Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect - It Has Happened to Me


  • Please log in to reply
7 replies to this topic

#1 w_c_b

w_c_b

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 24 July 2012 - 10:14 PM

Despite all my cautions to my spouse, kids, etc., who use this computer from time to time, someone apparently stumbled on to a site that planted a Google Redirect rootkit on my machine. This one appears to be somewhat more sophisticated than others that have been reported here, since it doesn't seem to hit on every Google search. Rather, for certain keywords (including 'bank,' 'finance,' 'rootkit,' 'Bleeping Computer,' and the like) the first (and apparently only the first) item in a returned Google search gets redirected to a rogue or advertising website. The problem seems to show up both with Internet Explorer (9.0.8) and with Firefox (ver 15.0 beta). If I go back via the back arrow on either browser, and if I am successfully returned to the Google search results, then subsequent clicks on the first link in the results page then takes me to the correct website. My machine is a Dell Optiplex desktop running Win 7 Home Premium 32 bit with SP1 installed.

What else can I tell you, and what should I do next?

Thanks in advance for your help!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:51 PM

Posted 24 July 2012 - 10:18 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 w_c_b

w_c_b
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 25 July 2012 - 12:37 AM

Thanks for the prompt reply!

Here are the logs:

TDSSKiller -

22:20:24.0822 1060 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
22:20:25.0417 1060 ============================================================
22:20:25.0417 1060 Current date / time: 2012/07/24 22:20:25.0417
22:20:25.0417 1060 SystemInfo:
22:20:25.0417 1060
22:20:25.0417 1060 OS Version: 6.1.7601 ServicePack: 1.0
22:20:25.0417 1060 Product type: Workstation
22:20:25.0417 1060 ComputerName: HOMEOFFICE
22:20:25.0417 1060 UserName: WayneB
22:20:25.0417 1060 Windows directory: C:\Windows
22:20:25.0417 1060 System windows directory: C:\Windows
22:20:25.0417 1060 Processor architecture: Intel x86
22:20:25.0417 1060 Number of processors: 2
22:20:25.0417 1060 Page size: 0x1000
22:20:25.0417 1060 Boot type: Normal boot
22:20:25.0417 1060 ============================================================
22:20:26.0386 1060 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:20:26.0387 1060 Drive \Device\Harddisk1\DR1 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:20:26.0427 1060 ============================================================
22:20:26.0427 1060 \Device\Harddisk0\DR0:
22:20:26.0427 1060 MBR partitions:
22:20:26.0427 1060 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x1D18C77F
22:20:26.0427 1060 \Device\Harddisk1\DR1:
22:20:26.0427 1060 MBR partitions:
22:20:26.0427 1060 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1A4F3A
22:20:26.0427 1060 ============================================================
22:20:26.0451 1060 C: <-> \Device\Harddisk0\DR0\Partition0
22:20:26.0465 1060 D: <-> \Device\Harddisk1\DR1\Partition0
22:20:26.0465 1060 ============================================================
22:20:26.0465 1060 Initialize success
22:20:26.0465 1060 ============================================================
22:20:48.0443 0992 ============================================================
22:20:48.0443 0992 Scan started
22:20:48.0443 0992 Mode: Manual; TDLFS;
22:20:48.0443 0992 ============================================================
22:20:49.0170 0992 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:20:49.0172 0992 1394ohci - ok
22:20:49.0210 0992 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:20:49.0248 0992 ACPI - ok
22:20:49.0287 0992 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:20:49.0288 0992 AcpiPmi - ok
22:20:49.0379 0992 Adobe LM Service (4ae327c9c375d985ff2a2aab92765218) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:20:49.0381 0992 Adobe LM Service - ok
22:20:49.0512 0992 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:20:49.0516 0992 AdobeFlashPlayerUpdateSvc - ok
22:20:49.0570 0992 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:20:49.0580 0992 adp94xx - ok
22:20:49.0605 0992 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:20:49.0618 0992 adpahci - ok
22:20:49.0646 0992 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:20:49.0653 0992 adpu320 - ok
22:20:49.0676 0992 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:20:49.0678 0992 AeLookupSvc - ok
22:20:49.0764 0992 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:20:49.0776 0992 AFD - ok
22:20:49.0805 0992 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:20:49.0807 0992 agp440 - ok
22:20:49.0835 0992 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:20:49.0837 0992 aic78xx - ok
22:20:49.0863 0992 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:20:49.0865 0992 ALG - ok
22:20:49.0885 0992 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:20:49.0886 0992 aliide - ok
22:20:49.0901 0992 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:20:49.0902 0992 amdagp - ok
22:20:49.0916 0992 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:20:49.0917 0992 amdide - ok
22:20:49.0925 0992 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:20:49.0927 0992 AmdK8 - ok
22:20:49.0967 0992 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
22:20:49.0968 0992 AmdLLD - ok
22:20:49.0981 0992 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:20:49.0983 0992 AmdPPM - ok
22:20:50.0013 0992 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
22:20:50.0015 0992 amdsata - ok
22:20:50.0044 0992 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:20:50.0050 0992 amdsbs - ok
22:20:50.0067 0992 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
22:20:50.0068 0992 amdxata - ok
22:20:50.0108 0992 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:20:50.0109 0992 AppID - ok
22:20:50.0122 0992 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:20:50.0124 0992 AppIDSvc - ok
22:20:50.0166 0992 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:20:50.0168 0992 Appinfo - ok
22:20:50.0289 0992 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:20:50.0291 0992 Apple Mobile Device - ok
22:20:50.0334 0992 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:20:50.0336 0992 arc - ok
22:20:50.0345 0992 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:20:50.0347 0992 arcsas - ok
22:20:50.0463 0992 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:20:50.0464 0992 aspnet_state - ok
22:20:50.0491 0992 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:20:50.0492 0992 AsyncMac - ok
22:20:50.0518 0992 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:20:50.0519 0992 atapi - ok
22:20:50.0583 0992 athr (4a1f1d3b00e4230d8cbb48ad35fb89d8) C:\Windows\system32\DRIVERS\athr.sys
22:20:50.0606 0992 athr - ok
22:20:50.0839 0992 atikmdag (712d8a95e45b070114c5309ada7358ff) C:\Windows\system32\drivers\atikmdag.sys
22:20:50.0951 0992 atikmdag - ok
22:20:51.0074 0992 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:20:51.0118 0992 AudioEndpointBuilder - ok
22:20:51.0123 0992 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:20:51.0126 0992 Audiosrv - ok
22:20:51.0173 0992 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:20:51.0175 0992 AxInstSV - ok
22:20:51.0231 0992 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:20:51.0275 0992 b06bdrv - ok
22:20:51.0309 0992 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:20:51.0323 0992 b57nd60x - ok
22:20:51.0354 0992 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:20:51.0356 0992 BDESVC - ok
22:20:51.0398 0992 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:20:51.0399 0992 Beep - ok
22:20:51.0446 0992 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:20:51.0504 0992 BFE - ok
22:20:51.0568 0992 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
