Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect


  • Please log in to reply
9 replies to this topic

#1 yknujssab

yknujssab

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 30 July 2012 - 11:17 PM

Hello, I'm having a bit of an issue. When using firefox, I seem to get this "http://pagead.googledoubleclicks.com/2url?sa=L&..." from McAfee. I've scanned it with McAfee and Malware Bytes. But I still have the problem. Any ideas? Thanks in advance.

Running Windows 7 64 bit, Home Premium

Edited by yknujssab, 30 July 2012 - 11:19 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:24 AM

Posted 31 July 2012 - 06:32 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 yknujssab

yknujssab
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 01 August 2012 - 12:23 AM

Hello, here are the scan reports.


19:34:38.0024 2732 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:34:40.0025 2732 ============================================================
19:34:40.0026 2732 Current date / time: 2012/07/31 19:34:40.0025
19:34:40.0026 2732 SystemInfo:
19:34:40.0026 2732
19:34:40.0026 2732 OS Version: 6.1.7601 ServicePack: 1.0
19:34:40.0026 2732 Product type: Workstation
19:34:40.0026 2732 ComputerName: LAPTOP3-PC
19:34:40.0026 2732 UserName: Laptop3
19:34:40.0026 2732 Windows directory: C:\windows
19:34:40.0026 2732 System windows directory: C:\windows
19:34:40.0026 2732 Running under WOW64
19:34:40.0026 2732 Processor architecture: Intel x64
19:34:40.0026 2732 Number of processors: 1
19:34:40.0026 2732 Page size: 0x1000
19:34:40.0026 2732 Boot type: Normal boot
19:34:40.0026 2732 ============================================================
19:34:41.0505 2732 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:34:41.0509 2732 ============================================================
19:34:41.0509 2732 \Device\Harddisk0\DR0:
19:34:41.0509 2732 MBR partitions:
19:34:41.0509 2732 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BA79000
19:34:41.0509 2732 ============================================================
19:34:41.0575 2732 C: <-> \Device\Harddisk0\DR0\Partition0
19:34:41.0575 2732 ============================================================
19:34:41.0575 2732 Initialize success
19:34:41.0575 2732 ============================================================
19:35:01.0144 4848 ============================================================
19:35:01.0144 4848 Scan started
19:35:01.0144 4848 Mode: Manual; TDLFS;
19:35:01.0144 4848 ============================================================
19:35:03.0315 4848 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
19:35:03.0327 4848 1394ohci - ok
19:35:03.0374 4848 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
19:35:03.0378 4848 ACPI - ok
19:35:03.0449 4848 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
19:35:03.0457 4848 AcpiPmi - ok
19:35:03.0586 4848 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:35:03.0588 4848 AdobeARMservice - ok
19:35:03.0867 4848 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:35:03.0871 4848 AdobeFlashPlayerUpdateSvc - ok
19:35:03.0953 4848 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
19:35:03.0968 4848 adp94xx - ok
19:35:04.0042 4848 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
19:35:04.0072 4848 adpahci - ok
19:35:04.0167 4848 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
19:35:04.0177 4848 adpu320 - ok
19:35:04.0220 4848 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
19:35:04.0221 4848 AeLookupSvc - ok
19:35:04.0292 4848 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
19:35:04.0298 4848 AFD - ok
19:35:04.0354 4848 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
19:35:04.0362 4848 agp440 - ok
19:35:04.0402 4848 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
19:35:04.0404 4848 ALG - ok
19:35:04.0457 4848 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
19:35:04.0464 4848 aliide - ok
19:35:04.0482 4848 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
19:35:04.0490 4848 amdide - ok
19:35:04.0538 4848 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
19:35:04.0545 4848 AmdK8 - ok
19:35:04.0558 4848 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
19:35:04.0566 4848 AmdPPM - ok
19:35:04.0621 4848 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
19:35:04.0630 4848 amdsata - ok
19:35:04.0711 4848 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
19:35:04.0728 4848 amdsbs - ok
19:35:04.0763 4848 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
19:35:04.0764 4848 amdxata - ok
19:35:04.0838 4848 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
19:35:04.0840 4848 AppID - ok
19:35:04.0874 4848 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
19:35:04.0879 4848 AppIDSvc - ok
19:35:04.0935 4848 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
19:35:04.0937 4848 Appinfo - ok
19:35:05.0009 4848 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
19:35:05.0018 4848 arc - ok
19:35:05.0030 4848 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
19:35:05.0042 4848 arcsas - ok
19:35:05.0072 4848 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
19:35:05.0073 4848 AsyncMac - ok
19:35:05.0136 4848 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
19:35:05.0144 4848 atapi - ok
19:35:05.0224 4848 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\windows\system32\DRIVERS\athrx.sys
19:35:05.0249 4848 athr - ok
19:35:05.0413 4848 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
19:35:05.0426 4848 AudioEndpointBuilder - ok
19:35:05.0439 4848 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
19:35:05.0452 4848 AudioSrv - ok
19:35:05.0528 4848 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
19:35:05.0531 4848 AxInstSV - ok
19:35:05.0628 4848 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
19:35:05.0643 4848 b06bdrv - ok
19:35:05.0698 4848 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
19:35:05.0710 4848 b57nd60a - ok
19:35:05.0761 4848 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
19:35:05.0763 4848 BDESVC - ok
19:35:05.0807 4848 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
19:35:05.0813 4848 Beep - ok
19:35:05.0902 4848 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
19:35:05.0910 4848 BFE - ok
19:35:05.0954 4848 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
19:35:05.0963 4848 BITS - ok
19:35:06.0044 4848 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
19:35:06.0051 4848 blbdrive - ok
19:35:06.0107 4848 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
19:35:06.0109 4848 bowser - ok
19:35:06.0129 4848 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
19:35:06.0146 4848 BrFiltLo - ok
19:35:06.0156 4848 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
19:35:06.0164 4848 BrFiltUp - ok
19:35:06.0211 4848 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
19:35:06.0213 4848 Browser - ok
19:35:06.0256 4848 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
19:35:06.0305 4848 Brserid - ok
19:35:06.0353 4848 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
19:35:06.0361 4848 BrSerWdm - ok
19:35:06.0371 4848 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
19:35:06.0379 4848 BrUsbMdm - ok
19:35:06.0389 4848 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
19:35:06.0397 4848 BrUsbSer - ok
19:35:06.0422 4848 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
19:35:06.0434 4848 BTHMODEM - ok
19:35:06.0497 4848 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
19:35:06.0503 4848 bthserv - ok
19:35:06.0532 4848 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
19:35:06.0541 4848 cdfs - ok
19:35:06.0589 4848 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
19:35:06.0601 4848 cdrom - ok
19:35:06.0681 4848 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
19:35:06.0687 4848 CertPropSvc - ok
19:35:06.0736 4848 cfwids (274ce03459896006f7a5069266e0469e) C:\windows\system32\drivers\cfwids.sys
19:35:06.0737 4848 cfwids - ok
19:35:06.0779 4848 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
19:35:06.0786 4848 circlass - ok
19:35:06.0882 4848 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
19:35:06.0887 4848 CLFS - ok
19:35:06.0961 4848 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:35:06.0972 4848 clr_optimization_v2.0.50727_32 - ok
19:35:07.0025 4848 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:35:07.0049 4848 clr_optimization_v2.0.50727_64 - ok
