Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Popups on bottom right with occasional redirects


  • Please log in to reply
5 replies to this topic

#1 CaseyH71

CaseyH71

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 31 July 2012 - 07:18 PM

Hello,

Yep, I have been nabbed by that pesky popup (sponsored ads) in the bottom right hand corner of my desktop. A lot of times it looks like a iPhone, but mostly it takes on various shapes and sizes. I used to get redirects as well, but those seem to have faded since running Spybot. Any help is appreciated!

Thanks, Casey

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:34 AM

Posted 31 July 2012 - 07:21 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 CaseyH71

CaseyH71
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 05 August 2012 - 06:31 PM

Thanks for the reply!

Here are the results:

16:26:40.0311 7196 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:26:40.0707 7196 ============================================================
16:26:40.0707 7196 Current date / time: 2012/08/05 16:26:40.0707
16:26:40.0707 7196 SystemInfo:
16:26:40.0707 7196
16:26:40.0707 7196 OS Version: 6.1.7601 ServicePack: 1.0
16:26:40.0707 7196 Product type: Workstation
16:26:40.0707 7196 ComputerName: SHERI-PC
16:26:40.0707 7196 UserName: Sheri
16:26:40.0707 7196 Windows directory: C:\Windows
16:26:40.0707 7196 System windows directory: C:\Windows
16:26:40.0707 7196 Running under WOW64
16:26:40.0707 7196 Processor architecture: Intel x64
16:26:40.0707 7196 Number of processors: 2
16:26:40.0707 7196 Page size: 0x1000
16:26:40.0707 7196 Boot type: Normal boot
16:26:40.0707 7196 ============================================================
16:26:42.0667 7196 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:26:42.0682 7196 Drive \Device\Harddisk1\DR1 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:26:42.0763 7196 ============================================================
16:26:42.0763 7196 \Device\Harddisk0\DR0:
16:26:42.0763 7196 MBR partitions:
16:26:42.0763 7196 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC9061C2
16:26:42.0763 7196 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC906400, BlocksNum 0x2DA7F000
16:26:42.0763 7196 \Device\Harddisk1\DR1:
16:26:42.0764 7196 MBR partitions:
16:26:42.0764 7196 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x212E155C
16:26:42.0764 7196 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x212E931D, BlocksNum 0x1909B924
16:26:42.0764 7196 ============================================================
16:26:42.0767 7196 C: <-> \Device\Harddisk0\DR0\Partition0
16:26:42.0772 7196 D: <-> \Device\Harddisk1\DR1\Partition0
16:26:42.0794 7196 F: <-> \Device\Harddisk0\DR0\Partition1
16:26:42.0815 7196 G: <-> \Device\Harddisk1\DR1\Partition1
16:26:42.0815 7196 ============================================================
16:26:42.0815 7196 Initialize success
16:26:42.0815 7196 ============================================================
16:27:13.0709 3984 ============================================================
16:27:13.0709 3984 Scan started
16:27:13.0709 3984 Mode: Manual; TDLFS;
16:27:13.0709 3984 ============================================================
16:27:14.0237 3984 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:27:14.0250 3984 1394ohci - ok
16:27:14.0281 3984 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:27:14.0292 3984 ACPI - ok
16:27:14.0317 3984 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:27:14.0318 3984 AcpiPmi - ok
16:27:14.0380 3984 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:27:14.0388 3984 AdobeARMservice - ok
16:27:14.0411 3984 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:27:14.0426 3984 adp94xx - ok
16:27:14.0455 3984 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:27:14.0463 3984 adpahci - ok
16:27:14.0474 3984 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:27:14.0476 3984 adpu320 - ok
16:27:14.0500 3984 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:27:14.0508 3984 AeLookupSvc - ok
16:27:14.0552 3984 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:27:14.0568 3984 AFD - ok
16:27:14.0580 3984 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:27:14.0581 3984 agp440 - ok
16:27:14.0593 3984 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:27:14.0600 3984 ALG - ok
16:27:14.0608 3984 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:27:14.0610 3984 aliide - ok
16:27:14.0626 3984 AMD External Events Utility (b5e2434fc851698c1f119cf1c3935a50) C:\Windows\system32\atiesrxx.exe
16:27:14.0639 3984 AMD External Events Utility - ok
16:27:14.0644 3984 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:27:14.0645 3984 amdide - ok
16:27:14.0658 3984 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:27:14.0659 3984 AmdK8 - ok
16:27:15.0095 3984 amdkmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
16:27:15.0264 3984 amdkmdag - ok
16:27:15.0356 3984 amdkmdap (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
16:27:15.0367 3984 amdkmdap - ok
16:27:15.0386 3984 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:27:15.0388 3984 AmdPPM - ok
16:27:15.0406 3984 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
16:27:15.0412 3984 amdsata - ok
16:27:15.0432 3984 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:27:15.0445 3984 amdsbs - ok
16:27:15.0451 3984 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
16:27:15.0452 3984 amdxata - ok
16:27:15.0480 3984 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:27:15.0482 3984 AppID - ok
16:27:15.0494 3984 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:27:15.0495 3984 AppIDSvc - ok
16:27:15.0530 3984 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:27:15.0536 3984 Appinfo - ok
16:27:15.0591 3984 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:27:15.0593 3984 Apple Mobile Device - ok
16:27:15.0608 3984 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:27:15.0614 3984 arc - ok
16:27:15.0631 3984 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:27:15.0644 3984 arcsas - ok
16:27:15.0668 3984 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:27:15.0669 3984 AsyncMac - ok
16:27:15.0674 3984 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:27:15.0675 3984 atapi - ok
16:27:15.0707 3984 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
16:27:15.0712 3984 AtiHDAudioService - ok
16:27:16.0204 3984 atikmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
16:27:16.0255 3984 atikmdag - ok
16:27:16.0348 3984 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:27:16.0361 3984 AudioEndpointBuilder - ok
16:27:16.0368 3984 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:27:16.0372 3984 AudioSrv - ok
16:27:16.0387 3984 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:27:16.0393 3984 AxInstSV - ok
16:27:16.0426 3984 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:27:16.0442 3984 b06bdrv - ok
16:27:16.0475 3984 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:27:16.0486 3984 b57nd60a - ok
16:27:16.0507 3984 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:27:16.0512 3984 BDESVC - ok
16:27:16.0518 3984 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:27:16.0519 3984 Beep - ok
16:27:16.0574 3984 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:27:16.0595 3984 BFE - ok
16:27:16.0632 3984 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:27:16.0653 3984 BITS - ok
16:27:16.0673 3984 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:27:16.0675 3984 blbdrive - ok
16:27:16.0689 3984 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:27:16.0695 3984 bowser - ok
16:27:16.0704 3984 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:27:16.0706 3984 BrFiltLo - ok
16:27:16.0720 3984 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:27:16.0721 3984 BrFiltUp - ok
16:27:16.0745 3984 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:27:16.0747 3984 Browser - ok
16:27:16.0766 3984 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:27:16.0778 3984 Brserid - ok
16:27:16.0792 3984 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:27:16.0793 3984 BrSerWdm - ok
16:27:16.0803 3984 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:27:16.0804 3984 BrUsbMdm - ok
16:27:16.0817 3984 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:27:16.0819 3984 BrUsbSer - ok
16:27:16.0838 3984 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:27:16.0844 3984 BTHMODEM - ok
16:27:16.0868 3984 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:27:16.0880 3984 bthserv - ok
16:27:16.0897 3984 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:27:16.0903 3984 cdfs - ok
16:27:16.0930 3984 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:27:16.0943 3984 cdrom - ok
16:27:16.0977 3984 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:27:16.0983 3984 CertPropSvc - ok
16:27:17.0004 3984 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:27:17.0005 3984 circlass - ok
16:27:17.0033 3984 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:27:17.0041 3984 CLFS - ok
16:27:17.0069 3984 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:27:17.0071 3984 clr_optimization_v2.0.50727_32 - ok
16:27:17.0098 3984 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:27:17.0104 3984 clr_optimization_v2.0.50727_64 - ok