22:20:51.0585 0992 BITS - ok
22:20:51.0599 0992 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:20:51.0601 0992 blbdrive - ok
22:20:51.0682 0992 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:20:51.0694 0992 Bonjour Service - ok
22:20:51.0731 0992 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:20:51.0733 0992 bowser - ok
22:20:51.0746 0992 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:20:51.0747 0992 BrFiltLo - ok
22:20:51.0758 0992 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:20:51.0759 0992 BrFiltUp - ok
22:20:51.0775 0992 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
22:20:51.0777 0992 BridgeMP - ok
22:20:51.0815 0992 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:20:51.0822 0992 Browser - ok
22:20:51.0843 0992 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:20:51.0881 0992 Brserid - ok
22:20:51.0895 0992 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:20:51.0897 0992 BrSerWdm - ok
22:20:51.0920 0992 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:20:51.0922 0992 BrUsbMdm - ok
22:20:51.0932 0992 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:20:51.0933 0992 BrUsbSer - ok
22:20:51.0950 0992 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:20:51.0952 0992 BTHMODEM - ok
22:20:52.0006 0992 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:20:52.0008 0992 bthserv - ok
22:20:52.0058 0992 catchme - ok
22:20:52.0076 0992 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:20:52.0078 0992 cdfs - ok
22:20:52.0123 0992 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
22:20:52.0125 0992 cdrom - ok
22:20:52.0156 0992 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:20:52.0158 0992 CertPropSvc - ok
22:20:52.0184 0992 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:20:52.0186 0992 circlass - ok
22:20:52.0217 0992 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:20:52.0229 0992 CLFS - ok
22:20:52.0285 0992 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:20:52.0287 0992 clr_optimization_v2.0.50727_32 - ok
22:20:52.0389 0992 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:20:52.0390 0992 clr_optimization_v4.0.30319_32 - ok
22:20:52.0417 0992 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:20:52.0419 0992 CmBatt - ok
22:20:52.0442 0992 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:20:52.0444 0992 cmdide - ok
22:20:52.0481 0992 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
22:20:52.0542 0992 CNG - ok
22:20:52.0564 0992 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:20:52.0565 0992 Compbatt - ok
22:20:52.0610 0992 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:20:52.0612 0992 CompositeBus - ok
22:20:52.0626 0992 COMSysApp - ok
22:20:52.0635 0992 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:20:52.0636 0992 crcdisk - ok
22:20:52.0671 0992 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
22:20:52.0678 0992 CryptSvc - ok
22:20:52.0702 0992 dc3d (a27f00147bfdbc998da1141a9b379bd8) C:\Windows\system32\DRIVERS\dc3d.sys
22:20:52.0704 0992 dc3d - ok
22:20:52.0742 0992 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:20:52.0754 0992 DcomLaunch - ok
22:20:52.0780 0992 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:20:52.0793 0992 defragsvc - ok
22:20:52.0822 0992 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:20:52.0824 0992 DfsC - ok
22:20:52.0871 0992 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:20:52.0883 0992 Dhcp - ok
22:20:52.0957 0992 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:20:52.0959 0992 discache - ok
22:20:53.0097 0992 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:20:53.0098 0992 Disk - ok
22:20:53.0128 0992 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:20:53.0135 0992 Dnscache - ok
22:20:53.0161 0992 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:20:53.0175 0992 dot3svc - ok
22:20:53.0202 0992 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:20:53.0209 0992 DPS - ok
22:20:53.0217 0992 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:20:53.0218 0992 drmkaud - ok
22:20:53.0270 0992 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:20:53.0274 0992 DXGKrnl - ok
22:20:53.0297 0992 EagleNT - ok
22:20:53.0322 0992 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:20:53.0325 0992 EapHost - ok
22:20:53.0488 0992 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:20:53.0581 0992 ebdrv - ok
22:20:53.0661 0992 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:20:53.0663 0992 EFS - ok
22:20:53.0712 0992 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:20:53.0761 0992 ehRecvr - ok
22:20:53.0788 0992 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:20:53.0790 0992 ehSched - ok
22:20:53.0845 0992 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:20:53.0856 0992 elxstor - ok
22:20:53.0885 0992 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:20:53.0886 0992 ErrDev - ok
22:20:53.0920 0992 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:20:53.0966 0992 EventSystem - ok
22:20:53.0982 0992 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:20:53.0989 0992 exfat - ok
22:20:54.0005 0992 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:20:54.0011 0992 fastfat - ok
22:20:54.0065 0992 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:20:54.0091 0992 Fax - ok
22:20:54.0108 0992 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:20:54.0109 0992 fdc - ok
22:20:54.0138 0992 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:20:54.0140 0992 fdPHost - ok
22:20:54.0155 0992 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:20:54.0157 0992 FDResPub - ok
22:20:54.0171 0992 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:20:54.0173 0992 FileInfo - ok
22:20:54.0189 0992 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:20:54.0190 0992 Filetrace - ok
22:20:54.0304 0992 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:20:54.0308 0992 FLEXnet Licensing Service - ok
22:20:54.0321 0992 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:20:54.0322 0992 flpydisk - ok
22:20:54.0345 0992 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:20:54.0392 0992 FltMgr - ok
22:20:54.0444 0992 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
22:20:54.0467 0992 FontCache - ok
22:20:54.0528 0992 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:20:54.0530 0992 FontCache3.0.0.0 - ok
22:20:54.0553 0992 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:20:54.0555 0992 FsDepends - ok
22:20:54.0571 0992 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:20:54.0572 0992 Fs_Rec - ok
22:20:54.0628 0992 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:20:54.0642 0992 fvevol - ok
22:20:54.0667 0992 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:20:54.0669 0992 gagp30kx - ok
22:20:54.0708 0992 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:20:54.0709 0992 GEARAspiWDM - ok
22:20:54.0759 0992 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:20:54.0776 0992 gpsvc - ok
22:20:54.0798 0992 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:20:54.0799 0992 hcw85cir - ok
22:20:54.0880 0992 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:20:54.0934 0992 HdAudAddService - ok
22:20:54.0960 0992 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:20:54.0962 0992 HDAudBus - ok
22:20:54.0972 0992 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:20:54.0973 0992 HidBatt - ok
22:20:54.0987 0992 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:20:54.0989 0992 HidBth - ok
22:20:55.0013 0992 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:20:55.0014 0992 HidIr - ok
22:20:55.0041 0992 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
22:20:55.0044 0992 hidserv - ok
22:20:55.0073 0992 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:20:55.0074 0992 HidUsb - ok
22:20:55.0105 0992 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:20:55.0108 0992 hkmsvc - ok
22:20:55.0142 0992 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:20:55.0155 0992 HomeGroupListener - ok