19:35:07.0173 4848 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:35:07.0284 4848 clr_optimization_v4.0.30319_32 - ok
19:35:07.0326 4848 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:35:07.0328 4848 clr_optimization_v4.0.30319_64 - ok
19:35:07.0364 4848 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
19:35:07.0371 4848 CmBatt - ok
19:35:07.0405 4848 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
19:35:07.0413 4848 cmdide - ok
19:35:07.0474 4848 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
19:35:07.0479 4848 CNG - ok
19:35:07.0551 4848 CnxtHdAudService (25c58ee97be0416a373e3e4f855206b5) C:\windows\system32\drivers\CHDRT64.sys
19:35:07.0567 4848 CnxtHdAudService - ok
19:35:07.0609 4848 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
19:35:07.0610 4848 Compbatt - ok
19:35:07.0673 4848 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
19:35:07.0684 4848 CompositeBus - ok
19:35:07.0709 4848 COMSysApp - ok
19:35:07.0765 4848 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
19:35:07.0772 4848 crcdisk - ok
19:35:07.0856 4848 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
19:35:07.0863 4848 CryptSvc - ok
19:35:07.0957 4848 dc3d (1ca90212a99db6975c344826d11055c9) C:\windows\system32\DRIVERS\dc3d.sys
19:35:07.0967 4848 dc3d - ok
19:35:08.0033 4848 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
19:35:08.0073 4848 DcomLaunch - ok
19:35:08.0106 4848 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
19:35:08.0118 4848 defragsvc - ok
19:35:08.0175 4848 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
19:35:08.0177 4848 DfsC - ok
19:35:08.0272 4848 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
19:35:08.0276 4848 Dhcp - ok
19:35:08.0315 4848 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
19:35:08.0317 4848 discache - ok
19:35:08.0352 4848 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
19:35:08.0353 4848 Disk - ok
19:35:08.0406 4848 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
19:35:08.0409 4848 Dnscache - ok
19:35:08.0469 4848 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
19:35:08.0473 4848 dot3svc - ok
19:35:08.0520 4848 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
19:35:08.0523 4848 DPS - ok
19:35:08.0575 4848 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
19:35:08.0582 4848 drmkaud - ok
19:35:08.0657 4848 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
19:35:08.0663 4848 DXGKrnl - ok
19:35:08.0704 4848 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
19:35:08.0707 4848 EapHost - ok
19:35:08.0834 4848 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
19:35:08.0971 4848 ebdrv - ok
19:35:09.0109 4848 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
19:35:09.0111 4848 EFS - ok
19:35:09.0234 4848 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
19:35:09.0243 4848 ehRecvr - ok
19:35:09.0273 4848 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
19:35:09.0278 4848 ehSched - ok
19:35:09.0345 4848 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
19:35:09.0363 4848 elxstor - ok
19:35:09.0395 4848 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
19:35:09.0402 4848 ErrDev - ok
19:35:09.0477 4848 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
19:35:09.0482 4848 EventSystem - ok
19:35:09.0533 4848 evserial (ceb69214cf87d7f78b79077a6a140009) C:\windows\system32\DRIVERS\evserial.sys
19:35:09.0543 4848 evserial - ok
19:35:09.0604 4848 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
19:35:09.0607 4848 exfat - ok
19:35:09.0636 4848 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
19:35:09.0640 4848 fastfat - ok
19:35:09.0717 4848 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
19:35:09.0743 4848 Fax - ok
19:35:09.0765 4848 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
19:35:09.0774 4848 fdc - ok
19:35:09.0812 4848 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
19:35:09.0813 4848 fdPHost - ok
19:35:09.0839 4848 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
19:35:09.0841 4848 FDResPub - ok
19:35:09.0880 4848 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
19:35:09.0881 4848 FileInfo - ok
19:35:09.0899 4848 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
19:35:09.0901 4848 Filetrace - ok
19:35:09.0923 4848 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
19:35:09.0930 4848 flpydisk - ok
19:35:09.0984 4848 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
19:35:09.0990 4848 FltMgr - ok
19:35:10.0059 4848 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
19:35:10.0074 4848 FontCache - ok
19:35:10.0153 4848 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:35:10.0157 4848 FontCache3.0.0.0 - ok
19:35:10.0208 4848 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
19:35:10.0209 4848 FsDepends - ok
19:35:10.0269 4848 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
19:35:10.0269 4848 Fs_Rec - ok
19:35:10.0329 4848 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
19:35:10.0332 4848 fvevol - ok
19:35:10.0385 4848 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys
19:35:10.0393 4848 FwLnk - ok
19:35:10.0420 4848 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
19:35:10.0430 4848 gagp30kx - ok
19:35:10.0543 4848 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
19:35:10.0582 4848 gpsvc - ok
19:35:10.0772 4848 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:35:10.0775 4848 gupdate - ok
19:35:10.0831 4848 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:35:10.0833 4848 gupdatem - ok
19:35:10.0940 4848 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:35:10.0952 4848 gusvc - ok
19:35:10.0981 4848 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
19:35:10.0988 4848 hcw85cir - ok
19:35:11.0098 4848 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
19:35:11.0111 4848 HdAudAddService - ok
19:35:11.0146 4848 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
19:35:11.0148 4848 HDAudBus - ok
19:35:11.0172 4848 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
19:35:11.0181 4848 HidBatt - ok
19:35:11.0188 4848 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
19:35:11.0196 4848 HidBth - ok
19:35:11.0234 4848 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
19:35:11.0242 4848 HidIr - ok
19:35:11.0292 4848 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
19:35:11.0294 4848 hidserv - ok
19:35:11.0366 4848 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
19:35:11.0379 4848 HidUsb - ok
19:35:11.0420 4848 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
19:35:11.0423 4848 hkmsvc - ok
19:35:11.0485 4848 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
19:35:11.0488 4848 HomeGroupListener - ok
19:35:11.0539 4848 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
19:35:11.0543 4848 HomeGroupProvider - ok
19:35:11.0586 4848 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
19:35:11.0595 4848 HpSAMD - ok
19:35:11.0659 4848 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
19:35:11.0667 4848 HTTP - ok
19:35:11.0712 4848 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
19:35:11.0713 4848 hwpolicy - ok
19:35:11.0771 4848 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
19:35:11.0864 4848 i8042prt - ok
19:35:11.0973 4848 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\windows\system32\DRIVERS\iaStor.sys
19:35:11.0976 4848 iaStor - ok
19:35:12.0690 4848 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
19:35:12.0705 4848 iaStorV - ok
19:35:12.0813 4848 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:35:12.0822 4848 idsvc - ok
19:35:13.0325 4848 igfx (898ab5bfed7040d7ab07af01885eb944) C:\windows\system32\DRIVERS\igdkmd64.sys
19:35:13.0624 4848 igfx - ok
19:35:13.0771 4848 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
19:35:13.0779 4848 iirsp - ok
19:35:13.0866 4848 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
19:35:13.0876 4848 IKEEXT - ok
19:35:13.0932 4848 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
19:35:13.0940 4848 intelide - ok
19:35:13.0983 4848 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
19:35:13.0984 4848 intelppm - ok
19:35:14.0040 4848 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
19:35:14.0042 4848 IPBusEnum - ok
19:35:14.0115 4848 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
19:35:14.0117 4848 IpFilterDriver - ok
19:35:14.0172 4848 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
19:35:14.0179 4848 iphlpsvc - ok
