Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Do I still have Zero Access or Generic.dxlb2qi?


  • Please log in to reply
15 replies to this topic

#1 joe_305

joe_305

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 02 August 2012 - 12:50 AM

My Toshiba laptop running Windows 7 recently started redirecting me to different websites while browsing in Firefox and McAfee (VirusScan Enterprise 8.8) wasn't working. The McAfee quarantine was also full of ZeroAccess and Generic.dxlb2qi. I reinstalled McAfee and that now works well, it seems. I ran some full scans that caught and fixed some bad files. Subsequent McAfee scans have found nothing. I also ran TDSS Killer, which has not found anything on multiple runs over many days. Same with Malwarebytes that has not detected any dangerous files. The computer seems to be running fine. My question is whether I truly removed the trojans. The computer clearly redirected to me to other financial-related websites, but my fix seemed too easy. How can I be sure I don't have ZeroAccess still lurking? Thank you.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 AM

Posted 02 August 2012 - 12:54 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 joe_305

joe_305
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 02 August 2012 - 08:20 PM

Thanks for the help. Here are results.

08:40:19.0685 2716 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
08:40:20.0216 2716 ============================================================
08:40:20.0216 2716 Current date / time: 2012/08/02 08:40:20.0216
08:40:20.0216 2716 SystemInfo:
08:40:20.0216 2716
08:40:20.0216 2716 OS Version: 6.1.7601 ServicePack: 1.0
08:40:20.0216 2716 Product type: Workstation
08:40:20.0216 2716 ComputerName: MARK-PC
08:40:20.0216 2716 UserName: Mark
08:40:20.0216 2716 Windows directory: C:\windows
08:40:20.0216 2716 System windows directory: C:\windows
08:40:20.0216 2716 Running under WOW64
08:40:20.0216 2716 Processor architecture: Intel x64
08:40:20.0216 2716 Number of processors: 2
08:40:20.0216 2716 Page size: 0x1000
08:40:20.0216 2716 Boot type: Normal boot
08:40:20.0216 2716 ============================================================
08:40:24.0241 2716 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:40:24.0241 2716 ============================================================
08:40:24.0241 2716 \Device\Harddisk0\DR0:
08:40:24.0241 2716 MBR partitions:
08:40:24.0241 2716 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23F39000
08:40:24.0241 2716 ============================================================
08:40:24.0272 2716 C: <-> \Device\Harddisk0\DR0\Partition0
08:40:24.0272 2716 ============================================================
08:40:24.0272 2716 Initialize success
08:40:24.0272 2716 ============================================================
08:40:33.0413 4252 ============================================================
08:40:33.0413 4252 Scan started
08:40:33.0413 4252 Mode: Manual; TDLFS;
08:40:33.0413 4252 ============================================================
08:40:36.0877 4252 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
08:40:36.0923 4252 1394ohci - ok
08:40:37.0126 4252 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
08:40:37.0126 4252 ACPI - ok
08:40:37.0220 4252 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
08:40:37.0235 4252 AcpiPmi - ok
08:40:37.0516 4252 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:40:37.0516 4252 AdobeARMservice - ok
08:40:38.0000 4252 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:40:38.0015 4252 AdobeFlashPlayerUpdateSvc - ok
08:40:38.0140 4252 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
08:40:38.0187 4252 adp94xx - ok
08:40:38.0249 4252 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
08:40:38.0281 4252 adpahci - ok
08:40:38.0312 4252 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
08:40:38.0343 4252 adpu320 - ok
08:40:38.0374 4252 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
08:40:38.0390 4252 AeLookupSvc - ok
08:40:38.0749 4252 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
08:40:38.0780 4252 AFD - ok
08:40:38.0905 4252 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys
08:40:38.0951 4252 AgereSoftModem - ok
08:40:39.0029 4252 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
08:40:39.0029 4252 agp440 - ok
08:40:39.0045 4252 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