22:20:55.0184 0992 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:20:55.0199 0992 HomeGroupProvider - ok
22:20:55.0233 0992 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:20:55.0235 0992 HpSAMD - ok
22:20:55.0294 0992 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:20:55.0312 0992 HTTP - ok
22:20:55.0345 0992 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:20:55.0346 0992 hwpolicy - ok
22:20:55.0381 0992 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:20:55.0383 0992 i8042prt - ok
22:20:55.0408 0992 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
22:20:55.0454 0992 iaStorV - ok
22:20:55.0546 0992 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:20:55.0547 0992 IDriverT - ok
22:20:55.0635 0992 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:20:55.0682 0992 idsvc - ok
22:20:55.0765 0992 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:20:55.0767 0992 iirsp - ok
22:20:55.0822 0992 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:20:55.0845 0992 IKEEXT - ok
22:20:55.0859 0992 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:20:55.0860 0992 intelide - ok
22:20:55.0882 0992 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:20:55.0883 0992 intelppm - ok
22:20:55.0904 0992 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:20:55.0907 0992 IPBusEnum - ok
22:20:55.0921 0992 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:20:55.0922 0992 IpFilterDriver - ok
22:20:55.0977 0992 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:20:56.0028 0992 iphlpsvc - ok
22:20:56.0052 0992 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:20:56.0054 0992 IPMIDRV - ok
22:20:56.0074 0992 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:20:56.0077 0992 IPNAT - ok
22:20:56.0195 0992 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
22:20:56.0200 0992 iPod Service - ok
22:20:56.0232 0992 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:20:56.0233 0992 IRENUM - ok
22:20:56.0262 0992 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:20:56.0263 0992 isapnp - ok
22:20:56.0303 0992 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:20:56.0305 0992 iScsiPrt - ok
22:20:56.0397 0992 jswpsapi (957135960e7533ea5c7ea0bfb34f8efd) C:\Program Files\D-Link\D-Link DWA-556 Xtreme N PCIe Desktop Adapter\jswpsapi.exe
22:20:56.0427 0992 jswpsapi - ok
22:20:56.0462 0992 jswpslwf (11ad410f41af42ba12e63187e3ec141a) C:\Windows\system32\DRIVERS\jswpslwf.sys
22:20:56.0463 0992 jswpslwf - ok
22:20:56.0499 0992 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:20:56.0500 0992 kbdclass - ok
22:20:56.0520 0992 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
22:20:56.0522 0992 kbdhid - ok
22:20:56.0550 0992 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:20:56.0552 0992 KeyIso - ok
22:20:56.0580 0992 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
22:20:56.0581 0992 KSecDD - ok
22:20:56.0610 0992 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
22:20:56.0612 0992 KSecPkg - ok
22:20:56.0646 0992 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:20:56.0683 0992 KtmRm - ok
22:20:56.0729 0992 kvnet (aa2ae0aeef021018c9a00e9e5cb66dda) C:\Windows\system32\DRIVERS\kvnet.sys
22:20:56.0730 0992 kvnet - ok
22:20:56.0826 0992 KVPNCSvc (c6dee32dc8222c587e0eb114281e6ac2) C:\Program Files\Kerio\VPN Client\kvpncsvc.exe
22:20:56.0831 0992 KVPNCSvc - ok
22:20:56.0874 0992 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
22:20:56.0889 0992 LanmanServer - ok
22:20:56.0921 0992 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:20:56.0928 0992 LanmanWorkstation - ok
22:20:56.0960 0992 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:20:56.0962 0992 lltdio - ok
22:20:56.0983 0992 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:20:56.0997 0992 lltdsvc - ok
22:20:57.0011 0992 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:20:57.0013 0992 lmhosts - ok
22:20:57.0042 0992 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:20:57.0044 0992 LSI_FC - ok
22:20:57.0055 0992 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:20:57.0057 0992 LSI_SAS - ok
22:20:57.0072 0992 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:20:57.0074 0992 LSI_SAS2 - ok
22:20:57.0107 0992 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:20:57.0109 0992 LSI_SCSI - ok
22:20:57.0125 0992 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:20:57.0127 0992 luafv - ok
22:20:57.0150 0992 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:20:57.0153 0992 Mcx2Svc - ok
22:20:57.0164 0992 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:20:57.0165 0992 megasas - ok
22:20:57.0223 0992 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:20:57.0237 0992 MegaSR - ok
22:20:57.0263 0992 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:20:57.0266 0992 MMCSS - ok
22:20:57.0289 0992 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:20:57.0291 0992 Modem - ok
22:20:57.0319 0992 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:20:57.0321 0992 monitor - ok
22:20:57.0350 0992 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:20:57.0351 0992 mouclass - ok
22:20:57.0369 0992 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:20:57.0370 0992 mouhid - ok
22:20:57.0403 0992 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:20:57.0405 0992 mountmgr - ok
22:20:57.0480 0992 MozillaMaintenance (01eb7c39a57f84e4bc3503af3ad6440e) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:20:57.0482 0992 MozillaMaintenance - ok
22:20:57.0516 0992 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:20:57.0524 0992 mpio - ok
22:20:57.0544 0992 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:20:57.0545 0992 mpsdrv - ok
22:20:57.0592 0992 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:20:57.0642 0992 MpsSvc - ok
22:20:57.0667 0992 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:20:57.0674 0992 MRxDAV - ok
22:20:57.0703 0992 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:20:57.0710 0992 mrxsmb - ok
22:20:57.0744 0992 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:20:57.0759 0992 mrxsmb10 - ok
22:20:57.0771 0992 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:20:57.0773 0992 mrxsmb20 - ok
22:20:57.0797 0992 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:20:57.0798 0992 msahci - ok
22:20:57.0831 0992 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:20:57.0837 0992 msdsm - ok
22:20:57.0859 0992 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:20:57.0866 0992 MSDTC - ok
22:20:57.0885 0992 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:20:57.0886 0992 Msfs - ok
22:20:57.0896 0992 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:20:57.0897 0992 mshidkmdf - ok
22:20:57.0925 0992 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:20:57.0926 0992 msisadrv - ok
22:20:57.0964 0992 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:20:57.0971 0992 MSiSCSI - ok
22:20:57.0973 0992 msiserver - ok
22:20:58.0001 0992 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:20:58.0003 0992 MSKSSRV - ok
22:20:58.0014 0992 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:20:58.0016 0992 MSPCLOCK - ok
22:20:58.0028 0992 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:20:58.0029 0992 MSPQM - ok
22:20:58.0050 0992 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:20:58.0057 0992 MsRPC - ok
22:20:58.0065 0992 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:20:58.0066 0992 mssmbios - ok
22:20:58.0076 0992 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:20:58.0078 0992 MSTEE - ok
22:20:58.0087 0992 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:20:58.0088 0992 MTConfig - ok
22:20:58.0129 0992 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:20:58.0130 0992 Mup - ok
22:20:58.0165 0992 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:20:58.0186 0992 napagent - ok
22:20:58.0229 0992 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:20:58.0267 0992 NativeWifiP - ok