19:35:14.0240 4848 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
19:35:14.0248 4848 IPMIDRV - ok
19:35:14.0292 4848 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
19:35:14.0294 4848 IPNAT - ok
19:35:14.0325 4848 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
19:35:14.0327 4848 IRENUM - ok
19:35:14.0386 4848 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
19:35:14.0398 4848 isapnp - ok
19:35:14.0423 4848 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
19:35:14.0434 4848 iScsiPrt - ok
19:35:14.0510 4848 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
19:35:14.0517 4848 kbdclass - ok
19:35:14.0563 4848 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
19:35:14.0570 4848 kbdhid - ok
19:35:14.0610 4848 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:35:14.0612 4848 KeyIso - ok
19:35:14.0671 4848 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
19:35:14.0676 4848 KSecDD - ok
19:35:14.0699 4848 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
19:35:14.0701 4848 KSecPkg - ok
19:35:14.0749 4848 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
19:35:14.0750 4848 ksthunk - ok
19:35:14.0813 4848 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
19:35:14.0819 4848 KtmRm - ok
19:35:14.0925 4848 L1C (655a5d8e80869781cce23760ada7e695) C:\windows\system32\DRIVERS\L1C62x64.sys
19:35:14.0934 4848 L1C - ok
19:35:15.0011 4848 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
19:35:15.0015 4848 LanmanServer - ok
19:35:15.0073 4848 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
19:35:15.0077 4848 LanmanWorkstation - ok
19:35:15.0117 4848 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
19:35:15.0125 4848 lltdio - ok
19:35:15.0167 4848 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
19:35:15.0176 4848 lltdsvc - ok
19:35:15.0197 4848 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
19:35:15.0198 4848 lmhosts - ok
19:35:15.0249 4848 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
19:35:15.0259 4848 LSI_FC - ok
19:35:15.0271 4848 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
19:35:15.0282 4848 LSI_SAS - ok
19:35:15.0294 4848 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
19:35:15.0302 4848 LSI_SAS2 - ok
19:35:15.0318 4848 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
19:35:15.0329 4848 LSI_SCSI - ok
19:35:15.0362 4848 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
19:35:15.0364 4848 luafv - ok
19:35:15.0405 4848 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\windows\system32\drivers\mbam.sys
19:35:15.0413 4848 MBAMProtector - ok
19:35:15.0632 4848 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:35:15.0650 4848 MBAMService - ok
19:35:15.0775 4848 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:35:15.0778 4848 McAfee SiteAdvisor Service - ok
19:35:15.0925 4848 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
19:35:15.0929 4848 McComponentHostService - ok
19:35:15.0987 4848 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\windows\system32\DRIVERS\mcdbus.sys
19:35:15.0999 4848 mcdbus - ok
19:35:16.0038 4848 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:35:16.0040 4848 McMPFSvc - ok
19:35:16.0081 4848 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:35:16.0083 4848 mcmscsvc - ok
19:35:16.0117 4848 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:35:16.0118 4848 McNaiAnn - ok
19:35:16.0131 4848 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:35:16.0157 4848 McNASvc - ok
19:35:16.0313 4848 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe
19:35:16.0340 4848 McODS - ok
19:35:16.0350 4848 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:35:16.0352 4848 McProxy - ok
19:35:16.0450 4848 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
19:35:16.0452 4848 McShield - ok
19:35:16.0497 4848 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
19:35:16.0500 4848 Mcx2Svc - ok
19:35:16.0585 4848 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
19:35:16.0593 4848 megasas - ok
19:35:16.0671 4848 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
19:35:16.0709 4848 MegaSR - ok
19:35:16.0811 4848 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\windows\system32\drivers\mfeapfk.sys
19:35:16.0813 4848 mfeapfk - ok
19:35:16.0849 4848 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\windows\system32\drivers\mfeavfk.sys
19:35:16.0859 4848 mfeavfk - ok
19:35:16.0915 4848 mfeavfk01 - ok
19:35:16.0962 4848 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:35:16.0966 4848 mfefire - ok
19:35:17.0006 4848 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\windows\system32\drivers\mfefirek.sys
19:35:17.0019 4848 mfefirek - ok
19:35:17.0115 4848 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\windows\system32\drivers\mfehidk.sys
19:35:17.0122 4848 mfehidk - ok
19:35:17.0173 4848 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\windows\system32\DRIVERS\mfenlfk.sys
19:35:17.0182 4848 mfenlfk - ok
19:35:17.0281 4848 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\windows\system32\drivers\mferkdet.sys
19:35:17.0290 4848 mferkdet - ok
19:35:17.0381 4848 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\windows\system32\mfevtps.exe
19:35:17.0385 4848 mfevtp - ok
19:35:17.0423 4848 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\windows\system32\drivers\mfewfpk.sys
19:35:17.0426 4848 mfewfpk - ok
19:35:17.0532 4848 Microsoft SharePoint Workspace Audit Service - ok
19:35:17.0573 4848 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
19:35:17.0575 4848 MMCSS - ok
19:35:17.0604 4848 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
19:35:17.0611 4848 Modem - ok
19:35:17.0626 4848 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
19:35:17.0627 4848 monitor - ok
19:35:17.0774 4848 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
19:35:17.0782 4848 mouclass - ok
19:35:17.0853 4848 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
19:35:17.0860 4848 mouhid - ok
19:35:17.0899 4848 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
19:35:17.0901 4848 mountmgr - ok
19:35:18.0031 4848 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:35:18.0035 4848 MozillaMaintenance - ok
19:35:18.0079 4848 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
19:35:18.0090 4848 mpio - ok
19:35:18.0131 4848 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
19:35:18.0133 4848 mpsdrv - ok
19:35:18.0196 4848 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
19:35:18.0206 4848 MpsSvc - ok
19:35:18.0245 4848 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
19:35:18.0261 4848 MRxDAV - ok
19:35:18.0304 4848 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
19:35:18.0306 4848 mrxsmb - ok
19:35:18.0337 4848 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
19:35:18.0341 4848 mrxsmb10 - ok
19:35:18.0382 4848 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
19:35:18.0395 4848 mrxsmb20 - ok
19:35:18.0433 4848 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
19:35:18.0434 4848 msahci - ok
19:35:18.0501 4848 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
19:35:18.0518 4848 msdsm - ok
19:35:18.0563 4848 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
19:35:18.0566 4848 MSDTC - ok
19:35:18.0621 4848 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
19:35:18.0622 4848 Msfs - ok
19:35:18.0683 4848 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
19:35:18.0684 4848 mshidkmdf - ok
19:35:18.0729 4848 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
19:35:18.0730 4848 msisadrv - ok
19:35:18.0771 4848 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
19:35:18.0775 4848 MSiSCSI - ok
19:35:18.0785 4848 msiserver - ok
19:35:18.0833 4848 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
19:35:18.0835 4848 MSKSSRV - ok
19:35:18.0880 4848 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
19:35:18.0888 4848 MSPCLOCK - ok
19:35:18.0915 4848 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
19:35:18.0917 4848 MSPQM - ok
19:35:18.0989 4848 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
19:35:18.0994 4848 MsRPC - ok
19:35:19.0082 4848 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
19:35:19.0083 4848 mssmbios - ok
19:35:19.0169 4848 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
19:35:19.0177 4848 MSTEE - ok
19:35:19.0200 4848 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
19:35:19.0208 4848 MTConfig - ok
19:35:19.0237 4848 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