16:27:17.0152 3984 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:27:17.0166 3984 clr_optimization_v4.0.30319_32 - ok
16:27:17.0190 3984 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:27:17.0204 3984 clr_optimization_v4.0.30319_64 - ok
16:27:17.0227 3984 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:27:17.0229 3984 CmBatt - ok
16:27:17.0234 3984 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:27:17.0235 3984 cmdide - ok
16:27:17.0265 3984 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:27:17.0281 3984 CNG - ok
16:27:17.0289 3984 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:27:17.0290 3984 Compbatt - ok
16:27:17.0327 3984 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:27:17.0329 3984 CompositeBus - ok
16:27:17.0332 3984 COMSysApp - ok
16:27:17.0339 3984 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:27:17.0340 3984 crcdisk - ok
16:27:17.0363 3984 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:27:17.0368 3984 CryptSvc - ok
16:27:17.0400 3984 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:27:17.0415 3984 DcomLaunch - ok
16:27:17.0452 3984 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:27:17.0460 3984 defragsvc - ok
16:27:17.0475 3984 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:27:17.0480 3984 DfsC - ok
16:27:17.0499 3984 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:27:17.0510 3984 Dhcp - ok
16:27:17.0524 3984 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:27:17.0525 3984 discache - ok
16:27:17.0557 3984 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:27:17.0563 3984 Disk - ok
16:27:17.0606 3984 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:27:17.0620 3984 Dnscache - ok
16:27:17.0644 3984 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:27:17.0655 3984 dot3svc - ok
16:27:17.0682 3984 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:27:17.0687 3984 Dot4 - ok
16:27:17.0721 3984 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
16:27:17.0723 3984 Dot4Print - ok
16:27:17.0740 3984 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
16:27:17.0741 3984 Dot4Scan - ok
16:27:17.0751 3984 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:27:17.0752 3984 dot4usb - ok
16:27:17.0777 3984 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:27:17.0789 3984 DPS - ok
16:27:17.0800 3984 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:27:17.0801 3984 drmkaud - ok
16:27:17.0848 3984 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:27:17.0872 3984 DXGKrnl - ok
16:27:17.0892 3984 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:27:17.0897 3984 EapHost - ok
16:27:18.0011 3984 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:27:18.0076 3984 ebdrv - ok
16:27:18.0153 3984 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:27:18.0155 3984 EFS - ok
16:27:18.0196 3984 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:27:18.0216 3984 ehRecvr - ok
16:27:18.0233 3984 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:27:18.0238 3984 ehSched - ok
16:27:18.0289 3984 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:27:18.0304 3984 elxstor - ok
16:27:18.0314 3984 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:27:18.0315 3984 ErrDev - ok
16:27:18.0357 3984 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:27:18.0373 3984 EventSystem - ok
16:27:18.0398 3984 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:27:18.0409 3984 exfat - ok
16:27:18.0434 3984 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:27:18.0445 3984 fastfat - ok
16:27:18.0482 3984 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:27:18.0503 3984 Fax - ok
16:27:18.0522 3984 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:27:18.0523 3984 fdc - ok
16:27:18.0538 3984 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:27:18.0540 3984 fdPHost - ok
16:27:18.0554 3984 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:27:18.0556 3984 FDResPub - ok
16:27:18.0569 3984 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:27:18.0571 3984 FileInfo - ok
16:27:18.0586 3984 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:27:18.0587 3984 Filetrace - ok
16:27:18.0598 3984 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:27:18.0599 3984 flpydisk - ok
16:27:18.0619 3984 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:27:18.0629 3984 FltMgr - ok
16:27:18.0725 3984 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:27:18.0755 3984 FontCache - ok
16:27:18.0779 3984 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:27:18.0780 3984 FontCache3.0.0.0 - ok
16:27:18.0801 3984 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:27:18.0803 3984 FsDepends - ok
16:27:18.0829 3984 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:27:18.0830 3984 Fs_Rec - ok
16:27:18.0873 3984 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:27:18.0886 3984 fvevol - ok
16:27:18.0909 3984 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:27:18.0911 3984 gagp30kx - ok
16:27:18.0923 3984 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:27:18.0925 3984 GEARAspiWDM - ok
16:27:18.0986 3984 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:27:19.0005 3984 gpsvc - ok
16:27:19.0053 3984 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:27:19.0065 3984 gupdate - ok
16:27:19.0081 3984 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:27:19.0082 3984 gupdatem - ok
16:27:19.0099 3984 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:27:19.0100 3984 hcw85cir - ok
16:27:19.0136 3984 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:27:19.0143 3984 HdAudAddService - ok
16:27:19.0181 3984 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:27:19.0186 3984 HDAudBus - ok
16:27:19.0205 3984 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:27:19.0206 3984 HidBatt - ok
16:27:19.0224 3984 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:27:19.0229 3984 HidBth - ok
16:27:19.0239 3984 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:27:19.0241 3984 HidIr - ok
16:27:19.0254 3984 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:27:19.0256 3984 hidserv - ok
16:27:19.0267 3984 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:27:19.0269 3984 HidUsb - ok
16:27:19.0289 3984 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:27:19.0294 3984 hkmsvc - ok
16:27:19.0314 3984 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:27:19.0324 3984 HomeGroupListener - ok
16:27:19.0342 3984 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:27:19.0353 3984 HomeGroupProvider - ok
16:27:19.0370 3984 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:27:19.0376 3984 HpSAMD - ok
16:27:19.0415 3984 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:27:19.0440 3984 HTTP - ok
16:27:19.0445 3984 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:27:19.0446 3984 hwpolicy - ok
16:27:19.0477 3984 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:27:19.0481 3984 i8042prt - ok
16:27:19.0513 3984 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
16:27:19.0529 3984 iaStorV - ok
16:27:19.0560 3984 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:27:19.0562 3984 IDriverT - ok
16:27:19.0607 3984 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:27:19.0629 3984 idsvc - ok
16:27:19.0694 3984 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:27:19.0696 3984 iirsp - ok
16:27:19.0758 3984 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:27:19.0781 3984 IKEEXT - ok
16:27:19.0911 3984 IntcAzAudAddService (76877dd763a2287f58908795f3f5cccb) C:\Windows\system32\drivers\RTKVHD64.sys
16:27:19.0948 3984 IntcAzAudAddService - ok
16:27:20.0006 3984 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:27:20.0008 3984 intelide - ok
16:27:20.0034 3984 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:27:20.0036 3984 intelppm - ok
16:27:20.0056 3984 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:27:20.0061 3984 IPBusEnum - ok
16:27:20.0089 3984 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:27:20.0095 3984 IpFilterDriver - ok
16:27:20.0125 3984 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:27:20.0138 3984 iphlpsvc - ok
16:27:20.0168 3984 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:27:20.0174 3984 IPMIDRV - ok
16:27:20.0196 3984 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:27:20.0200 3984 IPNAT - ok
16:27:20.0335 3984 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
16:27:20.0365 3984 iPod Service - ok
16:27:20.0374 3984 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:27:20.0375 3984 IRENUM - ok
16:27:20.0382 3984 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:27:20.0383 3984 isapnp - ok
16:27:20.0415 3984 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:27:20.0428 3984 iScsiPrt - ok
16:27:20.0435 3984 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:27:20.0436 3984 kbdclass - ok
16:27:20.0458 3984 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:27:20.0459 3984 kbdhid - ok
16:27:20.0470 3984 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:27:20.0472 3984 KeyIso - ok
16:27:20.0493 3984 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:27:20.0497 3984 KSecDD - ok
16:27:20.0517 3984 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:27:20.0529 3984 KSecPkg - ok
