636 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
21:23:35.0826 3636 Serenum - ok
21:23:35.0852 3636 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
21:23:35.0854 3636 Serial - ok
21:23:35.0872 3636 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
21:23:35.0874 3636 sermouse - ok
21:23:35.0908 3636 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
21:23:35.0911 3636 SessionEnv - ok
21:23:35.0955 3636 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
21:23:35.0957 3636 SFEP - ok
21:23:35.0984 3636 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
21:23:35.0986 3636 sffdisk - ok
21:23:35.0993 3636 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:23:35.0994 3636 sffp_mmc - ok
21:23:36.0002 3636 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
21:23:36.0003 3636 sffp_sd - ok
21:23:36.0008 3636 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
21:23:36.0010 3636 sfloppy - ok
21:23:36.0076 3636 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
21:23:36.0091 3636 SharedAccess - ok
21:23:36.0146 3636 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
21:23:36.0160 3636 ShellHWDetection - ok
21:23:36.0194 3636 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
21:23:36.0196 3636 sisagp - ok
21:23:36.0213 3636 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:23:36.0214 3636 SiSRaid2 - ok
21:23:36.0237 3636 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
21:23:36.0239 3636 SiSRaid4 - ok
21:23:36.0254 3636 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
21:23:36.0256 3636 Smb - ok
21:23:36.0345 3636 SMSIVZAM5 (1e715247efffdda938c085913045d599) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
21:23:36.0348 3636 SMSIVZAM5 - ok
21:23:36.0392 3636 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
21:23:36.0396 3636 SNMPTRAP - ok
21:23:36.0419 3636 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
21:23:36.0421 3636 spldr - ok
21:23:36.0467 3636 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
21:23:36.0514 3636 Spooler - ok
21:23:36.0729 3636 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
21:23:36.0810 3636 sppsvc - ok
21:23:36.0942 3636 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
21:23:36.0949 3636 sppuinotify - ok
21:23:37.0028 3636 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
21:23:37.0042 3636 srv - ok
21:23:37.0085 3636 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
21:23:37.0102 3636 srv2 - ok
21:23:37.0154 3636 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:23:37.0163 3636 SrvHsfHDA - ok
21:23:37.0250 3636 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
21:23:37.0276 3636 SrvHsfV92 - ok
21:23:37.0335 3636 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
21:23:37.0350 3636 SrvHsfWinac - ok
21:23:37.0403 3636 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
21:23:37.0408 3636 srvnet - ok
21:23:37.0443 3636 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
21:23:37.0457 3636 SSDPSRV - ok
21:23:37.0480 3636 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
21:23:37.0485 3636 SstpSvc - ok
21:23:37.0517 3636 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
21:23:37.0519 3636 stexstor - ok
21:23:37.0586 3636 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
21:23:37.0604 3636 StiSvc - ok
21:23:37.0617 3636 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
21:23:37.0620 3636 storflt - ok
21:23:37.0649 3636 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
21:23:37.0650 3636 storvsc - ok
21:23:37.0671 3636 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
21:23:37.0673 3636 swenum - ok
21:23:37.0719 3636 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
21:23:37.0731 3636 swprv - ok
21:23:37.0825 3636 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
21:23:37.0847 3636 SysMain - ok
21:23:37.0878 3636 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
21:23:37.0897 3636 TapiSrv - ok
21:23:37.0910 3636 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
21:23:37.0914 3636 TBS - ok
21:23:38.0070 3636 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
21:23:38.0117 3636 Tcpip - ok
21:23:38.0142 3636 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
21:23:38.0149 3636 TCPIP6 - ok
21:23:38.0190 3636 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
21:23:38.0192 3636 tcpipreg - ok
21:23:38.0208 3636 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
21:23:38.0209 3636 TDPIPE - ok
21:23:38.0251 3636 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys
21:23:38.0253 3636 TDTCP - ok
21:23:38.0274 3636 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
21:23:38.0275 3636 tdx - ok
21:23:38.0291 3636 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
21:23:38.0293 3636 TermDD - ok
21:23:38.0355 3636 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
21:23:38.0380 3636 TermService - ok
21:23:38.0404 3636 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
21:23:38.0408 3636 Themes - ok
21:23:38.0435 3636 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:23:38.0438 3636 THREADORDER - ok
21:23:38.0462 3636 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
21:23:38.0467 3636 TrkWks - ok
21:23:38.0528 3636 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
21:23:38.0537 3636 TrustedInstaller - ok