19:35:19.0239 4848 Mup - ok
19:35:19.0292 4848 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
19:35:19.0303 4848 napagent - ok
19:35:19.0445 4848 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
19:35:19.0449 4848 NativeWifiP - ok
19:35:19.0536 4848 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
19:35:19.0549 4848 NDIS - ok
19:35:19.0588 4848 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
19:35:19.0595 4848 NdisCap - ok
19:35:19.0661 4848 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
19:35:19.0662 4848 NdisTapi - ok
19:35:19.0713 4848 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
19:35:19.0720 4848 Ndisuio - ok
19:35:19.0769 4848 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
19:35:19.0771 4848 NdisWan - ok
19:35:19.0835 4848 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
19:35:19.0837 4848 NDProxy - ok
19:35:19.0913 4848 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
19:35:19.0914 4848 NetBIOS - ok
19:35:19.0964 4848 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
19:35:19.0967 4848 NetBT - ok
19:35:20.0021 4848 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:35:20.0023 4848 Netlogon - ok
19:35:20.0071 4848 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
19:35:20.0077 4848 Netman - ok
19:35:20.0101 4848 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
19:35:20.0107 4848 netprofm - ok
19:35:20.0246 4848 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:35:20.0248 4848 NetTcpPortSharing - ok
19:35:20.0280 4848 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
19:35:20.0288 4848 nfrd960 - ok
19:35:20.0394 4848 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
19:35:20.0398 4848 NlaSvc - ok
19:35:20.0423 4848 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
19:35:20.0425 4848 Npfs - ok
19:35:20.0456 4848 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
19:35:20.0458 4848 nsi - ok
19:35:20.0489 4848 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
19:35:20.0490 4848 nsiproxy - ok
19:35:20.0632 4848 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
19:35:20.0668 4848 Ntfs - ok
19:35:20.0833 4848 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
19:35:20.0839 4848 Null - ok
19:35:20.0928 4848 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
19:35:20.0938 4848 nvraid - ok
19:35:20.0970 4848 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
19:35:20.0981 4848 nvstor - ok
19:35:21.0055 4848 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
19:35:21.0066 4848 nv_agp - ok
19:35:21.0114 4848 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
19:35:21.0124 4848 ohci1394 - ok
19:35:21.0255 4848 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:35:21.0258 4848 ose - ok
19:35:21.0578 4848 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:35:21.0820 4848 osppsvc - ok
19:35:21.0965 4848 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
19:35:21.0970 4848 p2pimsvc - ok
19:35:22.0049 4848 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
19:35:22.0053 4848 p2psvc - ok
19:35:22.0178 4848 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
19:35:22.0187 4848 Parport - ok
19:35:22.0237 4848 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
19:35:22.0238 4848 partmgr - ok
19:35:22.0266 4848 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
19:35:22.0276 4848 PcaSvc - ok
19:35:22.0340 4848 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
19:35:22.0343 4848 pci - ok
19:35:22.0368 4848 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
19:35:22.0369 4848 pciide - ok
19:35:22.0418 4848 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
19:35:22.0428 4848 pcmcia - ok
19:35:22.0448 4848 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
19:35:22.0451 4848 pcw - ok
19:35:22.0537 4848 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
19:35:22.0555 4848 PEAUTH - ok
19:35:22.0722 4848 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
19:35:22.0724 4848 PerfHost - ok
19:35:22.0864 4848 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
19:35:22.0878 4848 pla - ok
19:35:22.0938 4848 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
19:35:22.0944 4848 PlugPlay - ok
19:35:23.0010 4848 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
19:35:23.0016 4848 PNRPAutoReg - ok
19:35:23.0064 4848 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
19:35:23.0067 4848 PNRPsvc - ok
19:35:23.0127 4848 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
19:35:23.0133 4848 PolicyAgent - ok
19:35:23.0166 4848 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
19:35:23.0171 4848 Power - ok
19:35:23.0260 4848 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
19:35:23.0268 4848 PptpMiniport - ok
19:35:23.0305 4848 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
19:35:23.0313 4848 Processor - ok
19:35:23.0390 4848 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
19:35:23.0394 4848 ProfSvc - ok
19:35:23.0433 4848 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:35:23.0434 4848 ProtectedStorage - ok
19:35:23.0502 4848 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
19:35:23.0505 4848 Psched - ok
19:35:23.0578 4848 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
19:35:23.0603 4848 ql2300 - ok
19:35:23.0752 4848 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
19:35:23.0763 4848 ql40xx - ok
19:35:23.0818 4848 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
19:35:23.0828 4848 QWAVE - ok
19:35:23.0851 4848 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
19:35:23.0853 4848 QWAVEdrv - ok
19:35:23.0887 4848 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
19:35:23.0889 4848 RasAcd - ok
19:35:23.0982 4848 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
19:35:23.0991 4848 RasAgileVpn - ok
19:35:24.0041 4848 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
19:35:24.0044 4848 RasAuto - ok
19:35:24.0159 4848 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
19:35:24.0167 4848 Rasl2tp - ok
19:35:24.0257 4848 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
19:35:24.0262 4848 RasMan - ok
19:35:24.0312 4848 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
19:35:24.0317 4848 RasPppoe - ok
19:35:24.0354 4848 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
19:35:24.0355 4848 RasSstp - ok
19:35:24.0408 4848 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
19:35:24.0412 4848 rdbss - ok
19:35:24.0453 4848 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
19:35:24.0462 4848 rdpbus - ok
19:35:24.0491 4848 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
19:35:24.0492 4848 RDPCDD - ok
19:35:24.0530 4848 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
19:35:24.0530 4848 RDPENCDD - ok
19:35:24.0560 4848 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
19:35:24.0566 4848 RDPREFMP - ok
19:35:24.0653 4848 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
19:35:24.0673 4848 RDPWD - ok
19:35:24.0772 4848 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
19:35:24.0775 4848 rdyboost - ok
19:35:24.0855 4848 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
19:35:24.0863 4848 RemoteAccess - ok
19:35:24.0896 4848 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
19:35:24.0899 4848 RemoteRegistry - ok
19:35:24.0936 4848 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
19:35:24.0939 4848 RpcEptMapper - ok
19:35:24.0974 4848 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
19:35:24.0977 4848 RpcLocator - ok
19:35:25.0051 4848 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
19:35:25.0055 4848 RpcSs - ok
19:35:25.0132 4848 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
19:35:25.0133 4848 rspndr - ok
19:35:25.0212 4848 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\windows\system32\Drivers\RtsUStor.sys
19:35:25.0221 4848 RSUSBSTOR - ok
19:35:25.0266 4848 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:35:25.0268 4848 SamSs - ok
19:35:25.0323 4848 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
19:35:25.0334 4848 sbp2port - ok
19:35:25.0378 4848 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
19:35:25.0381 4848 SCardSvr - ok
19:35:25.0418 4848 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
19:35:25.0430 4848 scfilter - ok
19:35:25.0505 4848 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
19:35:25.0526 4848 Schedule - ok
19:35:25.0583 4848 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