16:27:20.0536 3984 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:27:20.0537 3984 ksthunk - ok
16:27:20.0560 3984 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:27:20.0569 3984 KtmRm - ok
16:27:20.0595 3984 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:27:20.0604 3984 LanmanServer - ok
16:27:20.0637 3984 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:27:20.0651 3984 LanmanWorkstation - ok
16:27:20.0680 3984 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:27:20.0682 3984 lltdio - ok
16:27:20.0705 3984 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:27:20.0715 3984 lltdsvc - ok
16:27:20.0722 3984 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:27:20.0724 3984 lmhosts - ok
16:27:20.0746 3984 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:27:20.0751 3984 LSI_FC - ok
16:27:20.0770 3984 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:27:20.0774 3984 LSI_SAS - ok
16:27:20.0788 3984 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:27:20.0790 3984 LSI_SAS2 - ok
16:27:20.0804 3984 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:27:20.0808 3984 LSI_SCSI - ok
16:27:20.0832 3984 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:27:20.0836 3984 luafv - ok
16:27:20.0870 3984 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
16:27:20.0884 3984 LVRS64 - ok
16:27:21.0117 3984 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
16:27:21.0199 3984 LVUVC64 - ok
16:27:21.0263 3984 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:27:21.0278 3984 Mcx2Svc - ok
16:27:21.0298 3984 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:27:21.0299 3984 megasas - ok
16:27:21.0316 3984 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:27:21.0328 3984 MegaSR - ok
16:27:21.0342 3984 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:27:21.0344 3984 MMCSS - ok
16:27:21.0357 3984 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:27:21.0358 3984 Modem - ok
16:27:21.0378 3984 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:27:21.0379 3984 monitor - ok
16:27:21.0401 3984 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:27:21.0402 3984 mouclass - ok
16:27:21.0419 3984 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:27:21.0420 3984 mouhid - ok
16:27:21.0433 3984 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:27:21.0436 3984 mountmgr - ok
16:27:21.0501 3984 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:27:21.0513 3984 MpFilter - ok
16:27:21.0548 3984 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:27:21.0561 3984 mpio - ok
16:27:21.0577 3984 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:27:21.0584 3984 mpsdrv - ok
16:27:21.0632 3984 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:27:21.0651 3984 MpsSvc - ok
16:27:21.0673 3984 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:27:21.0686 3984 MRxDAV - ok
16:27:21.0714 3984 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:27:21.0727 3984 mrxsmb - ok
16:27:21.0774 3984 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:27:21.0784 3984 mrxsmb10 - ok
16:27:21.0799 3984 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:27:21.0804 3984 mrxsmb20 - ok
16:27:21.0810 3984 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:27:21.0812 3984 msahci - ok
16:27:21.0825 3984 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:27:21.0830 3984 msdsm - ok
16:27:21.0852 3984 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:27:21.0865 3984 MSDTC - ok
16:27:21.0876 3984 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:27:21.0878 3984 Msfs - ok
16:27:21.0882 3984 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:27:21.0883 3984 mshidkmdf - ok
16:27:21.0888 3984 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:27:21.0890 3984 msisadrv - ok
16:27:21.0929 3984 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:27:21.0940 3984 MSiSCSI - ok
16:27:21.0944 3984 msiserver - ok
16:27:21.0959 3984 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:27:21.0960 3984 MSKSSRV - ok
16:27:21.0997 3984 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:27:21.0998 3984 MsMpSvc - ok
16:27:22.0011 3984 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:27:22.0012 3984 MSPCLOCK - ok
16:27:22.0020 3984 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:27:22.0021 3984 MSPQM - ok
16:27:22.0053 3984 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:27:22.0063 3984 MsRPC - ok
16:27:22.0071 3984 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:27:22.0072 3984 mssmbios - ok
16:27:22.0084 3984 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:27:22.0085 3984 MSTEE - ok
16:27:22.0097 3984 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:27:22.0098 3984 MTConfig - ok
16:27:22.0115 3984 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:27:22.0117 3984 Mup - ok
16:27:22.0146 3984 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:27:22.0161 3984 napagent - ok
16:27:22.0198 3984 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:27:22.0206 3984 NativeWifiP - ok
16:27:22.0269 3984 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:27:22.0286 3984 NDIS - ok
16:27:22.0303 3984 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:27:22.0304 3984 NdisCap - ok
16:27:22.0318 3984 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:27:22.0320 3984 NdisTapi - ok
16:27:22.0332 3984 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:27:22.0333 3984 Ndisuio - ok
16:27:22.0362 3984 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:27:22.0374 3984 NdisWan - ok
16:27:22.0408 3984 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:27:22.0410 3984 NDProxy - ok
16:27:22.0426 3984 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:27:22.0427 3984 NetBIOS - ok
16:27:22.0447 3984 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:27:22.0459 3984 NetBT - ok
16:27:22.0478 3984 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:27:22.0479 3984 Netlogon - ok
16:27:22.0508 3984 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:27:22.0519 3984 Netman - ok
16:27:22.0546 3984 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:27:22.0562 3984 netprofm - ok
16:27:22.0586 3984 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:27:22.0591 3984 NetTcpPortSharing - ok
16:27:22.0611 3984 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:27:22.0613 3984 nfrd960 - ok
16:27:22.0660 3984 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:27:22.0673 3984 NisDrv - ok
16:27:22.0729 3984 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
16:27:22.0739 3984 NisSrv - ok
16:27:22.0766 3984 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:27:22.0776 3984 NlaSvc - ok
16:27:22.0788 3984 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:27:22.0790 3984 Npfs - ok
16:27:22.0796 3984 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:27:22.0799 3984 nsi - ok
16:27:22.0813 3984 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:27:22.0814 3984 nsiproxy - ok
16:27:22.0880 3984 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
16:27:22.0919 3984 Ntfs - ok
16:27:22.0976 3984 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:27:22.0977 3984 Null - ok
16:27:23.0005 3984 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
16:27:23.0018 3984 nvraid - ok
16:27:23.0032 3984 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
16:27:23.0045 3984 nvstor - ok
16:27:23.0066 3984 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:27:23.0079 3984 nv_agp - ok
16:27:23.0149 3984 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:27:23.0165 3984 odserv - ok
16:27:23.0195 3984 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:27:23.0201 3984 ohci1394 - ok
16:27:23.0233 3984 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:27:23.0246 3984 ose - ok
16:27:23.0276 3984 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:27:23.0285 3984 p2pimsvc - ok
16:27:23.0316 3984 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:27:23.0331 3984 p2psvc - ok
16:27:23.0345 3984 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:27:23.0349 3984 Parport - ok
16:27:23.0369 3984 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:27:23.0374 3984 partmgr - ok
16:27:23.0396 3984 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:27:23.0408 3984 PcaSvc - ok
16:27:23.0432 3984 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:27:23.0445 3984 pci - ok
16:27:23.0458 3984 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:27:23.0459 3984 pciide - ok
16:27:23.0480 3984 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:27:23.0492 3984 pcmcia - ok
16:27:23.0501 3984 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:27:23.0503 3984 pcw - ok
16:27:23.0540 3984 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:27:23.0553 3984 PEAUTH - ok
16:27:23.0597 3984 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:27:23.0600 3984 PerfHost - ok
16:27:23.0664 3984 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:27:23.0697 3984 pla - ok
16:27:23.0742 3984 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:27:23.0753 3984 PlugPlay - ok
16:27:23.0767 3984 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:27:23.0770 3984 PNRPAutoReg - ok
16:27:23.0786 3984 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:27:23.0790 3984 PNRPsvc - ok