08:40:39.0061 4252 ALG - ok
08:40:39.0092 4252 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
08:40:39.0092 4252 aliide - ok
08:40:39.0185 4252 AMD External Events Utility (98a2774d3f18c107874c8c1163ebe484) C:\windows\system32\atiesrxx.exe
08:40:39.0201 4252 AMD External Events Utility - ok
08:40:39.0263 4252 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
08:40:39.0279 4252 amdide - ok
08:40:39.0310 4252 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
08:40:39.0310 4252 AmdK8 - ok
08:40:39.0326 4252 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
08:40:39.0326 4252 AmdPPM - ok
08:40:39.0497 4252 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
08:40:39.0497 4252 amdsata - ok
08:40:39.0607 4252 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
08:40:39.0622 4252 amdsbs - ok
08:40:39.0794 4252 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
08:40:39.0794 4252 amdxata - ok
08:40:40.0012 4252 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
08:40:40.0075 4252 AppID - ok
08:40:40.0121 4252 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
08:40:40.0121 4252 AppIDSvc - ok
08:40:41.0369 4252 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
08:40:41.0385 4252 Appinfo - ok
08:40:41.0603 4252 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:40:41.0603 4252 Apple Mobile Device - ok
08:40:41.0650 4252 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
08:40:41.0650 4252 arc - ok
08:40:41.0666 4252 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
08:40:41.0666 4252 arcsas - ok
08:40:41.0697 4252 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
08:40:41.0697 4252 AsyncMac - ok
08:40:41.0759 4252 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
08:40:41.0759 4252 atapi - ok
08:40:41.0900 4252 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
08:40:41.0931 4252 athr - ok
08:40:42.0649 4252 atikmdag (173f4c05f87085e9bda3f7037bc9f40e) C:\windows\system32\DRIVERS\atikmdag.sys
08:40:42.0805 4252 atikmdag - ok
08:40:42.0961 4252 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
08:40:42.0961 4252 AtiPcie - ok
08:40:43.0054 4252 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:40:43.0070 4252 AudioEndpointBuilder - ok
08:40:43.0085 4252 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:40:43.0085 4252 AudioSrv - ok
08:40:43.0148 4252 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
08:40:43.0163 4252 AxInstSV - ok
08:40:43.0241 4252 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
08:40:43.0273 4252 b06bdrv - ok
08:40:43.0319 4252 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
08:40:43.0335 4252 b57nd60a - ok
08:40:43.0397 4252 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
08:40:43.0413 4252 BDESVC - ok
08:40:43.0444 4252 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
08:40:43.0444 4252 Beep - ok
08:40:43.0553 4252 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
08:40:43.0694 4252 BITS - ok
08:40:43.0756 4252 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
08:40:43.0756 4252 blbdrive - ok
08:40:44.0146 4252 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
08:40:44.0255 4252 Bonjour Service - ok
08:40:44.0333 4252 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
08:40:44.0349 4252 bowser - ok
08:40:44.0380 4252 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
08:40:44.0396 4252 BrFiltLo - ok
08:40:44.0411 4252 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
08:40:44.0411 4252 BrFiltUp - ok
08:40:44.0458 4252 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
08:40:44.0474 4252 Browser - ok
08:40:44.0521 4252 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
08:40:44.0536 4252 Brserid - ok
08:40:44.0567 4252 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
08:40:44.0567 4252 BrSerWdm - ok
08:40:44.0583 4252 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
08:40:44.0583 4252 BrUsbMdm - ok
08:40:44.0583 4252 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
08:40:44.0599 4252 BrUsbSer - ok
08:40:44.0614 4252 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
08:40:44.0614 4252 BTHMODEM - ok
08:40:44.0692 4252 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
08:40:44.0692 4252 bthserv - ok
08:40:44.0708 4252 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
08:40:44.0708 4252 cdfs - ok
08:40:44.0786 4252 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