19:35:25.0589 4848 SCPolicySvc - ok
19:35:25.0646 4848 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
19:35:25.0681 4848 SDRSVC - ok
19:35:25.0780 4848 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
19:35:25.0787 4848 secdrv - ok
19:35:25.0832 4848 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
19:35:25.0835 4848 seclogon - ok
19:35:25.0888 4848 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
19:35:25.0890 4848 SENS - ok
19:35:25.0923 4848 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
19:35:25.0926 4848 SensrSvc - ok
19:35:25.0954 4848 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
19:35:25.0960 4848 Serenum - ok
19:35:26.0008 4848 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
19:35:26.0016 4848 Serial - ok
19:35:26.0088 4848 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
19:35:26.0097 4848 sermouse - ok
19:35:26.0153 4848 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
19:35:26.0156 4848 SessionEnv - ok
19:35:26.0224 4848 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
19:35:26.0232 4848 sffdisk - ok
19:35:26.0258 4848 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
19:35:26.0266 4848 sffp_mmc - ok
19:35:26.0285 4848 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
19:35:26.0292 4848 sffp_sd - ok
19:35:26.0371 4848 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
19:35:26.0381 4848 sfloppy - ok
19:35:26.0463 4848 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
19:35:26.0468 4848 SharedAccess - ok
19:35:26.0534 4848 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
19:35:26.0540 4848 ShellHWDetection - ok
19:35:26.0573 4848 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
19:35:26.0582 4848 SiSRaid2 - ok
19:35:26.0599 4848 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
19:35:26.0608 4848 SiSRaid4 - ok
19:35:26.0644 4848 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
19:35:26.0659 4848 Smb - ok
19:35:26.0720 4848 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
19:35:26.0722 4848 SNMPTRAP - ok
19:35:26.0746 4848 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
19:35:26.0749 4848 spldr - ok
19:35:26.0833 4848 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
19:35:26.0838 4848 Spooler - ok
19:35:27.0066 4848 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
19:35:27.0134 4848 sppsvc - ok
19:35:27.0248 4848 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
19:35:27.0261 4848 sppuinotify - ok
19:35:27.0355 4848 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
19:35:27.0360 4848 srv - ok
19:35:27.0395 4848 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
19:35:27.0403 4848 srv2 - ok
19:35:27.0442 4848 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
19:35:27.0445 4848 srvnet - ok
19:35:27.0525 4848 sscdbus (ed161b91fdf7eaa39469d72d463d5f4e) C:\windows\system32\DRIVERS\sscdbus.sys
19:35:27.0542 4848 sscdbus - ok
19:35:27.0585 4848 sscdmdfl (4cb09e77593dbd8d7af33b37375ca715) C:\windows\system32\DRIVERS\sscdmdfl.sys
19:35:27.0587 4848 sscdmdfl - ok
19:35:27.0641 4848 sscdmdm (c7b4cf53497a6e5363f3439427663882) C:\windows\system32\DRIVERS\sscdmdm.sys
19:35:27.0652 4848 sscdmdm - ok
19:35:27.0705 4848 sscdserd (05ffa552f578e27ab2d41b6828db477f) C:\windows\system32\DRIVERS\sscdserd.sys
19:35:27.0715 4848 sscdserd - ok
19:35:27.0801 4848 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
19:35:27.0808 4848 SSDPSRV - ok
19:35:27.0830 4848 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
19:35:27.0832 4848 SstpSvc - ok
19:35:27.0863 4848 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
19:35:27.0871 4848 stexstor - ok
19:35:27.0939 4848 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
19:35:27.0947 4848 stisvc - ok
19:35:27.0985 4848 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
19:35:27.0992 4848 swenum - ok
19:35:28.0210 4848 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:35:28.0240 4848 SwitchBoard - ok
19:35:28.0294 4848 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
19:35:28.0301 4848 swprv - ok
19:35:28.0346 4848 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
19:35:28.0358 4848 SynTP - ok
19:35:28.0452 4848 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
19:35:28.0471 4848 SysMain - ok
19:35:28.0562 4848 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
19:35:28.0565 4848 TabletInputService - ok
19:35:28.0609 4848 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
19:35:28.0614 4848 TapiSrv - ok
19:35:28.0677 4848 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
19:35:28.0679 4848 TBS - ok
19:35:28.0885 4848 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
19:35:28.0953 4848 Tcpip - ok
19:35:29.0134 4848 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
19:35:29.0145 4848 TCPIP6 - ok
19:35:29.0282 4848 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
19:35:29.0284 4848 tcpipreg - ok
19:35:29.0332 4848 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
19:35:29.0339 4848 tdcmdpst - ok
19:35:29.0382 4848 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
19:35:29.0383 4848 TDPIPE - ok
19:35:29.0426 4848 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
19:35:29.0433 4848 TDTCP - ok
19:35:29.0504 4848 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
19:35:29.0506 4848 tdx - ok
19:35:29.0548 4848 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
19:35:29.0553 4848 TermDD - ok
19:35:29.0636 4848 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
19:35:29.0659 4848 TermService - ok
19:35:29.0732 4848 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
19:35:29.0737 4848 Themes - ok
19:35:29.0785 4848 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
19:35:29.0787 4848 THREADORDER - ok
19:35:29.0942 4848 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:35:29.0944 4848 TMachInfo - ok
19:35:30.0003 4848 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\windows\system32\TODDSrv.exe
19:35:30.0006 4848 TODDSrv - ok
19:35:30.0179 4848 TosCoSrv (db9719688c08f42705feb3f6a0c98b91) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
19:35:30.0184 4848 TosCoSrv - ok
19:35:30.0255 4848 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:35:30.0256 4848 TOSHIBA HDD SSD Alert Service - ok
19:35:30.0316 4848 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
19:35:30.0319 4848 TrkWks - ok
19:35:30.0387 4848 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
19:35:30.0390 4848 TrustedInstaller - ok
19:35:30.0447 4848 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
19:35:30.0454 4848 tssecsrv - ok
19:35:30.0556 4848 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
19:35:30.0565 4848 TsUsbFlt - ok
19:35:30.0666 4848 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
19:35:30.0675 4848 tunnel - ok
19:35:30.0737 4848 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
19:35:30.0738 4848 TVALZ - ok
19:35:30.0773 4848 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
19:35:30.0782 4848 uagp35 - ok
19:35:30.0838 4848 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
19:35:30.0842 4848 udfs - ok
19:35:30.0886 4848 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
19:35:30.0889 4848 UI0Detect - ok
19:35:30.0954 4848 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
19:35:30.0963 4848 uliagpkx - ok
19:35:31.0000 4848 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
19:35:31.0007 4848 umbus - ok
19:35:31.0063 4848 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
19:35:31.0070 4848 UmPass - ok
19:35:31.0122 4848 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
19:35:31.0133 4848 upnphost - ok
19:35:31.0181 4848 usbbus (c85b8247fadd432fa54fe11667c8d97d) C:\windows\system32\DRIVERS\lgx64bus.sys
19:35:31.0188 4848 usbbus - ok
19:35:31.0228 4848 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
19:35:31.0238 4848 usbccgp - ok
19:35:31.0317 4848 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
19:35:31.0325 4848 usbcir - ok
19:35:31.0382 4848 UsbDiag (d8cdc12f5429878f23ddb3785a0fdf95) C:\windows\system32\DRIVERS\lgx64diag.sys
19:35:31.0390 4848 UsbDiag - ok
19:35:31.0426 4848 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
19:35:31.0434 4848 usbehci - ok
19:35:31.0490 4848 UsbGps (e165761db99352dae13ebd584a45688e) C:\windows\system32\DRIVERS\lgx64gps.sys
19:35:31.0497 4848 UsbGps - ok
19:35:31.0567 4848 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
19:35:31.0579 4848 usbhub - ok