21:23:38.0565 3636 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:23:38.0567 3636 tssecsrv - ok
21:23:38.0592 3636 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
21:23:38.0594 3636 tunnel - ok
21:23:38.0628 3636 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
21:23:38.0630 3636 uagp35 - ok
21:23:38.0654 3636 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
21:23:38.0659 3636 udfs - ok
21:23:38.0700 3636 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
21:23:38.0705 3636 UI0Detect - ok
21:23:38.0723 3636 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
21:23:38.0725 3636 uliagpkx - ok
21:23:38.0739 3636 umbus (71bbf3e8078d585abf27411a8986eb95) C:\Windows\system32\DRIVERS\umbus.sys
21:23:38.0741 3636 umbus - ok
21:23:38.0761 3636 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
21:23:38.0763 3636 UmPass - ok
21:23:38.0807 3636 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
21:23:38.0836 3636 upnphost - ok
21:23:38.0891 3636 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
21:23:38.0893 3636 USBAAPL - ok
21:23:38.0937 3636 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
21:23:38.0939 3636 usbccgp - ok
21:23:38.0989 3636 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
21:23:38.0992 3636 usbehci - ok
21:23:39.0030 3636 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
21:23:39.0047 3636 usbhub - ok
21:23:39.0070 3636 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
21:23:39.0072 3636 usbohci - ok
21:23:39.0104 3636 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
21:23:39.0106 3636 usbprint - ok
21:23:39.0154 3636 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:23:39.0157 3636 USBSTOR - ok
21:23:39.0176 3636 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys
21:23:39.0179 3636 usbuhci - ok
21:23:39.0228 3636 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys
21:23:39.0231 3636 usbvideo - ok
21:23:39.0257 3636 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
21:23:39.0261 3636 UxSms - ok
21:23:39.0297 3636 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
21:23:39.0300 3636 VaultSvc - ok
21:23:39.0325 3636 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
21:23:39.0328 3636 vdrvroot - ok
21:23:39.0376 3636 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
21:23:39.0394 3636 vds - ok
21:23:39.0412 3636 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
21:23:39.0414 3636 vga - ok
21:23:39.0433 3636 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
21:23:39.0435 3636 VgaSave - ok
21:23:39.0467 3636 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
21:23:39.0470 3636 vhdmp - ok
21:23:39.0489 3636 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
21:23:39.0491 3636 viaagp - ok
21:23:39.0511 3636 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
21:23:39.0513 3636 ViaC7 - ok
21:23:39.0523 3636 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
21:23:39.0524 3636 viaide - ok
21:23:39.0550 3636 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
21:23:39.0562 3636 vmbus - ok
21:23:39.0581 3636 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
21:23:39.0583 3636 VMBusHID - ok
21:23:39.0602 3636 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
21:23:39.0604 3636 volmgr - ok
21:23:39.0632 3636 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
21:23:39.0648 3636 volmgrx - ok
21:23:39.0682 3636 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
21:23:39.0690 3636 volsnap - ok
21:23:39.0721 3636 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
21:23:39.0724 3636 vsmraid - ok
21:23:39.0849 3636 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
21:23:39.0883 3636 VSS - ok
21:23:39.0898 3636 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
21:23:39.0901 3636 vwifibus - ok
21:23:39.0934 3636 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
21:23:39.0951 3636 W32Time - ok
21:23:39.0971 3636 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
21:23:39.0972 3636 WacomPen - ok
21:23:39.0993 3636 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
21:23:39.0995 3636 WANARP - ok
21:23:39.0999 3636 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
21:23:39.0999 3636 Wanarpv6 - ok
21:23:40.0140 3636 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
21:23:40.0184 3636 WatAdminSvc - ok
21:23:40.0235 3636 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
21:23:40.0249 3636 WbioSrvc - ok
21:23:40.0306 3636 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\Windows\System32\wcncsvc.dll
21:23:40.0334 3636 wcncsvc - ok
21:23:40.0364 3636 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
21:23:40.0368 3636 WcsPlugInService - ok
21:23:40.0414 3636 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
21:23:40.0417 3636 Wd - ok
21:23:40.0461 3636 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
21:23:40.0463 3636 WDC_SAM - ok
21:23:40.0538 3636 WDDMService (90c0fe55328fb79292a2dc3b3cbeb12a) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
21:23:40.0566 3636 WDDMService - ok
21:23:40.0639 3636 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:23:40.0678 3636 Wdf01000 - ok
21:23:40.0850 3636 WDFME (dd017deb8a60085559e94089801bccb1) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
21:23:40.0890 3636 WDFME - ok
21:23:41.0027 3636 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