22:20:58.0318 0992 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:20:58.0339 0992 NDIS - ok
22:20:58.0365 0992 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:20:58.0367 0992 NdisCap - ok
22:20:58.0397 0992 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:20:58.0399 0992 NdisTapi - ok
22:20:58.0438 0992 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:20:58.0439 0992 Ndisuio - ok
22:20:58.0473 0992 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:20:58.0475 0992 NdisWan - ok
22:20:58.0504 0992 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:20:58.0505 0992 NDProxy - ok
22:20:58.0556 0992 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:20:58.0558 0992 NetBIOS - ok
22:20:58.0590 0992 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:20:58.0596 0992 NetBT - ok
22:20:58.0609 0992 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:20:58.0611 0992 Netlogon - ok
22:20:58.0660 0992 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:20:58.0706 0992 Netman - ok
22:20:58.0839 0992 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:58.0846 0992 NetMsmqActivator - ok
22:20:58.0858 0992 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:58.0860 0992 NetPipeActivator - ok
22:20:58.0889 0992 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:20:58.0902 0992 netprofm - ok
22:20:58.0957 0992 netr73 (76b1157ef850830c5ece61d3e591ca8b) C:\Windows\system32\DRIVERS\netr73.sys
22:20:58.0982 0992 netr73 - ok
22:20:59.0005 0992 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:59.0007 0992 NetTcpActivator - ok
22:20:59.0010 0992 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:59.0012 0992 NetTcpPortSharing - ok
22:20:59.0030 0992 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:20:59.0031 0992 nfrd960 - ok
22:20:59.0066 0992 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:20:59.0081 0992 NlaSvc - ok
22:20:59.0094 0992 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:20:59.0095 0992 Npfs - ok
22:20:59.0120 0992 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:20:59.0123 0992 nsi - ok
22:20:59.0144 0992 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:20:59.0145 0992 nsiproxy - ok
22:20:59.0235 0992 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
22:20:59.0269 0992 Ntfs - ok
22:20:59.0304 0992 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
22:20:59.0306 0992 NuidFltr - ok
22:20:59.0316 0992 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:20:59.0317 0992 Null - ok
22:20:59.0347 0992 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
22:20:59.0349 0992 nvraid - ok
22:20:59.0366 0992 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
22:20:59.0372 0992 nvstor - ok
22:20:59.0386 0992 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:20:59.0388 0992 nv_agp - ok
22:20:59.0411 0992 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:20:59.0413 0992 ohci1394 - ok
22:20:59.0490 0992 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:20:59.0497 0992 ose - ok
22:20:59.0752 0992 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:20:59.0859 0992 osppsvc - ok
22:20:59.0967 0992 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:20:59.0981 0992 p2pimsvc - ok
22:21:00.0005 0992 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:21:00.0059 0992 p2psvc - ok
22:21:00.0100 0992 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:21:00.0102 0992 Parport - ok
22:21:00.0126 0992 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:21:00.0127 0992 partmgr - ok
22:21:00.0135 0992 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:21:00.0136 0992 Parvdm - ok
22:21:00.0153 0992 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:21:00.0169 0992 PcaSvc - ok
22:21:00.0199 0992 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:21:00.0205 0992 pci - ok
22:21:00.0229 0992 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:21:00.0230 0992 pciide - ok
22:21:00.0251 0992 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:21:00.0265 0992 pcmcia - ok
22:21:00.0276 0992 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:21:00.0277 0992 pcw - ok
22:21:00.0341 0992 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:21:00.0370 0992 PEAUTH - ok
22:21:00.0477 0992 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:21:00.0548 0992 pla - ok
22:21:00.0672 0992 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:21:00.0710 0992 PlugPlay - ok
22:21:00.0730 0992 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:21:00.0733 0992 PNRPAutoReg - ok
22:21:00.0750 0992 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:21:00.0754 0992 PNRPsvc - ok
22:21:00.0803 0992 Point32 (60a044879c4fa76314494f5fddc43b93) C:\Windows\system32\DRIVERS\point32.sys
22:21:00.0804 0992 Point32 - ok
22:21:00.0831 0992 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:21:00.0843 0992 PolicyAgent - ok
22:21:00.0874 0992 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:21:00.0881 0992 Power - ok
22:21:00.0907 0992 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:21:00.0909 0992 PptpMiniport - ok
22:21:00.0957 0992 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:21:00.0959 0992 Processor - ok
22:21:00.0997 0992 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
22:21:01.0011 0992 ProfSvc - ok
22:21:01.0039 0992 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:21:01.0041 0992 ProtectedStorage - ok
22:21:01.0058 0992 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:21:01.0060 0992 Psched - ok
22:21:01.0089 0992 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
22:21:01.0090 0992 PxHelp20 - ok
22:21:01.0155 0992 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:21:01.0211 0992 ql2300 - ok
22:21:01.0302 0992 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:21:01.0304 0992 ql40xx - ok
22:21:01.0334 0992 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:21:01.0373 0992 QWAVE - ok
22:21:01.0389 0992 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:21:01.0390 0992 QWAVEdrv - ok
22:21:01.0404 0992 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:21:01.0406 0992 RasAcd - ok
22:21:01.0428 0992 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:21:01.0429 0992 RasAgileVpn - ok
22:21:01.0441 0992 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:21:01.0445 0992 RasAuto - ok
22:21:01.0463 0992 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:21:01.0465 0992 Rasl2tp - ok
22:21:01.0506 0992 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:21:01.0544 0992 RasMan - ok
22:21:01.0578 0992 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:21:01.0580 0992 RasPppoe - ok
22:21:01.0599 0992 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:21:01.0601 0992 RasSstp - ok
22:21:01.0635 0992 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:21:01.0674 0992 rdbss - ok
22:21:01.0716 0992 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:21:01.0717 0992 rdpbus - ok
22:21:01.0739 0992 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:21:01.0740 0992 RDPCDD - ok
22:21:01.0764 0992 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:21:01.0765 0992 RDPENCDD - ok
22:21:01.0778 0992 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:21:01.0779 0992 RDPREFMP - ok
22:21:01.0811 0992 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
22:21:01.0817 0992 RDPWD - ok
22:21:01.0844 0992 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:21:01.0850 0992 rdyboost - ok
22:21:01.0875 0992 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:21:01.0878 0992 RemoteAccess - ok
22:21:01.0930 0992 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:21:01.0937 0992 RemoteRegistry - ok
22:21:01.0955 0992 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:21:01.0959 0992 RpcEptMapper - ok
22:21:01.0984 0992 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:21:01.0986 0992 RpcLocator - ok
22:21:02.0027 0992 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:21:02.0032 0992 RpcSs - ok