19:35:31.0634 4848 USBModem (79fa7a22b0f6f0082f640cbc82a00fce) C:\windows\system32\DRIVERS\lgx64modem.sys
19:35:31.0641 4848 USBModem - ok
19:35:31.0673 4848 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
19:35:31.0680 4848 usbohci - ok
19:35:31.0765 4848 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
19:35:31.0772 4848 usbprint - ok
19:35:31.0820 4848 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
19:35:31.0828 4848 USBSTOR - ok
19:35:31.0888 4848 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys
19:35:31.0895 4848 usbuhci - ok
19:35:31.0956 4848 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
19:35:31.0966 4848 usbvideo - ok
19:35:31.0999 4848 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
19:35:32.0003 4848 UxSms - ok
19:35:32.0035 4848 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:35:32.0037 4848 VaultSvc - ok
19:35:32.0116 4848 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
19:35:32.0123 4848 vdrvroot - ok
19:35:32.0170 4848 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
19:35:32.0177 4848 vds - ok
19:35:32.0245 4848 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
19:35:32.0254 4848 vga - ok
19:35:32.0278 4848 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
19:35:32.0279 4848 VgaSave - ok
19:35:32.0331 4848 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
19:35:32.0343 4848 vhdmp - ok
19:35:32.0374 4848 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
19:35:32.0381 4848 viaide - ok
19:35:32.0416 4848 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
19:35:32.0418 4848 volmgr - ok
19:35:32.0509 4848 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
19:35:32.0513 4848 volmgrx - ok
19:35:32.0566 4848 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
19:35:32.0581 4848 volsnap - ok
19:35:32.0662 4848 VSBC (baf1c334fd3f5e23b5726eba3a7bfc3e) C:\windows\system32\DRIVERS\evsbc.sys
19:35:32.0670 4848 VSBC - ok
19:35:32.0730 4848 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
19:35:32.0741 4848 vsmraid - ok
19:35:32.0887 4848 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
19:35:32.0940 4848 VSS - ok
19:35:33.0144 4848 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
19:35:33.0145 4848 vwifibus - ok
19:35:33.0176 4848 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
19:35:33.0183 4848 vwififlt - ok
19:35:33.0251 4848 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
19:35:33.0260 4848 W32Time - ok
19:35:33.0295 4848 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
19:35:33.0302 4848 WacomPen - ok
19:35:33.0379 4848 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
19:35:33.0387 4848 WANARP - ok
19:35:33.0398 4848 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
19:35:33.0407 4848 Wanarpv6 - ok
19:35:33.0539 4848 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
19:35:33.0563 4848 WatAdminSvc - ok
19:35:33.0671 4848 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
19:35:33.0761 4848 wbengine - ok
19:35:33.0920 4848 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
19:35:33.0929 4848 WbioSrvc - ok
19:35:33.0996 4848 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
19:35:34.0002 4848 wcncsvc - ok
19:35:34.0039 4848 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
19:35:34.0045 4848 WcsPlugInService - ok
19:35:34.0135 4848 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
19:35:34.0143 4848 Wd - ok
19:35:34.0176 4848 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
19:35:34.0183 4848 WDC_SAM - ok
19:35:34.0239 4848 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
19:35:34.0246 4848 Wdf01000 - ok
19:35:34.0288 4848 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
19:35:34.0290 4848 WdiServiceHost - ok
19:35:34.0301 4848 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
19:35:34.0303 4848 WdiSystemHost - ok
19:35:34.0366 4848 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
19:35:34.0370 4848 WebClient - ok
19:35:34.0407 4848 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
19:35:34.0417 4848 Wecsvc - ok
19:35:34.0434 4848 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
19:35:34.0437 4848 wercplsupport - ok
19:35:34.0496 4848 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
19:35:34.0530 4848 WerSvc - ok
19:35:34.0633 4848 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
19:35:34.0634 4848 WfpLwf - ok
19:35:34.0666 4848 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
19:35:34.0668 4848 WIMMount - ok
19:35:34.0702 4848 WinDefend - ok
19:35:34.0718 4848 WinHttpAutoProxySvc - ok
19:35:34.0828 4848 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
19:35:34.0836 4848 Winmgmt - ok
19:35:34.0933 4848 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
19:35:34.0964 4848 WinRM - ok
19:35:35.0129 4848 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
19:35:35.0139 4848 Wlansvc - ok
19:35:35.0259 4848 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:35:35.0261 4848 wlcrasvc - ok
19:35:35.0426 4848 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:35:35.0440 4848 wlidsvc - ok
19:35:35.0579 4848 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
19:35:35.0587 4848 WmiAcpi - ok
19:35:35.0655 4848 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
19:35:35.0667 4848 wmiApSrv - ok
19:35:35.0723 4848 WMPNetworkSvc - ok
19:35:35.0771 4848 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
19:35:35.0777 4848 WPCSvc - ok
19:35:35.0841 4848 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
19:35:35.0844 4848 WPDBusEnum - ok
19:35:35.0890 4848 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
19:35:35.0892 4848 ws2ifsl - ok
19:35:35.0952 4848 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
19:35:35.0955 4848 wscsvc - ok
19:35:35.0967 4848 WSearch - ok
19:35:36.0124 4848 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
19:35:36.0159 4848 wuauserv - ok
19:35:36.0286 4848 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
19:35:36.0294 4848 WudfPf - ok
19:35:36.0324 4848 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
19:35:36.0334 4848 WUDFRd - ok
19:35:36.0372 4848 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
19:35:36.0379 4848 wudfsvc - ok
19:35:36.0427 4848 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
19:35:36.0432 4848 WwanSvc - ok
19:35:36.0478 4848 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
19:35:37.0002 4848 \Device\Harddisk0\DR0 - ok
19:35:37.0051 4848 Boot (0x1200) (33c41ffb68de5909619249b10bd59ba7) \Device\Harddisk0\DR0\Partition0
19:35:37.0053 4848 \Device\Harddisk0\DR0\Partition0 - ok
19:35:37.0056 4848 ============================================================
19:35:37.0056 4848 Scan finished
19:35:37.0056 4848 ============================================================
19:35:37.0073 0164 Detected object count: 0
19:35:37.0073 0164 Actual detected object count: 0
19:37:59.0684 0476 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-31 19:39:04
-----------------------------
19:39:04.926 OS Version: Windows x64 6.1.7601 Service Pack 1
19:39:04.926 Number of processors: 1 586 0x170A
19:39:04.942 ComputerName: LAPTOP3-PC UserName: Laptop3
19:39:06.829 Initialize success
19:40:22.297 AVAST engine defs: 12073102
19:40:28.740 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:40:28.740 Disk 0 Vendor: TOSHIBA_ GJ00 Size: 238475MB BusType: 3
19:40:28.755 Disk 0 MBR read successfully
19:40:28.755 Disk 0 MBR scan
19:40:28.818 Disk 0 Windows VISTA default MBR code
19:40:28.833 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
19:40:28.849 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 226546 MB offset 3074048
19:40:28.880 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10428 MB offset 467040256
19:40:28.927 Disk 0 scanning C:\windows\system32\drivers
19:40:46.227 Service scanning
19:41:33.776 Modules scanning
19:41:33.776 Disk 0 trace - called modules:
19:41:33.854 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
19:41:34.369 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003271450]
19:41:34.369 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002d56050]
19:41:35.367 AVAST engine scan C:\windows
19:41:37.645 AVAST engine scan C:\windows\system32
19:45:28.118 AVAST engine scan C:\windows\system32\drivers
19:45:45.107 AVAST engine scan C:\Users\Laptop3
19:47:02.779 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
19:47:02.795 The log file has been saved successfully to "C:\aswMBR.txt"