21:23:41.0032 3636 WdiServiceHost - ok
21:23:41.0037 3636 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
21:23:41.0041 3636 WdiSystemHost - ok
21:23:41.0158 3636 WDSC (796a652180acbab0771e206043c1f628) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
21:23:41.0172 3636 WDSC - ok
21:23:41.0209 3636 WebClient (d87c7d2c517f82a5ab7a73e203063d9e) C:\Windows\System32\webclnt.dll
21:23:41.0229 3636 WebClient - ok
21:23:41.0260 3636 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
21:23:41.0272 3636 Wecsvc - ok
21:23:41.0317 3636 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
21:23:41.0319 3636 WfpLwf - ok
21:23:41.0348 3636 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
21:23:41.0350 3636 WIMMount - ok
21:23:41.0365 3636 WinHttpAutoProxySvc - ok
21:23:41.0438 3636 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
21:23:41.0441 3636 Winmgmt - ok
21:23:41.0577 3636 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
21:23:41.0611 3636 WinRM - ok
21:23:41.0681 3636 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
21:23:41.0683 3636 WinUsb - ok
21:23:41.0743 3636 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
21:23:41.0792 3636 Wlansvc - ok
21:23:42.0072 3636 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:23:42.0123 3636 wlidsvc - ok
21:23:42.0253 3636 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:23:42.0255 3636 WmiAcpi - ok
21:23:42.0316 3636 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
21:23:42.0319 3636 wmiApSrv - ok
21:23:42.0348 3636 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
21:23:42.0352 3636 WPCSvc - ok
21:23:42.0372 3636 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
21:23:42.0377 3636 WPDBusEnum - ok
21:23:42.0395 3636 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
21:23:42.0397 3636 ws2ifsl - ok
21:23:42.0546 3636 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
21:23:42.0615 3636 wuauserv - ok
21:23:42.0754 3636 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
21:23:42.0757 3636 WudfPf - ok
21:23:42.0790 3636 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:23:42.0794 3636 WUDFRd - ok
21:23:42.0848 3636 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
21:23:42.0854 3636 wudfsvc - ok
21:23:42.0912 3636 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
21:23:42.0967 3636 WwanSvc - ok
21:23:43.0061 3636 yukonw7 (3eb1576f77b60a6c79dd7742b67219b8) C:\Windows\system32\DRIVERS\yk62x86.sys
21:23:43.0077 3636 yukonw7 - ok
21:23:43.0109 3636 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:23:43.0401 3636 \Device\Harddisk0\DR0 - ok
21:23:43.0408 3636 Boot (0x1200) (17f5b79d182ba22b9ff7bffea012d69b) \Device\Harddisk0\DR0\Partition0
21:23:43.0411 3636 \Device\Harddisk0\DR0\Partition0 - ok
21:23:43.0454 3636 Boot (0x1200) (4ad39893b108d1576793b18e38d6a971) \Device\Harddisk0\DR0\Partition1
21:23:43.0457 3636 \Device\Harddisk0\DR0\Partition1 - ok
21:23:43.0458 3636 ============================================================
21:23:43.0458 3636 Scan finished
21:23:43.0458 3636 ============================================================
21:23:43.0479 1900 Detected object count: 0
21:23:43.0479 1900 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-20 21:25:26
-----------------------------
21:25:26.555 OS Version: Windows 6.1.7600
21:25:26.555 Number of processors: 2 586 0xF0A
21:25:26.557 ComputerName: WIN-9NGVEMKHBUP UserName: Administrator
21:25:29.948 Initialize success
21:26:49.579 AVAST engine defs: 12072001
21:27:02.810 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:27:02.816 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
21:27:02.840 Disk 0 MBR read successfully
21:27:02.847 Disk 0 MBR scan
21:27:02.858 Disk 0 Windows 7 default MBR code
21:27:02.874 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:27:02.894 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
21:27:02.910 Disk 0 scanning sectors +976771072
21:27:02.986 Disk 0 scanning C:\Windows\system32\drivers
21:27:14.379 Service scanning
21:27:54.904 Modules scanning
21:28:24.779 Disk 0 trace - called modules:
21:28:24.834 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
21:28:24.843 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x863a3aa0]
21:28:24.850 3 CLASSPNP.SYS[89b5a59e] -> nt!IofCallDriver -> [0x85965410]
21:28:24.858 5 ACPI.sys[892393b2] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85583028]
21:28:26.521 AVAST engine scan C:\Windows
21:28:29.913 AVAST engine scan C:\Windows\system32
21:30:53.526 AVAST engine scan C:\Windows\system32\drivers
21:31:06.459 AVAST engine scan C:\Users\Administrator
21:49:35.953 AVAST engine scan C:\ProgramData
21:50:38.924 Scan finished successfully
21:50:59.062 Disk 0 MBR has been saved successfully to "C:\Users\Administrator\Desktop\BleepingComputer\MBR.dat"
21:50:59.069 The log file has been saved successfully to "C:\Users\Administrator\Desktop\BleepingComputer\aswMBR.txt"
C:\Users\Administrator\AppData\Local\Temp\ICReinstall\cnet_mp3mymp3install_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Administrator\Desktop\Desktop Organization Folder\Clutter\finaltorrent_731.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Administrator\Downloads\cnet_mp3mymp3install_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:01 AM