22:21:02.0050 0992 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:21:02.0052 0992 rspndr - ok
22:21:02.0080 0992 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:21:02.0082 0992 SamSs - ok
22:21:02.0316 0992 SBAMSvc (18530d2f605f1ec48ca20a7b184ccbcc) C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
22:21:02.0366 0992 SBAMSvc - ok
22:21:02.0503 0992 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\Windows\system32\DRIVERS\sbapifs.sys
22:21:02.0504 0992 sbapifs - ok
22:21:02.0575 0992 SbFw (f78390e9a928deb2b223c88f7e4044ef) C:\Windows\system32\drivers\SbFw.sys
22:21:02.0577 0992 SbFw - ok
22:21:02.0605 0992 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\Windows\system32\DRIVERS\sbfwim.sys
22:21:02.0606 0992 SBFWIMCL - ok
22:21:02.0642 0992 SbHips (99a13697221b3dd5c4bd334b182dcba5) C:\Windows\system32\drivers\sbhips.sys
22:21:02.0644 0992 SbHips - ok
22:21:02.0680 0992 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:21:02.0682 0992 sbp2port - ok
22:21:02.0728 0992 SBPIMSvc (2815772894855506e94008cc0e602738) C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
22:21:02.0733 0992 SBPIMSvc - ok
22:21:02.0756 0992 SBRE (d03a8cca8bfa82cbf12a87326ebfe258) C:\Windows\system32\drivers\SBREDrv.sys
22:21:02.0758 0992 SBRE - ok
22:21:02.0793 0992 sbwtis (bd148dae125ef15d6451fef514e8d15b) C:\Windows\system32\DRIVERS\sbwtis.sys
22:21:02.0794 0992 sbwtis - ok
22:21:02.0815 0992 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:21:02.0822 0992 SCardSvr - ok
22:21:02.0851 0992 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:21:02.0852 0992 scfilter - ok
22:21:02.0911 0992 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:21:02.0936 0992 Schedule - ok
22:21:02.0983 0992 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:21:02.0984 0992 SCPolicySvc - ok
22:21:03.0012 0992 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:21:03.0019 0992 SDRSVC - ok
22:21:03.0046 0992 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:21:03.0048 0992 secdrv - ok
22:21:03.0055 0992 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:21:03.0058 0992 seclogon - ok
22:21:03.0084 0992 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
22:21:03.0087 0992 SENS - ok
22:21:03.0112 0992 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:21:03.0116 0992 SensrSvc - ok
22:21:03.0139 0992 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:21:03.0140 0992 Serenum - ok
22:21:03.0165 0992 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:21:03.0167 0992 Serial - ok
22:21:03.0195 0992 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:21:03.0196 0992 sermouse - ok
22:21:03.0230 0992 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:21:03.0237 0992 SessionEnv - ok
22:21:03.0268 0992 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:21:03.0270 0992 sffdisk - ok
22:21:03.0285 0992 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:21:03.0286 0992 sffp_mmc - ok
22:21:03.0297 0992 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:21:03.0298 0992 sffp_sd - ok
22:21:03.0308 0992 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:21:03.0309 0992 sfloppy - ok
22:21:03.0353 0992 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:21:03.0391 0992 SharedAccess - ok
22:21:03.0429 0992 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:21:03.0435 0992 ShellHWDetection - ok
22:21:03.0458 0992 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:21:03.0460 0992 sisagp - ok
22:21:03.0484 0992 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:21:03.0486 0992 SiSRaid2 - ok
22:21:03.0521 0992 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:21:03.0524 0992 SiSRaid4 - ok
22:21:03.0538 0992 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:21:03.0540 0992 Smb - ok
22:21:03.0573 0992 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
22:21:03.0576 0992 SNMPTRAP - ok
22:21:03.0601 0992 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:21:03.0602 0992 spldr - ok
22:21:03.0645 0992 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
22:21:03.0657 0992 Spooler - ok
22:21:03.0816 0992 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
22:21:03.0835 0992 sppsvc - ok
22:21:03.0939 0992 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
22:21:03.0942 0992 sppuinotify - ok
22:21:03.0991 0992 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:21:04.0004 0992 srv - ok
22:21:04.0030 0992 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:21:04.0043 0992 srv2 - ok
22:21:04.0077 0992 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:21:04.0084 0992 srvnet - ok
22:21:04.0101 0992 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
22:21:04.0115 0992 SSDPSRV - ok
22:21:04.0129 0992 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
22:21:04.0136 0992 SstpSvc - ok
22:21:04.0152 0992 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:21:04.0153 0992 stexstor - ok
22:21:04.0203 0992 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
22:21:04.0232 0992 StiSvc - ok
22:21:04.0259 0992 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:21:04.0260 0992 swenum - ok
22:21:04.0287 0992 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:21:04.0300 0992 swprv - ok
22:21:04.0374 0992 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:21:04.0424 0992 SysMain - ok
22:21:04.0461 0992 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:21:04.0465 0992 TabletInputService - ok
22:21:04.0504 0992 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:21:04.0543 0992 TapiSrv - ok
22:21:04.0559 0992 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:21:04.0562 0992 TBS - ok
22:21:04.0689 0992 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:21:04.0721 0992 Tcpip - ok
22:21:04.0747 0992 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:21:04.0754 0992 TCPIP6 - ok
22:21:04.0790 0992 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:21:04.0792 0992 tcpipreg - ok
22:21:04.0814 0992 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:21:04.0815 0992 TDPIPE - ok
22:21:04.0835 0992 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:21:04.0837 0992 TDTCP - ok
22:21:04.0864 0992 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:21:04.0866 0992 tdx - ok
22:21:04.0874 0992 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:21:04.0875 0992 TermDD - ok
22:21:04.0916 0992 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:21:04.0966 0992 TermService - ok
22:21:04.0977 0992 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:21:04.0980 0992 Themes - ok
22:21:05.0000 0992 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:21:05.0003 0992 THREADORDER - ok
22:21:05.0034 0992 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:21:05.0041 0992 TrkWks - ok
22:21:05.0069 0992 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:21:05.0108 0992 TrustedInstaller - ok
22:21:05.0133 0992 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:21:05.0135 0992 tssecsrv - ok
22:21:05.0176 0992 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:21:05.0178 0992 TsUsbFlt - ok
22:21:05.0227 0992 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:21:05.0230 0992 tunnel - ok
22:21:05.0254 0992 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:21:05.0256 0992 uagp35 - ok
22:21:05.0286 0992 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:21:05.0325 0992 udfs - ok
22:21:05.0347 0992 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:21:05.0351 0992 UI0Detect - ok
22:21:05.0387 0992 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:21:05.0389 0992 uliagpkx - ok
22:21:05.0428 0992 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
22:21:05.0430 0992 umbus - ok
22:21:05.0486 0992 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:21:05.0488 0992 UmPass - ok
22:21:05.0508 0992 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:21:05.0522 0992 upnphost - ok
22:21:05.0547 0992 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
22:21:05.0548 0992 USBAAPL - ok