C:\LG Electronics\LGNPST\LGNPST.exe Win32/Packed.Themida.AAG trojan cleaned by deleting - quarantined
C:\Users\Laptop3\AppData\Local\Temp\Rar$EXa0.589\LGNPSTv1.3_Lab_Verison_RightClickReg.msi Win32/Packed.Themida.AAG trojan deleted - quarantined
C:\Users\Laptop3\AppData\Local\Temp\Rar$EXa0.886\LGNPSTv1.3_Lab_Verison_RightClickReg.msi Win32/Packed.Themida.AAG trojan deleted - quarantined
C:\Users\Laptop3\AppData\Local\{922D199E-D3C7-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\Laptop3\Desktop\CDMA Workshop 2.7 (Full).rar multiple threats deleted - quarantined
C:\Users\Laptop3\Desktop\EVO FLASHING TOOLS.rar multiple threats deleted - quarantined
C:\Users\Laptop3\Downloads\LGNPSTv1.3_Lab_Verison_RightClickReg.rar Win32/Packed.Themida.AAG trojan deleted - quarantined
C:\Windows\KMSEmulator.exe a variant of Win32/HackKMS.A application cleaned by deleting - quarantined
C:\Windows\AutoKMS\AutoKMS.exe a variant of Win32/HackKMS.B application cleaned by deleting - quarantined
C:\Windows\Installer\1f639e.msi Win32/Packed.Themida.AAG trojan deleted - quarantined