Posted 21 July 2012 - 06:50 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here



Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#5 tbailey

tbailey
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 21 July 2012 - 08:49 PM

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User: Administrator [Admin rights]
Mode: HOSTSFix -- Date: 07/21/2012 18:35:15

Bad processes: 1
[SUSP PATH] MusicManager.exe -- C:\Users\Administrator\AppData\Local\Programs\Google\MusicManager\MusicManager.exe -> KILLED [TermProc]

Driver: [LOADED]

HOSTS File:
127.0.0.1 localhost
::1 localhost
217.23.4.166 www.google-analytics.com.
217.23.4.166 ad-emea.doubleclick.net.
217.23.4.166 www.statcounter.com.
69.72.252.254 www.google-analytics.com.
69.72.252.254 ad-emea.doubleclick.net.
69.72.252.254 www.statcounter.com.


Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt


MiniToolBox by Farbar Version: 15-07-2012
Ran by Administrator (administrator) on 21-07-2012 at 18:37:43
Microsoft Windows 7 Ultimate (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Wireless WiFi Link 4965AGN = Wireless Network Connection (Connected)
Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : WIN-9NGVEMKHBUP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-13-A9-C2-4F-C4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-13-E8-2E-A6-93
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6c52:a8f3:f44f:c095%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.15.89(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, July 21, 2012 16:08:04
Lease Expires . . . . . . . . . . : Sunday, July 22, 2012 16:08:05
Default Gateway . . . . . . . . . : 192.168.15.1
DHCP Server . . . . . . . . . . . : 192.168.15.1
DHCPv6 IAID . . . . . . . . . . . : 184554472
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-95-D7-5C-00-13-A9-C2-4F-C4
DNS Servers . . . . . . . . . . . : 192.168.15.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{577D4357-FB3C-479E-BD70-6D5FA3782C2B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: WiMaxCPE
Address: 192.168.15.1

Name: google.com
Addresses: 2607:f8b0:400a:800::1002
173.194.33.8
173.194.33.2
173.194.33.4
173.194.33.3
173.194.33.9
173.194.33.1
173.194.33.5
173.194.33.7
173.194.33.14
173.194.33.0
173.194.33.6


Pinging google.com [173.194.33.6] with 32 bytes of data:
Reply from 173.194.33.6: bytes=32 time=50ms TTL=56
Reply from 173.194.33.6: bytes=32 time=69ms TTL=56