08:40:44.0786 4252 cdrom - ok
08:40:44.0864 4252 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:40:44.0879 4252 CertPropSvc - ok
08:40:44.0973 4252 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
08:40:44.0973 4252 cfWiMAXService - ok
08:40:45.0004 4252 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
08:40:45.0004 4252 circlass - ok
08:40:45.0051 4252 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
08:40:45.0067 4252 CLFS - ok
08:40:45.0129 4252 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:40:45.0160 4252 clr_optimization_v2.0.50727_32 - ok
08:40:45.0223 4252 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:40:45.0238 4252 clr_optimization_v2.0.50727_64 - ok
08:40:45.0332 4252 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:40:45.0379 4252 clr_optimization_v4.0.30319_32 - ok
08:40:45.0425 4252 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:40:45.0441 4252 clr_optimization_v4.0.30319_64 - ok
08:40:45.0472 4252 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
08:40:45.0488 4252 CmBatt - ok
08:40:45.0519 4252 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
08:40:45.0519 4252 cmdide - ok
08:40:45.0613 4252 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
08:40:45.0628 4252 CNG - ok
08:40:45.0675 4252 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
08:40:45.0675 4252 Compbatt - ok
08:40:45.0722 4252 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
08:40:45.0722 4252 CompositeBus - ok
08:40:45.0737 4252 COMSysApp - ok
08:40:45.0800 4252 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
08:40:45.0800 4252 ConfigFree Gadget Service - ok
08:40:45.0831 4252 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
08:40:45.0831 4252 ConfigFree Service - ok
08:40:45.0878 4252 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
08:40:45.0878 4252 crcdisk - ok
08:40:45.0956 4252 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
08:40:45.0971 4252 CryptSvc - ok
08:40:46.0065 4252 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:40:46.0065 4252 DcomLaunch - ok
08:40:46.0096 4252 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
08:40:46.0127 4252 defragsvc - ok
08:40:46.0174 4252 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
08:40:46.0174 4252 DfsC - ok
08:40:46.0361 4252 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
08:40:46.0408 4252 Dhcp - ok
08:40:46.0564 4252 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
08:40:46.0564 4252 discache - ok
08:40:46.0705 4252 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
08:40:46.0720 4252 Disk - ok
08:40:46.0845 4252 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
08:40:46.0954 4252 Dnscache - ok
08:40:47.0001 4252 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
08:40:47.0017 4252 dot3svc - ok
08:40:47.0032 4252 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
08:40:47.0110 4252 DPS - ok
08:40:47.0235 4252 DragonSvc (b123656688d67df3a08fe5912203f71b) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
08:40:47.0251 4252 DragonSvc - ok
08:40:47.0282 4252 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
08:40:47.0282 4252 drmkaud - ok
08:40:47.0391 4252 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
08:40:47.0391 4252 DXGKrnl - ok
08:40:47.0438 4252 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
08:40:47.0453 4252 EapHost - ok
08:40:48.0062 4252 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
08:40:48.0187 4252 ebdrv - ok
08:40:48.0280 4252 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
08:40:48.0280 4252 EFS - ok
08:40:48.0421 4252 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
08:40:48.0452 4252 ehRecvr - ok
08:40:48.0499 4252 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
08:40:48.0514 4252 ehSched - ok
08:40:48.0639 4252 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
08:40:48.0655 4252 elxstor - ok
08:40:48.0686 4252 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
08:40:48.0686 4252 ErrDev - ok
08:40:48.0967 4252 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
08:40:49.0076 4252 EventSystem - ok
08:40:49.0138 4252 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
08:40:49.0138 4252 exfat - ok
08:40:49.0201 4252 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
08:40:49.0216 4252 fastfat - ok
08:40:49.0341 4252 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
08:40:49.0372 4252 Fax - ok