16:27:23.0843 3984 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:27:23.0858 3984 PolicyAgent - ok
16:27:23.0881 3984 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:27:23.0895 3984 Power - ok
16:27:23.0942 3984 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:27:23.0946 3984 PptpMiniport - ok
16:27:23.0952 3984 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:27:23.0953 3984 Processor - ok
16:27:23.0976 3984 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
16:27:23.0987 3984 ProfSvc - ok
16:27:24.0005 3984 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:27:24.0006 3984 ProtectedStorage - ok
16:27:24.0023 3984 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:27:24.0026 3984 Psched - ok
16:27:24.0089 3984 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:27:24.0121 3984 ql2300 - ok
16:27:24.0188 3984 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:27:24.0192 3984 ql40xx - ok
16:27:24.0208 3984 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:27:24.0220 3984 QWAVE - ok
16:27:24.0229 3984 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:27:24.0231 3984 QWAVEdrv - ok
16:27:24.0241 3984 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:27:24.0242 3984 RasAcd - ok
16:27:24.0266 3984 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:27:24.0267 3984 RasAgileVpn - ok
16:27:24.0282 3984 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:27:24.0288 3984 RasAuto - ok
16:27:24.0306 3984 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:27:24.0311 3984 Rasl2tp - ok
16:27:24.0354 3984 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:27:24.0372 3984 RasMan - ok
16:27:24.0385 3984 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:27:24.0388 3984 RasPppoe - ok
16:27:24.0405 3984 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:27:24.0411 3984 RasSstp - ok
16:27:24.0433 3984 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:27:24.0443 3984 rdbss - ok
16:27:24.0460 3984 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:27:24.0461 3984 rdpbus - ok
16:27:24.0473 3984 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:27:24.0474 3984 RDPCDD - ok
16:27:24.0490 3984 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:27:24.0490 3984 RDPENCDD - ok
16:27:24.0497 3984 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:27:24.0497 3984 RDPREFMP - ok
16:27:24.0521 3984 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:27:24.0532 3984 RDPWD - ok
16:27:24.0553 3984 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:27:24.0567 3984 rdyboost - ok
16:27:24.0578 3984 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:27:24.0584 3984 RemoteAccess - ok
16:27:24.0613 3984 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:27:24.0626 3984 RemoteRegistry - ok
16:27:24.0646 3984 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:27:24.0648 3984 RpcEptMapper - ok
16:27:24.0653 3984 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:27:24.0655 3984 RpcLocator - ok
16:27:24.0684 3984 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:27:24.0688 3984 RpcSs - ok
16:27:24.0706 3984 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:27:24.0712 3984 rspndr - ok
16:27:24.0745 3984 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:27:24.0768 3984 RTL8167 - ok
16:27:24.0779 3984 RtNdPt60 (2b38c905492f36fe42b59da52d6b4eb7) C:\Windows\system32\DRIVERS\RtNdPt60.sys
16:27:24.0780 3984 RtNdPt60 - ok
16:27:24.0806 3984 RTTEAMPT (3fb2fd668fa4cd4aed1953f85f916cf1) C:\Windows\system32\DRIVERS\RtTeam60.sys
16:27:24.0807 3984 RTTEAMPT - ok
16:27:24.0822 3984 RTVLANPT (8b6b42d782202363a562f82b0e13b1c0) C:\Windows\system32\DRIVERS\RtVlan60.sys
16:27:24.0824 3984 RTVLANPT - ok
16:27:24.0839 3984 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:27:24.0840 3984 SamSs - ok
16:27:24.0865 3984 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:27:24.0875 3984 sbp2port - ok
16:27:24.0889 3984 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:27:24.0902 3984 SCardSvr - ok
16:27:24.0917 3984 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:27:24.0918 3984 scfilter - ok
16:27:24.0980 3984 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:27:25.0002 3984 Schedule - ok
16:27:25.0037 3984 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:27:25.0038 3984 SCPolicySvc - ok
16:27:25.0053 3984 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:27:25.0065 3984 SDRSVC - ok
16:27:25.0141 3984 SDScannerService (43d29ecb8137eeae30b0970bbc7a5500) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
16:27:25.0164 3984 SDScannerService - ok
16:27:25.0240 3984 SDUpdateService (6b859b122e85c2c833e6d8c5dc4b07f3) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
16:27:25.0266 3984 SDUpdateService - ok
16:27:25.0291 3984 SDWSCService (59dce6783f9ed27eb72c81466e363bf8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
16:27:25.0294 3984 SDWSCService - ok
16:27:25.0365 3984 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:27:25.0366 3984 secdrv - ok
16:27:25.0374 3984 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:27:25.0377 3984 seclogon - ok
16:27:25.0398 3984 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:27:25.0401 3984 SENS - ok
16:27:25.0413 3984 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:27:25.0416 3984 SensrSvc - ok
16:27:25.0433 3984 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:27:25.0434 3984 Serenum - ok
16:27:25.0447 3984 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:27:25.0450 3984 Serial - ok
16:27:25.0465 3984 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:27:25.0467 3984 sermouse - ok
16:27:25.0488 3984 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:27:25.0501 3984 SessionEnv - ok
16:27:25.0532 3984 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:27:25.0534 3984 sffdisk - ok
16:27:25.0542 3984 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:27:25.0544 3984 sffp_mmc - ok
16:27:25.0556 3984 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:27:25.0557 3984 sffp_sd - ok
16:27:25.0568 3984 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:27:25.0569 3984 sfloppy - ok
16:27:25.0605 3984 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:27:25.0614 3984 SharedAccess - ok
16:27:25.0645 3984 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:27:25.0655 3984 ShellHWDetection - ok
16:27:25.0677 3984 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:27:25.0678 3984 SiSRaid2 - ok
16:27:25.0695 3984 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:27:25.0701 3984 SiSRaid4 - ok
16:27:25.0720 3984 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:27:25.0722 3984 Smb - ok
16:27:25.0742 3984 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:27:25.0746 3984 SNMPTRAP - ok
16:27:25.0751 3984 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:27:25.0753 3984 spldr - ok
16:27:25.0808 3984 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:27:25.0828 3984 Spooler - ok
16:27:25.0948 3984 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:27:26.0003 3984 sppsvc - ok
16:27:26.0069 3984 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:27:26.0072 3984 sppuinotify - ok
16:27:26.0103 3984 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:27:26.0118 3984 srv - ok
16:27:26.0166 3984 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:27:26.0181 3984 srv2 - ok
16:27:26.0192 3984 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:27:26.0195 3984 srvnet - ok
16:27:26.0213 3984 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:27:26.0225 3984 SSDPSRV - ok
16:27:26.0241 3984 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:27:26.0256 3984 SstpSvc - ok
16:27:26.0266 3984 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:27:26.0273 3984 stexstor - ok
16:27:26.0309 3984 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:27:26.0322 3984 stisvc - ok
16:27:26.0349 3984 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:27:26.0350 3984 swenum - ok
16:27:26.0379 3984 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:27:26.0393 3984 swprv - ok
16:27:26.0457 3984 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:27:26.0493 3984 SysMain - ok
16:27:26.0564 3984 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:27:26.0577 3984 TabletInputService - ok
16:27:26.0604 3984 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:27:26.0613 3984 TapiSrv - ok
16:27:26.0630 3984 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:27:26.0633 3984 TBS - ok
16:27:26.0728 3984 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:27:26.0761 3984 Tcpip - ok
16:27:26.0879 3984 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:27:26.0890 3984 TCPIP6 - ok
16:27:26.0950 3984 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:27:26.0952 3984 tcpipreg - ok
16:27:26.0971 3984 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:27:26.0972 3984 TDPIPE - ok
16:27:26.0985 3984 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:27:26.0986 3984 TDTCP - ok
16:27:27.0000 3984 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:27:27.0005 3984 tdx - ok
16:27:27.0019 3984 TEAM (3fb2fd668fa4cd4aed1953f85f916cf1) C:\Windows\system32\DRIVERS\RtTeam60.sys
16:27:27.0019 3984 TEAM - ok
16:27:27.0032 3984 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:27:27.0033 3984 TermDD - ok