Ping statistics for 173.194.33.6:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 69ms, Average = 59ms
Server: WiMaxCPE
Address: 192.168.15.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=220ms TTL=50
Reply from 98.139.183.24: bytes=32 time=144ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 144ms, Maximum = 220ms, Average = 182ms
Server: WiMaxCPE
Address: 192.168.15.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 13 a9 c2 4f c4 ......Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller
11...00 13 e8 2e a6 93 ......Intel® Wireless WiFi Link 4965AGN
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.15.1 192.168.15.89 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.15.0 255.255.255.0 On-link 192.168.15.89 281
192.168.15.89 255.255.255.255 On-link 192.168.15.89 281
192.168.15.255 255.255.255.255 On-link 192.168.15.89 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.15.89 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.15.89 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::6c52:a8f3:f44f:c095/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/21/2012 05:36:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/21/2012 05:36:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/21/2012 05:36:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/21/2012 05:36:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/21/2012 05:36:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/21/2012 05:36:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/21/2012 05:36:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/21/2012 05:36:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/21/2012 05:36:35 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/21/2012 05:36:35 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (07/21/2012 04:08:07 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/21/2012 04:08:07 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (07/21/2012 04:08:04 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/21/2012 04:05:39 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/21/2012 04:05:39 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (07/21/2012 04:05:36 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/21/2012 03:58:55 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/21/2012 03:58:55 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (07/21/2012 03:58:51 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/21/2012 03:54:55 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (12/14/2010 07:21:33 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2117 seconds with 1920 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Amazon MP3 Downloader 1.0.12 (Version: 1.0.12)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Art Effects for PDR10 (Version: 2.0)
Bonjour (Version: 3.0.0.10)
CyberLink PowerDirector 10 (Version: 10.0.0.1703)
CyberLink PowerDirector 10 Content Pack I (Version: 10.0)
CyberLink PowerDirector 10 Content Pack II (Version: 10.0)
CyberLink Travel Pack (Version: 1.0)
CyberLink WaveEditor (Version: 1.0.1.4006)
D3DX10 (Version: 15.4.2368.0902)
ESET Online Scanner v3
Everything 1.2.1.371
File Type Assistant
FileZilla Client 3.5.1 (Version: 3.5.1)
FinalTorrent 2011
Free WMA to MP3 Converter 1.16
Garmin ANT Agent (Version: 2.3.3)
Garmin Communicator Plugin (Version: 3.0.1)
Garmin Training Center (Version: 3.5.3)
Garmin Training Center (Version: 3.6.5)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.4.2)
Google Chrome (Version: 20.0.1132.57)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Talk Plugin (Version: 3.2.4.8431)
Google Update Helper (Version: 1.3.21.115)
HashTab 2.1.1 (Version: 2.1.1)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Intel® TV Wizard
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java DB 10.5.3.0 (Version: 10.5.3.0)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ SE Development Kit 6 Update 23 (Version: 1.6.0.230)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mobile Broadband Generic Drivers (Version: 2.03.06.002.14)
Moveslink (Version: 1.0.39)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
Music Manager
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PHOTOfunSTUDIO 6.1 HD Lite Edition (Version: 6.01.015)
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Reimage Repair (Version: 1.6.0.2)
SmartSound Quicktracks 5 (Version: 5.1.8)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.2.610.g090a06f8)
Suunto Trek Manager
Suunto USB Driver
Suunto USB Driver (Version: 2.4.6)
Suunto USB Serial Port (Driver Removal)
TOPO! (Version: 03.04.3000)
TOPO! 4 (Version: 4.2.8)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon Wireless USB720-V740 Firmware Updates (Version: 1.0.1)
Verizon Wireless USB727 Firmware Updates (Version: 1.0.0)
VZAccess Manager (Version: 7.2.1.2)
WD SmartWare (Version: 1.4.3.4)
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) (Version: 07/07/2009 1.12.2)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - Suunto (libusb0) Suunto (10/02/2010 1.2.2.0) (Version: 10/02/2010 1.2.2.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
WordBiz version 1.8 (Version: 1.8)

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 2038.43 MB
Available physical RAM: 990.08 MB
Total Pagefile: 4076.86 MB
Available Pagefile: 2890.62 MB
Total Virtual: 2047.88 MB
Available Virtual: 1930.24 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:301.74 GB) NTFS

========================= Users: ========================================

User accounts for \\WIN-9NGVEMKHBUP

Administrator Guest


**** End of log ****
Farbar Service Scanner Version: 19-07-2012
Ran by Administrator (administrator) on 21-07-2012 at 18:45:03
Running from "C:\Users\Administrator\Desktop\BleepingComputer"
Microsoft Windows 7 Ultimate (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Demand
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2011-11-09 12:10] - [2011-09-29 08:43] - 1285488 ____A (Microsoft Corporation) 56C198AC82EFA622DD93E9E43575F79C

C:\Windows\system32\dnsrslvr.dll
[2011-04-14 20:06] - [2011-03-02 22:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-13 16:53] - [2009-07-13 18:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-13 16:54] - [2009-07-13 18:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-13 16:23] - [2009-07-13 18:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-13 16:24] - [2009-07-13 18:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C