22:21:05.0585 0992 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
22:21:05.0587 0992 usbaudio - ok
22:21:05.0620 0992 usbbus (5353218b3265e3b8190335059f697a11) C:\Windows\system32\DRIVERS\lgusbbus.sys
22:21:05.0622 0992 usbbus - ok
22:21:05.0651 0992 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
22:21:05.0653 0992 usbccgp - ok
22:21:05.0681 0992 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:21:05.0688 0992 usbcir - ok
22:21:05.0701 0992 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\Windows\system32\DRIVERS\lgusbdiag.sys
22:21:05.0703 0992 UsbDiag - ok
22:21:05.0725 0992 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
22:21:05.0727 0992 usbehci - ok
22:21:05.0767 0992 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
22:21:05.0780 0992 usbhub - ok
22:21:05.0805 0992 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\Windows\system32\DRIVERS\lgusbmodem.sys
22:21:05.0807 0992 USBModem - ok
22:21:05.0820 0992 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
22:21:05.0821 0992 usbohci - ok
22:21:05.0851 0992 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:21:05.0853 0992 usbprint - ok
22:21:05.0869 0992 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:21:05.0871 0992 USBSTOR - ok
22:21:05.0896 0992 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
22:21:05.0898 0992 usbuhci - ok
22:21:05.0930 0992 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:21:05.0934 0992 UxSms - ok
22:21:05.0954 0992 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:21:05.0956 0992 VaultSvc - ok
22:21:05.0993 0992 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:21:05.0994 0992 vdrvroot - ok
22:21:06.0038 0992 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:21:06.0057 0992 vds - ok
22:21:06.0079 0992 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:21:06.0081 0992 vga - ok
22:21:06.0091 0992 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:21:06.0094 0992 VgaSave - ok
22:21:06.0126 0992 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:21:06.0132 0992 vhdmp - ok
22:21:06.0159 0992 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:21:06.0161 0992 viaagp - ok
22:21:06.0176 0992 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:21:06.0177 0992 ViaC7 - ok
22:21:06.0209 0992 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:21:06.0211 0992 viaide - ok
22:21:06.0241 0992 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:21:06.0242 0992 volmgr - ok
22:21:06.0265 0992 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:21:06.0302 0992 volmgrx - ok
22:21:06.0337 0992 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:21:06.0340 0992 volsnap - ok
22:21:06.0397 0992 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:21:06.0403 0992 vsmraid - ok
22:21:06.0478 0992 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:21:06.0486 0992 VSS - ok
22:21:06.0499 0992 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
22:21:06.0500 0992 vwifibus - ok
22:21:06.0538 0992 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
22:21:06.0540 0992 vwififlt - ok
22:21:06.0573 0992 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
22:21:06.0575 0992 vwifimp - ok
22:21:06.0607 0992 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:21:06.0645 0992 W32Time - ok
22:21:06.0651 0992 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:21:06.0652 0992 WacomPen - ok
22:21:06.0685 0992 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:21:06.0687 0992 WANARP - ok
22:21:06.0690 0992 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:21:06.0692 0992 Wanarpv6 - ok
22:21:06.0786 0992 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
22:21:06.0819 0992 WatAdminSvc - ok
22:21:06.0892 0992 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:21:06.0926 0992 wbengine - ok
22:21:06.0977 0992 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:21:06.0992 0992 WbioSrvc - ok
22:21:07.0032 0992 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:21:07.0045 0992 wcncsvc - ok
22:21:07.0090 0992 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:21:07.0094 0992 WcsPlugInService - ok
22:21:07.0126 0992 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:21:07.0128 0992 Wd - ok
22:21:07.0156 0992 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:21:07.0166 0992 Wdf01000 - ok
22:21:07.0182 0992 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:21:07.0185 0992 WdiServiceHost - ok
22:21:07.0188 0992 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:21:07.0192 0992 WdiSystemHost - ok
22:21:07.0229 0992 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:21:07.0242 0992 WebClient - ok
22:21:07.0259 0992 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:21:07.0274 0992 Wecsvc - ok
22:21:07.0285 0992 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:21:07.0288 0992 wercplsupport - ok
22:21:07.0315 0992 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:21:07.0319 0992 WerSvc - ok
22:21:07.0349 0992 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:21:07.0350 0992 WfpLwf - ok
22:21:07.0362 0992 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:21:07.0363 0992 WIMMount - ok
22:21:07.0440 0992 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:21:07.0457 0992 WinDefend - ok
22:21:07.0472 0992 WinHttpAutoProxySvc - ok
22:21:07.0531 0992 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:21:07.0537 0992 Winmgmt - ok
22:21:07.0620 0992 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:21:07.0654 0992 WinRM - ok
22:21:07.0718 0992 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:21:07.0720 0992 WinUsb - ok
22:21:07.0764 0992 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:21:07.0787 0992 Wlansvc - ok
22:21:07.0815 0992 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:21:07.0817 0992 WmiAcpi - ok
22:21:07.0836 0992 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:21:07.0842 0992 wmiApSrv - ok
22:21:07.0912 0992 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:21:07.0945 0992 WMPNetworkSvc - ok
22:21:07.0965 0992 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:21:07.0968 0992 WPCSvc - ok
22:21:07.0999 0992 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:21:08.0007 0992 WPDBusEnum - ok
22:21:08.0029 0992 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:21:08.0030 0992 ws2ifsl - ok
22:21:08.0049 0992 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
22:21:08.0053 0992 wscsvc - ok
22:21:08.0056 0992 WSearch - ok
22:21:08.0155 0992 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
22:21:08.0204 0992 wuauserv - ok
22:21:08.0297 0992 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:21:08.0299 0992 WudfPf - ok
22:21:08.0344 0992 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:21:08.0346 0992 WUDFRd - ok
22:21:08.0382 0992 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:21:08.0386 0992 wudfsvc - ok
22:21:08.0415 0992 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:21:08.0429 0992 WwanSvc - ok
22:21:08.0513 0992 XIRLINK (f102397d7fc6d6eb3952e9dbda85a37a) C:\Windows\system32\DRIVERS\C-itnt.sys
22:21:08.0576 0992 XIRLINK - ok
22:21:08.0638 0992 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:21:08.0889 0992 \Device\Harddisk0\DR0 - ok
22:21:08.0892 0992 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
22:21:08.0929 0992 \Device\Harddisk1\DR1 - ok
22:21:08.0931 0992 Boot (0x1200) (1afd969bfe7a81cf8f90cec8f49358a0) \Device\Harddisk0\DR0\Partition0
22:21:08.0933 0992 \Device\Harddisk0\DR0\Partition0 - ok
22:21:08.0935 0992 Boot (0x1200) (13f307581bd64e612e75f55004dab57d) \Device\Harddisk1\DR1\Partition0
22:21:08.0936 0992 \Device\Harddisk1\DR1\Partition0 - ok
22:21:08.0937 0992 ============================================================
22:21:08.0937 0992 Scan finished
22:21:08.0937 0992 ============================================================
22:21:08.0984 3428 Detected object count: 0
22:21:08.0984 3428 Actual detected object count: 0
22:21:13.0209 2264 Deinitialize success