16:27:27.0068 3984 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:27:27.0089 3984 TermService - ok
16:27:27.0098 3984 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:27:27.0101 3984 Themes - ok
16:27:27.0114 3984 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:27:27.0116 3984 THREADORDER - ok
16:27:27.0132 3984 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:27:27.0145 3984 TrkWks - ok
16:27:27.0168 3984 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:27:27.0179 3984 TrustedInstaller - ok
16:27:27.0190 3984 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:27:27.0192 3984 tssecsrv - ok
16:27:27.0221 3984 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:27:27.0222 3984 TsUsbFlt - ok
16:27:27.0252 3984 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:27:27.0257 3984 tunnel - ok
16:27:27.0274 3984 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:27:27.0276 3984 uagp35 - ok
16:27:27.0296 3984 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:27:27.0306 3984 udfs - ok
16:27:27.0324 3984 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:27:27.0327 3984 UI0Detect - ok
16:27:27.0346 3984 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:27:27.0348 3984 uliagpkx - ok
16:27:27.0392 3984 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:27:27.0394 3984 umbus - ok
16:27:27.0411 3984 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:27:27.0412 3984 UmPass - ok
16:27:27.0489 3984 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:27:27.0511 3984 UMVPFSrv - ok
16:27:27.0537 3984 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:27:27.0555 3984 upnphost - ok
16:27:27.0579 3984 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:27:27.0581 3984 USBAAPL64 - ok
16:27:27.0601 3984 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:27:27.0631 3984 usbaudio - ok
16:27:27.0644 3984 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
16:27:27.0657 3984 usbccgp - ok
16:27:27.0698 3984 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:27:27.0703 3984 usbcir - ok
16:27:27.0721 3984 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
16:27:27.0722 3984 usbehci - ok
16:27:27.0746 3984 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\DRIVERS\usbhub.sys
16:27:27.0757 3984 usbhub - ok
16:27:27.0769 3984 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
16:27:27.0770 3984 usbohci - ok
16:27:27.0790 3984 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:27:27.0791 3984 usbprint - ok
16:27:27.0806 3984 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:27:27.0811 3984 USBSTOR - ok
16:27:27.0818 3984 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
16:27:27.0820 3984 usbuhci - ok
16:27:27.0856 3984 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
16:27:27.0875 3984 usbvideo - ok
16:27:27.0883 3984 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:27:27.0886 3984 UxSms - ok
16:27:27.0903 3984 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:27:27.0905 3984 VaultSvc - ok
16:27:27.0923 3984 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:27:27.0924 3984 vdrvroot - ok
16:27:27.0955 3984 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:27:27.0972 3984 vds - ok
16:27:27.0986 3984 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:27:27.0988 3984 vga - ok
16:27:28.0002 3984 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:27:28.0004 3984 VgaSave - ok
16:27:28.0028 3984 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:27:28.0039 3984 vhdmp - ok
16:27:28.0045 3984 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:27:28.0047 3984 viaide - ok
16:27:28.0059 3984 VLAN (8b6b42d782202363a562f82b0e13b1c0) C:\Windows\system32\DRIVERS\RtVLAN60.sys
16:27:28.0060 3984 VLAN - ok
16:27:28.0068 3984 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:27:28.0070 3984 volmgr - ok
16:27:28.0098 3984 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:27:28.0107 3984 volmgrx - ok
16:27:28.0133 3984 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:27:28.0143 3984 volsnap - ok
16:27:28.0172 3984 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:27:28.0185 3984 vsmraid - ok
16:27:28.0262 3984 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:27:28.0293 3984 VSS - ok
16:27:28.0361 3984 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
16:27:28.0363 3984 vwifibus - ok
16:27:28.0384 3984 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:27:28.0401 3984 W32Time - ok
16:27:28.0421 3984 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:27:28.0423 3984 WacomPen - ok
16:27:28.0444 3984 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:27:28.0450 3984 WANARP - ok
16:27:28.0453 3984 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:27:28.0454 3984 Wanarpv6 - ok
16:27:28.0533 3984 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:27:28.0560 3984 WatAdminSvc - ok
16:27:28.0623 3984 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:27:28.0657 3984 wbengine - ok
16:27:28.0705 3984 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:27:28.0717 3984 WbioSrvc - ok
16:27:28.0744 3984 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:27:28.0761 3984 wcncsvc - ok
16:27:28.0772 3984 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:27:28.0775 3984 WcsPlugInService - ok
16:27:28.0784 3984 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:27:28.0785 3984 Wd - ok
16:27:28.0817 3984 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:27:28.0830 3984 Wdf01000 - ok
16:27:28.0844 3984 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:27:28.0848 3984 WdiServiceHost - ok
16:27:28.0851 3984 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:27:28.0854 3984 WdiSystemHost - ok
16:27:28.0878 3984 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:27:28.0888 3984 WebClient - ok
16:27:28.0908 3984 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:27:28.0919 3984 Wecsvc - ok
16:27:28.0931 3984 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:27:28.0945 3984 wercplsupport - ok
16:27:28.0969 3984 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:27:28.0983 3984 WerSvc - ok
16:27:28.0995 3984 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:27:28.0997 3984 WfpLwf - ok
16:27:29.0007 3984 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:27:29.0008 3984 WIMMount - ok
16:27:29.0014 3984 WinDefend - ok
16:27:29.0020 3984 WinHttpAutoProxySvc - ok
16:27:29.0067 3984 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:27:29.0080 3984 Winmgmt - ok
16:27:29.0174 3984 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:27:29.0215 3984 WinRM - ok
16:27:29.0303 3984 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:27:29.0305 3984 WinUsb - ok
16:27:29.0344 3984 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:27:29.0362 3984 Wlansvc - ok
16:27:29.0484 3984 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:27:29.0523 3984 wlidsvc - ok
16:27:29.0590 3984 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:27:29.0591 3984 WmiAcpi - ok
16:27:29.0623 3984 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:27:29.0635 3984 wmiApSrv - ok
16:27:29.0648 3984 WMPNetworkSvc - ok
16:27:29.0655 3984 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:27:29.0659 3984 WPCSvc - ok
16:27:29.0679 3984 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:27:29.0692 3984 WPDBusEnum - ok
16:27:29.0706 3984 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:27:29.0707 3984 ws2ifsl - ok
16:27:29.0720 3984 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:27:29.0734 3984 wscsvc - ok
16:27:29.0737 3984 WSearch - ok
16:27:29.0932 3984 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:27:29.0991 3984 wuauserv - ok
16:27:30.0062 3984 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:27:30.0068 3984 WudfPf - ok
16:27:30.0092 3984 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:27:30.0104 3984 WUDFRd - ok
16:27:30.0126 3984 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:27:30.0131 3984 wudfsvc - ok
16:27:30.0152 3984 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:27:30.0164 3984 WwanSvc - ok
16:27:30.0172 3984 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:27:30.0427 3984 \Device\Harddisk0\DR0 - ok
16:27:30.0442 3984 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
16:27:30.0497 3984 \Device\Harddisk1\DR1 - ok
16:27:30.0501 3984 Boot (0x1200) (5c64efe5696a27abe501d732a00f3587) \Device\Harddisk0\DR0\Partition0
16:27:30.0502 3984 \Device\Harddisk0\DR0\Partition0 - ok
16:27:30.0519 3984 Boot (0x1200) (6dded27b5eef514a6d7d6dcbab54541b) \Device\Harddisk0\DR0\Partition1
16:27:30.0520 3984 \Device\Harddisk0\DR0\Partition1 - ok
16:27:30.0523 3984 Boot (0x1200) (aeaca1f64ae8f853b630783efaa3f366) \Device\Harddisk1\DR1\Partition0
16:27:30.0525 3984 \Device\Harddisk1\DR1\Partition0 - ok
16:27:30.0527 3984 Boot (0x1200) (0ec9792eabe2f2dbd968b66142cc4349) \Device\Harddisk1\DR1\Partition1
16:27:30.0529 3984 \Device\Harddisk1\DR1\Partition1 - ok
16:27:30.0529 3984 ============================================================
16:27:30.0529 3984 Scan finished
16:27:30.0529 3984 ============================================================
16:27:30.0538 7668 Detected object count: 0
16:27:30.0538 7668 Actual detected object count: 0