ATTENTION!=====> C:\Windows\system32\wscsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll
[2009-07-13 17:15] - [2009-07-13 18:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\Windows\system32\qmgr.dll
[2009-07-13 16:30] - [2009-07-13 18:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit

ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
# AdwCleaner v1.703 - Logfile created 07/21/2012 at 18:46:00
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Ultimate (32 bits)
# User : Administrator - WIN-9NGVEMKHBUP
# Running from : C:\Users\Administrator\Desktop\BleepingComputer\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\WeCareReminder

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\lcupsljx.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1211 octets] - [21/07/2012 18:46:00]

########## EOF - C:\AdwCleaner[S1].txt - [1339 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:01 AM

Posted 21 July 2012 - 08:56 PM

Create a restore point before trying this

Download

MpsSvc
BFE
wscsvc
defender


Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#7 tbailey

tbailey
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 21 July 2012 - 10:07 PM

Farbar Service Scanner Version: 19-07-2012
Ran by Administrator (administrator) on 21-07-2012 at 20:06:49
Running from "C:\Users\Administrator\Desktop\BleepingComputer"
Microsoft Windows 7 Ultimate (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2011-11-09 12:10] - [2011-09-29 08:43] - 1285488 ____A (Microsoft Corporation) 56C198AC82EFA622DD93E9E43575F79C

C:\Windows\system32\dnsrslvr.dll
[2011-04-14 20:06] - [2011-03-02 22:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-13 16:53] - [2009-07-13 18:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-13 16:54] - [2009-07-13 18:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-13 16:23] - [2009-07-13 18:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-13 16:24] - [2009-07-13 18:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C


ATTENTION!=====> C:\Windows\system32\wscsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll
[2009-07-13 17:15] - [2009-07-13 18:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\Windows\system32\qmgr.dll
[2009-07-13 16:30] - [2009-07-13 18:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit

ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:01 AM

Posted 21 July 2012 - 10:29 PM

Launch FSS again and type

MpSvc.dll;wscsvc.dll

Click on search files

Post the generated log

#9 tbailey

tbailey
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 22 July 2012 - 02:41 AM

Farbar Service Scanner Version: 19-07-2012
Ran by Administrator (administrator) on 22-07-2012 at 00:34:39
Microsoft Windows 7 Ultimate (X86)

************************************************
======== Search: "MpSvc.dll;wscsvc.dll" =========

C:\Program Files\Microsoft Security Client\Antimalware\MpSvc.dll
[2011-04-27 15:37] - [2011-04-27 15:37] - 0925568 ____A (Microsoft Corporation) F614AB3F0AF8DEFE7AD91BE2BA483603

====== End Of Search ======

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:01 AM

Posted 22 July 2012 - 07:41 AM

Download

Files.zip

Extract them,

copy wscsvc.dll to

C:\Windows\system32

copy MpSvc.dll to

C:\Program Files\Windows Defender

Restart the PC and post the new FSS log

#11 tbailey

tbailey
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 22 July 2012 - 11:18 AM

No folder/file called windows defender on my computer. Not able to copy MpSvc.dll

Farbar Service Scanner Version: 19-07-2012
Ran by Administrator (administrator) on 22-07-2012 at 09:15:35
Running from "C:\Users\Administrator\Desktop\BleepingComputer"
Microsoft Windows 7 Ultimate (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2011-11-09 12:10] - [2011-09-29 08:43] - 1285488 ____A (Microsoft Corporation) 56C198AC82EFA622DD93E9E43575F79C

C:\Windows\system32\dnsrslvr.dll
[2011-04-14 20:06] - [2011-03-02 22:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-13 16:53] - [2009-07-13 18:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-13 16:54] - [2009-07-13 18:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-13 16:23] - [2009-07-13 18:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-13 16:24] - [2009-07-13 18:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll
[2009-07-13 17:15] - [2009-07-13 18:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\Windows\system32\qmgr.dll
[2009-07-13 16:30] - [2009-07-13 18:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit

ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:01 AM

Posted 22 July 2012 - 12:51 PM

Any current issues before we wrap up :)

#13 tbailey

tbailey
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 22 July 2012 - 07:05 PM

Do you think I should install windows defender? Thank you so much for your help and taking the time fix my computer.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:01 AM

Posted 22 July 2012 - 07:08 PM

You dont need windows defender if you have microsoft security essentials :thumbup2:

Edited by narenxp, 22 July 2012 - 07:09 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users