aswMBR -

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-24 22:21:37
-----------------------------
22:21:37.953 OS Version: Windows 6.1.7601 Service Pack 1
22:21:37.953 Number of processors: 2 586 0xF06
22:21:37.955 ComputerName: HOMEOFFICE UserName: WayneB
22:22:00.569 Initialize success
22:23:24.854 AVAST engine defs: 12072401
22:23:31.347 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:23:31.349 Disk 0 Vendor: WDC_WD2500JS-75NCB3 10.02E04 Size: 238418MB BusType: 3
22:23:31.351 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
22:23:31.353 Disk 1 Vendor: WDC_WD2500JS-75NCB3 10.02E04 Size: 238418MB BusType: 3
22:23:31.370 Disk 0 MBR read successfully
22:23:31.373 Disk 0 MBR scan
22:23:31.378 Disk 0 Windows 7 default MBR code
22:23:31.381 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
22:23:31.425 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 238360 MB offset 112455
22:23:31.431 Disk 0 scanning sectors +488275654
22:23:31.517 Disk 0 scanning C:\Windows\system32\drivers
22:23:41.164 Service scanning
22:23:59.845 Modules scanning
22:24:07.868 Disk 0 trace - called modules:
22:24:07.879
22:24:08.826 AVAST engine scan C:\Windows
22:24:10.550 AVAST engine scan C:\Windows\system32
22:26:44.643 AVAST engine scan C:\Windows\system32\drivers
22:26:55.870 AVAST engine scan C:\Users\WayneB
22:28:33.712 AVAST engine scan C:\ProgramData
22:29:33.117 File: C:\ProgramData\GFI Software\Antimalware\FW History\FWPUP{DFADF016-6B32-4FBC-AB9D-F54BBD7DECCD}.xml **HIDDEN**
22:29:33.128 Scan finished successfully
22:30:01.585 Disk 0 MBR has been saved successfully to "C:\Users\WayneB\Desktop\MBR.dat"
22:30:01.590 The log file has been saved successfully to "C:\Users\WayneB\Desktop\aswMBR.txt"


And finally ESET -

C:\Users\WayneB\AppData\Local\{F4F28ECE-CBC4-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined




It appears we found something. What should I do next?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:51 PM

Posted 25 July 2012 - 04:47 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 w_c_b

w_c_b
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 25 July 2012 - 08:05 PM

OK, MalwareBytes run, first as Full Scan, then Quick Scan after a reboot. Neither scan found any infections.

Then ran Mini Toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by WayneB (administrator) on 25-07-2012 at 18:33:35
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

D-Link DWA-556 Xtreme N PCIe Desktop Adapter = Wireless Network Connection 3 (Connected)
Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Media disconnected)
Kerio Virtual Network Adapter = Kerio Virtual Network (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : HomeOffice
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.co.comcast.net.

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . : hsd1.co.comcast.net.
Description . . . . . . . . . . . : D-Link DWA-556 Xtreme N PCIe Desktop Adapter
Physical Address. . . . . . . . . : F0-7D-68-C1-B3-E2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cd5c:53a2:66c3:fbe6%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.198(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, July 25, 2012 6:22:09 PM
Lease Expires . . . . . . . . . . : Thursday, July 26, 2012 6:22:09 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 502300008
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-82-1C-14-00-19-B9-30-D4-06
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
Physical Address. . . . . . . . . : 00-19-B9-30-D4-06
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Kerio Virtual Network:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Kerio Virtual Network Adapter
Physical Address. . . . . . . . . : 44-45-53-54-4F-53
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6F893683-B9BC-404D-BF13-970C5BB2C888}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3cd3:62d:51cc:3a55(Preferred)
Link-local IPv6 Address . . . . . : fe80::3cd3:62d:51cc:3a55%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.co.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.co.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2607:f8b0:400f:800::1002
74.125.225.201
74.125.225.197
74.125.225.192
74.125.225.194
74.125.225.199
74.125.225.206
74.125.225.198
74.125.225.193
74.125.225.195
74.125.225.196
74.125.225.200


Pinging google.com [74.125.225.166] with 32 bytes of data:
Reply from 74.125.225.166: bytes=32 time=13ms TTL=56
Reply from 74.125.225.166: bytes=32 time=13ms TTL=56

Ping statistics for 74.125.225.166:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 13ms, Maximum = 13ms, Average = 13ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=30ms TTL=52
Reply from 209.191.122.70: bytes=32 time=28ms TTL=52