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-05 16:30:16
-----------------------------
16:30:16.314 OS Version: Windows x64 6.1.7601 Service Pack 1
16:30:16.315 Number of processors: 2 586 0xF0B
16:30:16.315 ComputerName: SHERI-PC UserName: Sheri
16:30:16.654 Initialize success
16:31:05.605 AVAST engine defs: 12080501
16:31:24.995 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
16:31:24.997 Disk 0 Vendor: ST95005620AS SD28 Size: 476938MB BusType: 3
16:31:24.999 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
16:31:25.001 Disk 1 Vendor: ST3500418AS CC38 Size: 476938MB BusType: 3
16:31:25.035 Disk 0 MBR read successfully
16:31:25.037 Disk 0 MBR scan
16:31:25.041 Disk 0 Windows 7 default MBR code
16:31:25.045 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 102924 MB offset 63
16:31:25.069 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 374014 MB offset 210789376
16:31:25.119 Disk 0 scanning C:\Windows\system32\drivers
16:31:33.354 Service scanning
16:31:53.495 Modules scanning
16:31:53.501 Disk 0 trace - called modules:
16:31:53.507 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
16:31:53.510 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800461a060]
16:31:53.514 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa80044da520]
16:31:53.522 5 ACPI.sys[fffff88000f807a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80044cd060]
16:31:54.104 AVAST engine scan C:\Windows
16:31:55.642 AVAST engine scan C:\Windows\system32
16:34:58.898 AVAST engine scan C:\Windows\system32\drivers
16:35:09.353 AVAST engine scan C:\Users\Sheri
16:40:43.487 AVAST engine scan C:\ProgramData
16:41:18.368 Scan finished successfully
16:41:37.549 Disk 0 MBR has been saved successfully to "C:\Users\Sheri\Desktop\MBR.dat"
16:41:37.602 The log file has been saved successfully to "C:\Users\Sheri\Desktop\aswMBR.txt"