Thank you.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:24 AM

Posted 01 August 2012 - 06:22 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 yknujssab

yknujssab
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 01 August 2012 - 10:12 PM

Ok, by the way, thanks very much.

Here are the logs



MiniToolBox by Farbar Version: 23-07-2012
Ran by Laptop3 (administrator) on 01-08-2012 at 19:53:39
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Laptop3-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-6C-A3-73-36
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 1C-65-9D-ED-F4-5F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::44bf:6254:2c39:eb8e%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.115(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 01, 2012 6:01:48 PM
Lease Expires . . . . . . . . . . : Thursday, August 02, 2012 7:49:27 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 236742045
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-19-53-E9-1C-65-9D-ED-F4-5F
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:1ca6:9fe:9cbd:7c98(Preferred)
Link-local IPv6 Address . . . . . : fe80::1ca6:9fe:9cbd:7c98%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8EE51F9C-4814-4682-86C0-BC896B3905C5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 2001:4860:4001:802::1001
74.125.224.98
74.125.224.99
74.125.224.100
74.125.224.101
74.125.224.102
74.125.224.103
74.125.224.104
74.125.224.105
74.125.224.110
74.125.224.96
74.125.224.97


Pinging google.com [74.125.224.104] with 32 bytes of data:
Reply from 74.125.224.104: bytes=32 time=464ms TTL=54
Reply from 74.125.224.104: bytes=32 time=33ms TTL=54

Ping statistics for 74.125.224.104:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 33ms, Maximum = 464ms, Average = 248ms
Server: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=134ms TTL=52
Reply from 72.30.38.140: bytes=32 time=37ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 134ms, Average = 85ms
Server: home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=7ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 7ms, Average = 4ms
===========================================================================
Interface List
11...00 26 6c a3 73 36 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
10...1c 65 9d ed f4 5f ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.115 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.115 281
192.168.1.115 255.255.255.255 On-link 192.168.1.115 281
192.168.1.255 255.255.255.255 On-link 192.168.1.115 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.115 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.115 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:953c:1ca6:9fe:9cbd:7c98/128
On-link
10 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::1ca6:9fe:9cbd:7c98/128
On-link
10 281 fe80::44bf:6254:2c39:eb8e/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/01/2012 06:02:27 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/01/2012 05:52:28 PM) (Source: TOSHIBA Service Station) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (08/01/2012 05:51:22 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/31/2012 07:47:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/31/2012 07:31:44 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 07:14:56 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 04:35:13 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 01:36:09 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 01:26:25 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 10:58:18 AM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)


System errors:
=============
Error: (08/01/2012 07:49:22 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/01/2012 06:06:53 PM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (08/01/2012 05:55:46 PM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (07/31/2012 09:41:30 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (07/31/2012 07:36:15 PM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (07/30/2012 09:07:22 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/30/2012 07:11:32 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/30/2012 04:37:07 PM) (Source: DCOM) (User: )
Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A}

Error: (07/30/2012 01:24:32 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).

Error: (07/30/2012 00:14:57 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer PARENTS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A6C7EFF7-D6CB-44D3-B2B1-F194EEABE78A}.
The master browser is stopping or an election is being forced.


Microsoft Office Sessions:
=========================
Error: (08/01/2012 06:02:27 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/01/2012 05:52:28 PM) (Source: TOSHIBA Service Station)(User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (08/01/2012 05:51:22 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/31/2012 07:47:32 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Laptop3\Downloads\esetsmartinstaller_enu.exe

Error: (07/31/2012 07:31:44 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 07:14:56 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 04:35:13 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 01:36:09 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 01:26:25 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 10:58:18 AM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)


=========================== Installed Programs ============================

Adobe Acrobat X Pro - English, Russian (Version: 10.1.0)
Adobe AIR (Version: 2.7.0.19480)
Adobe Community Help (Version: 3.5.23)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Design Premium (Version: 5.5)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.27)
Atheros Driver Installation Program (Version: 5.2)
Best Buy pc app (Version: 3.0.0.0)
Conexant HD Audio (Version: 4.119.0.61)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ESET Online Scanner v3
Free Studio version 5.6.2.627 (Version: 5.6.2.627)
Google Chrome (Version: 20.0.1132.57)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2086)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
LG Verizon United Driver (Version: 2.5.2)
LGNPST (Version: 1.3)
LGNPST Components (Version: 3.0.5.0)
LGNPST for CT (Version: 1.2)
LGNPST GenericModels (Version: 3.0.7.0)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Security Scan Plus (Version: 2.0.181.2)
McAfee SecurityCenter (Version: 11.0.678)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
PDF Settings CS5 (Version: 10.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
QPST 2.7 (Version: 2.7.366)
QXDM Professional (Version: 3.12.714)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30111)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 3.00.11)
Toshiba Book Place (Version: 2.0.5271)
TOSHIBA Bulletin Board (Version: 1.6.07.64)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA Hardware Setup (Version: 2.00.06)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
TOSHIBA Media Controller (Version: 1.0.80.3.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.4.9)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.6.06.64)
TOSHIBA Service Station (Version: 2.1.40)
TOSHIBA Supervisor Password (Version: 2.00.03)
TOSHIBA Value Added Package (Version: 1.3.19.64)
ToshibaRegistration (Version: 1.0.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.20 (64-bit) (Version: 4.20.0)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 2939.98 MB
Available physical RAM: 1590.3 MB
Total Pagefile: 5878.14 MB
Available Pagefile: 4049.62 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.13 MB

========================= Partitions: =====================================

1 Drive c: (TI106034W0C) (Fixed) (Total:221.24 GB) (Free:164.89 GB) NTFS

========================= Users: ========================================

User accounts for \\LAPTOP3-PC

Administrator Guest Jose
Kaylene Laptop3 Mathew
Melissa


**** End of log ****


Farbar Service Scanner Version: 26-07-2012
Ran by Laptop3 (administrator) on 01-08-2012 at 19:56:18
Running from "C:\Users\Laptop3\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v1.800 - Logfile created 08/01/2012 at 20:03:21
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Laptop3 - LAPTOP3-PC
# Running from : C:\Users\Laptop3\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

[x64] Key Deleted : HKLM\SOFTWARE\Software

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Laptop3\AppData\Roaming\Mozilla\Firefox\Profiles\xo84bxnn.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Jose\AppData\Roaming\Mozilla\Firefox\Profiles\4v2jimb5.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\8l41vwpw.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Mathew\AppData\Roaming\Mozilla\Firefox\Profiles\wfcneti3.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Kaylene\AppData\Roaming\Mozilla\Firefox\Profiles\d3kx9suk.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Laptop3\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

File : C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [1775 octets] - [01/08/2012 20:03:21]

########## EOF - C:\AdwCleaner[S1].txt - [1903 octets] ##########


There they are.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:24 AM

Posted 01 August 2012 - 10:15 PM

MBAM logs?

Do you still have redirects?

#7 yknujssab

yknujssab
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 02 August 2012 - 10:47 AM

Hello, sorry I forgot to post that one. There were no infected items on the first scan. If you need I'll post it when I get home from work. I'll also check to see if it still redirects.
Thank you.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:24 AM

Posted 02 August 2012 - 01:09 PM

Uninstall firefox

Checkmark Remove my personal data option

Reinstall it


Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 yknujssab

yknujssab
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 02 August 2012 - 10:41 PM

Ok, got it. No more redirecting. Thanks so much. I need to remind my kids to not click links.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:24 AM

Posted 02 August 2012 - 10:48 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users