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 28ms, Maximum = 30ms, Average = 29ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...f0 7d 68 c1 b3 e2 ......D-Link DWA-556 Xtreme N PCIe Desktop Adapter
9...00 19 b9 30 d4 06 ......Broadcom NetXtreme 57xx Gigabit Controller
23...44 45 53 54 4f 53 ......Kerio Virtual Network Adapter
1...........................Software Loopback Interface 1
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.198 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.198 281
192.168.0.198 255.255.255.255 On-link 192.168.0.198 281
192.168.0.255 255.255.255.255 On-link 192.168.0.198 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.198 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.198 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 58 ::/0 On-link
1 306 ::1/128 On-link
10 58 2001::/32 On-link
10 306 2001:0:9d38:953c:3cd3:62d:51cc:3a55/128
On-link
13 281 fe80::/64 On-link
10 306 fe80::/64 On-link
10 306 fe80::3cd3:62d:51cc:3a55/128
On-link
13 281 fe80::cd5c:53a2:66c3:fbe6/128
On-link
1 306 ff00::/8 On-link
10 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/25/2012 01:33:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (07/24/2012 09:31:52 PM) (Source: Application Hang) (User: )
Description: The program iTunes.exe version 10.6.3.25 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ff4

Start Time: 01cd69fee82f5773

Termination Time: 60000

Application Path: C:\Program Files\iTunes\iTunes.exe

Report Id:

Error: (07/24/2012 00:31:11 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (07/23/2012 00:31:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (07/20/2012 02:48:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (07/20/2012 01:45:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (07/19/2012 07:04:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8065

Error: (07/19/2012 07:04:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8065

Error: (07/19/2012 07:04:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/19/2012 07:04:31 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7067


System errors:
=============
Error: (07/24/2012 10:09:07 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:05:52 PM on ?7/?24/?2012 was unexpected.

Error: (07/23/2012 10:07:14 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/23/2012 10:04:16 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/23/2012 10:01:32 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/22/2012 06:42:32 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:09:13 PM on ?7/?22/?2012 was unexpected.

Error: (07/18/2012 08:46:09 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/18/2012 08:42:10 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/18/2012 08:39:16 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/17/2012 08:39:58 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (07/15/2012 03:37:45 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.


Microsoft Office Sessions:
=========================
Error: (07/25/2012 01:33:46 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/24/2012 09:31:52 PM) (Source: Application Hang)(User: )
Description: iTunes.exe10.6.3.25ff401cd69fee82f577360000C:\Program Files\iTunes\iTunes.exe

Error: (07/24/2012 00:31:11 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/23/2012 00:31:31 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/20/2012 02:48:37 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/20/2012 01:45:47 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/19/2012 07:04:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8065

Error: (07/19/2012 07:04:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8065

Error: (07/19/2012 07:04:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/19/2012 07:04:31 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7067


=========================== Installed Programs ============================

Add or Remove Adobe Creative Suite 3 Design Standard (Version: 1.0)
Adobe Acrobat 8 Professional (Version: 8.1.3)
Adobe Acrobat 8.1.3 Professional (Version: 8.1.3)
Adobe AIR (Version: 1.1.0.5790)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Audition 3.0 (Version: 3.0)
Adobe Audition Loopology Content (Version: 3.0.0)
Adobe Bridge 1.0 (Version: 001.000.000)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe BridgeTalk Plugin CS3 (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Digital Editions
Adobe ExtendScript Toolkit 2 (Version: 2.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Fonts All (Version: 2.0)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS (Version: 11)
Adobe Illustrator CS3 (Version: 13.0)
Adobe InDesign CS3 (Version: 5.0)
Adobe InDesign CS3 Icon Handler (Version: 5.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe MotionPicture Color Files (Version: 1.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Adobe SING CS3 (Version: 0.1)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe SVG Viewer 3.0 (Version: 3.0)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WAS CS3 (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
AdobeColorCommonSetRGB (Version: 2.0)
AHV content for Acrobat and Flash (Version: 1)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Canon Easy-PhotoPrint EX
Canon Inkjet Printer Driver Add-On Module
CCleaner (Version: 3.20)
Curriculum Pathways Components
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.10)
Dual-Core Optimizer (Version: 1.1.4.0169)
DWA-556 (Version: 1.20b01)
ESET Online Scanner v3
iCloud (Version: 1.1.0.40)
iTunes (Version: 10.6.3.25)
Java 3D 1.3.1 (OpenGL) Runtime
Java™ 6 Update 20 (Version: 6.0.200)
Java™ 6 Update 31 (Version: 6.0.310)
Kerio VPN Client (Version: 6.7.6544)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mortimer Beckett and the Crimson Thief Premium Edition
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery of Mortlake Mansion™
NVIDIA PhysX (Version: 9.09.0814)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenAL
OpenOffice.org 3.2 (Version: 3.2.9502)
PDF Settings CS4 (Version: 9.0)
PokerStars.net
QuickTime (Version: 7.72.80.56)
Safari (Version: 5.34.57.2)
Skype™ 5.0 (Version: 5.0.152)
Super TextTwist
swMSM (Version: 12.0.0.1)
The Weather Channel App
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VIPRE Internet Security (Version: 5.2.5162)
WinRAR 4.11 (32-bit) (Version: 4.11.0)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 3069.61 MB
Available physical RAM: 1992.05 MB
Total Pagefile: 6137.51 MB
Available Pagefile: 4942.23 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.53 MB

========================= Partitions: =====================================

1 Drive c: (HD-0_SYSTEM) (Fixed) (Total:232.77 GB) (Free:186.75 GB) NTFS
2 Drive d: (HD-1_FILES) (Fixed) (Total:232.82 GB) (Free:213.52 GB) NTFS

========================= Users: ========================================

User accounts for \\HOMEOFFICE

Administrator Guest Meep
SU WayneB


**** End of log ****



Then FSS:

Farbar Service Scanner Version: 22-07-2012
Ran by WayneB (administrator) on 25-07-2012 at 18:40:19
Running from "C:\Users\WayneB\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Finally Adware Cleaner:

# AdwCleaner v1.703 - Logfile created 07/25/2012 at 18:41:53
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : WayneB - HOMEOFFICE
# Running from : C:\Users\WayneB\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wise Solutions

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\WayneB\AppData\Roaming\Mozilla\Firefox\Profiles\v3p77q7x.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Meep\AppData\Roaming\Mozilla\Firefox\Profiles\iq4oyoid.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\WayneB\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1047 octets] - [25/07/2012 18:41:53]

########## EOF - C:\AdwCleaner[S1].txt - [1175 octets] ##########


Are we good to go, or is there anything else that I need to do at this time?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:51 PM

Posted 25 July 2012 - 08:50 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#7 w_c_b

w_c_b
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 25 July 2012 - 10:37 PM

Thanks again for all the help! :thumbsup:

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:51 PM

Posted 26 July 2012 - 02:56 AM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users