08:40:49.0403 4252 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
08:40:49.0403 4252 fdc - ok
08:40:49.0450 4252 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
08:40:49.0450 4252 fdPHost - ok
08:40:49.0450 4252 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
08:40:49.0450 4252 FDResPub - ok
08:40:49.0466 4252 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
08:40:49.0481 4252 FileInfo - ok
08:40:49.0497 4252 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
08:40:49.0497 4252 Filetrace - ok
08:40:49.0528 4252 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
08:40:49.0528 4252 flpydisk - ok
08:40:49.0606 4252 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
08:40:49.0606 4252 FltMgr - ok
08:40:49.0669 4252 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\windows\system32\DRIVERS\FlyUsb.sys
08:40:49.0669 4252 FlyUsb - ok
08:40:49.0825 4252 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
08:40:49.0856 4252 FontCache - ok
08:40:49.0934 4252 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:40:49.0934 4252 FontCache3.0.0.0 - ok
08:40:49.0965 4252 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
08:40:49.0965 4252 FsDepends - ok
08:40:50.0012 4252 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
08:40:50.0012 4252 Fs_Rec - ok
08:40:50.0074 4252 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
08:40:50.0090 4252 fvevol - ok
08:40:50.0121 4252 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys
08:40:50.0121 4252 FwLnk - ok
08:40:50.0168 4252 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
08:40:50.0168 4252 gagp30kx - ok
08:40:50.0230 4252 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
08:40:50.0230 4252 GEARAspiWDM - ok
08:40:50.0324 4252 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
08:40:50.0339 4252 gpsvc - ok
08:40:50.0449 4252 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:40:50.0464 4252 gupdate - ok
08:40:50.0558 4252 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:40:50.0558 4252 gupdatem - ok
08:40:50.0620 4252 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
08:40:50.0636 4252 hcw85cir - ok
08:40:50.0714 4252 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
08:40:50.0729 4252 HdAudAddService - ok
08:40:50.0761 4252 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
08:40:50.0776 4252 HDAudBus - ok
08:40:50.0792 4252 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
08:40:50.0807 4252 HidBatt - ok
08:40:50.0807 4252 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
08:40:50.0807 4252 HidBth - ok
08:40:50.0823 4252 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
08:40:50.0823 4252 HidIr - ok
08:40:50.0854 4252 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
08:40:50.0854 4252 hidserv - ok
08:40:50.0932 4252 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
08:40:50.0932 4252 HidUsb - ok
08:40:50.0979 4252 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
08:40:50.0995 4252 hkmsvc - ok
08:40:51.0073 4252 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
08:40:51.0088 4252 HomeGroupListener - ok
08:40:51.0197 4252 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
08:40:51.0229 4252 HomeGroupProvider - ok
08:40:51.0369 4252 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
08:40:51.0369 4252 HpSAMD - ok
08:40:51.0603 4252 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
08:40:51.0619 4252 HTTP - ok
08:40:51.0665 4252 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
08:40:51.0665 4252 hwpolicy - ok
08:40:51.0743 4252 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
08:40:51.0759 4252 i8042prt - ok
08:40:51.0853 4252 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
08:40:51.0868 4252 iaStorV - ok
08:40:52.0024 4252 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:40:52.0055 4252 idsvc - ok
08:40:52.0102 4252 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
08:40:52.0133 4252 iirsp - ok
08:40:52.0258 4252 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
08:40:52.0274 4252 IKEEXT - ok
08:40:52.0461 4252 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\windows\system32\drivers\RTKVHD64.sys
08:40:52.0477 4252 IntcAzAudAddService - ok
08:40:52.0633 4252 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
08:40:52.0633 4252 intelide - ok
08:40:52.0664 4252 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
08:40:52.0695 4252 intelppm - ok