ESET found no threats



Thanks, Casey

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:34 AM

Posted 05 August 2012 - 06:33 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 CaseyH71

CaseyH71
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 06 August 2012 - 06:23 PM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.06.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sheri :: SHERI-PC [administrator]

8/6/2012 11:36:45 AM
mbam-log-2012-08-06 (11-36-45).txt

Scan type: Full scan (C:\|D:\|F:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 330929
Time elapsed: 28 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



RogueKiller V7.6.5 [08/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Sheri [Admin rights]
Mode: HOSTSFix -- Date: 08/06/2012 17:10:21

Bad processes: 0

Driver: [NOT LOADED]

HOSTS File:
127.0.0.1 localhost
::1 localhost
176.9.75.3 www.google-analytics.com.
176.9.75.3 ad-emea.doubleclick.net.
176.9.75.3 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt



MiniToolBox by Farbar Version: 23-07-2012
Ran by Sheri (administrator) on 06-08-2012 at 17:13:04
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Sheri-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-1A-4D-4E-17-DD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8c36:69c3:dedf:63cc%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.20(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, August 06, 2012 11:33:38 AM
Lease Expires . . . . . . . . . . : Tuesday, August 07, 2012 5:07:44 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 268442189
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-03-CD-0D-00-1A-4D-4E-17-DD
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{83C0AB45-7CF4-4893-A321-CCAADD2FD76F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:145f:638:e7f5:7e14(Preferred)
Link-local IPv6 Address . . . . . : fe80::145f:638:e7f5:7e14%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:400f:800::1008
74.125.225.174
74.125.225.169
74.125.225.165
74.125.225.168
74.125.225.166
74.125.225.160
74.125.225.164
74.125.225.167
74.125.225.161
74.125.225.162
74.125.225.163


Pinging google.com [74.125.225.169] with 32 bytes of data:
Reply from 74.125.225.169: bytes=32 time=23ms TTL=55
Reply from 74.125.225.169: bytes=32 time=23ms TTL=55

Ping statistics for 74.125.225.169:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 23ms, Average = 23ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=40ms TTL=53
Reply from 209.191.122.70: bytes=32 time=41ms TTL=53

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 40ms, Maximum = 41ms, Average = 40ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 1a 4d 4e 17 dd ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.20 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.20 266
192.168.1.20 255.255.255.255 On-link 192.168.1.20 266
192.168.1.255 255.255.255.255 On-link 192.168.1.20 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.20 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.20 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 58 ::/0 On-link
1 306 ::1/128 On-link
10 58 2001::/32 On-link
10 306 2001:0:4137:9e76:145f:638:e7f5:7e14/128
On-link
11 266 fe80::/64 On-link
10 306 fe80::/64 On-link
10 306 fe80::145f:638:e7f5:7e14/128
On-link
11 266 fe80::8c36:69c3:dedf:63cc/128
On-link
1 306 ff00::/8 On-link
10 306 ff00::/8 On-link
11 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/06/2012 05:09:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/05/2012 06:07:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/05/2012 04:41:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2012 11:55:49 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: hpljbfig.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bdf2a
Exception code: 0xc0000005
Fault offset: 0x000007fef875963f
Faulting process id: 0x670
Faulting application start time: 0xsvchost.exe_stisvc0
Faulting application path: svchost.exe_stisvc1
Faulting module path: svchost.exe_stisvc2
Report Id: svchost.exe_stisvc3

Error: (07/12/2012 00:34:49 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/12/2012 00:34:49 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/12/2012 00:24:40 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/12/2012 00:24:40 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/12/2012 00:24:40 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/12/2012 00:24:40 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (08/06/2012 00:34:36 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (07/26/2012 04:15:19 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (07/23/2012 02:20:07 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (07/23/2012 11:55:49 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).

Error: (07/15/2012 00:02:46 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (07/12/2012 00:39:54 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (07/12/2012 11:48:39 AM) (Source: Service Control Manager) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/12/2012 09:50:29 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (07/12/2012 03:32:06 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (07/07/2012 01:50:32 PM) (Source: DCOM) (User: Sheri-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Sheri-PCSheriS-1-5-21-3169254489-3509000803-873393796-1001LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (05/11/2011 04:21:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12897 seconds with 2400 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.13 beta
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.61205.2219)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Audible Download Manager (Version: 6.6.0.15)
Avery Wizard 4.0 (Version: 4.0.4)
CameraHelperMsi (Version: 13.50.854.0)
Canon Inkjet Printer Driver Add-On Module
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1205.2215.39827)
Catalyst Control Center Graphics Previews Common (Version: 2011.1205.2215.39827)
Catalyst Control Center Localization All (Version: 2011.1205.2215.39827)
ccc-utility64 (Version: 2011.1205.2215.39827)
CCC Help Chinese Standard (Version: 2011.1205.2214.39827)
CCC Help Chinese Traditional (Version: 2011.1205.2214.39827)
CCC Help Czech (Version: 2011.1205.2214.39827)
CCC Help Danish (Version: 2011.1205.2214.39827)
CCC Help Dutch (Version: 2011.1205.2214.39827)
CCC Help English (Version: 2011.1205.2214.39827)
CCC Help Finnish (Version: 2011.1205.2214.39827)
CCC Help French (Version: 2011.1205.2214.39827)
CCC Help German (Version: 2011.1205.2214.39827)
CCC Help Greek (Version: 2011.1205.2214.39827)
CCC Help Hungarian (Version: 2011.1205.2214.39827)
CCC Help Italian (Version: 2011.1205.2214.39827)
CCC Help Japanese (Version: 2011.1205.2214.39827)
CCC Help Korean (Version: 2011.1205.2214.39827)
CCC Help Norwegian (Version: 2011.1205.2214.39827)
CCC Help Polish (Version: 2011.1205.2214.39827)
CCC Help Portuguese (Version: 2011.1205.2214.39827)
CCC Help Russian (Version: 2011.1205.2214.39827)
CCC Help Spanish (Version: 2011.1205.2214.39827)
CCC Help Swedish (Version: 2011.1205.2214.39827)
CCC Help Thai (Version: 2011.1205.2214.39827)
CCC Help Turkish (Version: 2011.1205.2214.39827)
CCleaner (Version: 3.20)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Diagnostic Utility (Version: 1.00.0000)
erLT (Version: 1.20.138.34)
Google Chrome (Version: 21.0.1180.60)
Google Chrome Frame (Version: 21.0.1180.60)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
GoToMeeting 4.5.0.457
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (Version: 6.0.330)
Logitech Webcam Software (Version: 2.31)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.50.854.0)
LWS Help_main (Version: 13.50.862.0)
LWS Launcher (Version: 13.50.859.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.50.861.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NETGEAR Live Parental Controls User Utility 1.0b38 (Version: 1.0b38)
ODF Add-in for Microsoft Office (Version: 4.0.5309.0)
QT Lite 4.1.0 (Version: 4.1.0)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0009)
Realtek High Definition Audio Driver (Version: 6.0.1.5998)
Scan to PDF (Version: 2.27)
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 2.0.9)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 4094.49 MB
Available physical RAM: 3073.68 MB
Total Pagefile: 8187.18 MB
Available Pagefile: 5854.63 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.23 MB

========================= Partitions: =====================================

1 Drive c: (Win7_Boot) (Fixed) (Total:100.51 GB) (Free:55.07 GB) NTFS
2 Drive d: (D1_Docs) (Fixed) (Total:265.44 GB) (Free:246.79 GB) NTFS
4 Drive f: (D0_Storage) (Fixed) (Total:365.25 GB) (Free:312.87 GB) NTFS
5 Drive g: (D1_Backups) (Fixed) (Total:200.3 GB) (Free:148.92 GB) NTFS

========================= Users: ========================================

User accounts for \\SHERI-PC

Administrator Guest Sheri


**** End of log ****



Farbar Service Scanner Version: 06-08-2012
Ran by Sheri (administrator) on 06-08-2012 at 17:15:01
Running from "D:\Sheri\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



# AdwCleaner v1.800 - Logfile created 08/06/2012 at 17:18:51
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Sheri - SHERI-PC
# Running from : D:\Sheri\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.60

File : C:\Users\Sheri\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [264 octets] - [06/08/2012 17:17:13]
AdwCleaner[S2].txt - [786 octets] - [06/08/2012 17:18:51]

########## EOF - C:\AdwCleaner[S2].txt - [913 octets] ##########



Thanks again! Casey

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:34 AM

Posted 06 August 2012 - 11:34 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users