08:40:52.0804 4252 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
08:40:52.0804 4252 IntuitUpdateService - ok
08:40:52.0913 4252 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
08:40:52.0913 4252 IntuitUpdateServiceV4 - ok
08:40:52.0945 4252 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
08:40:52.0945 4252 IPBusEnum - ok
08:40:53.0007 4252 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
08:40:53.0007 4252 IpFilterDriver - ok
08:40:53.0054 4252 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
08:40:53.0054 4252 IPMIDRV - ok
08:40:53.0101 4252 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
08:40:53.0101 4252 IPNAT - ok
08:40:53.0241 4252 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files\iPod\bin\iPodService.exe
08:40:53.0272 4252 iPod Service - ok
08:40:53.0319 4252 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
08:40:53.0319 4252 IRENUM - ok
08:40:53.0350 4252 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
08:40:53.0350 4252 isapnp - ok
08:40:53.0381 4252 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
08:40:53.0397 4252 iScsiPrt - ok
08:40:53.0413 4252 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
08:40:53.0413 4252 kbdclass - ok
08:40:53.0475 4252 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
08:40:53.0475 4252 kbdhid - ok
08:40:53.0506 4252 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:40:53.0506 4252 KeyIso - ok
08:40:53.0631 4252 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
08:40:53.0631 4252 KSecDD - ok
08:40:53.0740 4252 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
08:40:53.0740 4252 KSecPkg - ok
08:40:53.0818 4252 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
08:40:53.0834 4252 ksthunk - ok
08:40:53.0927 4252 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
08:40:53.0927 4252 KtmRm - ok
08:40:54.0005 4252 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
08:40:54.0115 4252 LanmanServer - ok
08:40:54.0177 4252 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
08:40:54.0271 4252 LanmanWorkstation - ok
08:40:54.0785 4252 LeapFrog Connect Device Service (3c879d04bb6466e2853c3155b635cc45) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
08:40:55.0004 4252 LeapFrog Connect Device Service - ok
08:40:55.0160 4252 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
08:40:55.0175 4252 lltdio - ok
08:40:55.0238 4252 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
08:40:55.0269 4252 lltdsvc - ok
08:40:55.0300 4252 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
08:40:55.0316 4252 lmhosts - ok
08:40:55.0378 4252 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
08:40:55.0378 4252 LSI_FC - ok
08:40:55.0394 4252 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
08:40:55.0394 4252 LSI_SAS - ok
08:40:55.0425 4252 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
08:40:55.0425 4252 LSI_SAS2 - ok
08:40:55.0472 4252 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
08:40:55.0472 4252 LSI_SCSI - ok
08:40:55.0503 4252 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
08:40:55.0519 4252 luafv - ok
08:40:55.0675 4252 McAfeeFramework (3ef9511390f9106dd8cf0747baeb335c) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
08:40:55.0768 4252 McAfeeFramework - ok
08:40:55.0909 4252 McShield (3243e462de3d307b8b1f85707be0cbfc) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
08:40:56.0002 4252 McShield - ok
08:40:56.0143 4252 McTaskManager (462eb5733c52471db574727b5d1f77e4) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
08:40:56.0267 4252 McTaskManager - ok
08:40:56.0299 4252 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
08:40:56.0314 4252 Mcx2Svc - ok
08:40:56.0330 4252 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
08:40:56.0330 4252 megasas - ok
08:40:56.0392 4252 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
08:40:56.0408 4252 MegaSR - ok
08:40:56.0470 4252 mfeapfk (a8010e2442349df1ede61258415406de) C:\windows\system32\drivers\mfeapfk.sys
08:40:56.0470 4252 mfeapfk - ok
08:40:56.0501 4252 mfeavfk (0152dbef3ac1bfdcfeb67488fecffbf7) C:\windows\system32\drivers\mfeavfk.sys
08:40:56.0501 4252 mfeavfk - ok
08:40:56.0533 4252 mfeavfk01 - ok
08:40:56.0579 4252 mfehidk (dd61b7472629163ac86c73ff5cb8c090) C:\windows\system32\drivers\mfehidk.sys
08:40:56.0611 4252 mfehidk - ok
08:40:56.0626 4252 mferkdet (63af163f785600be49c35429adadceb2) C:\windows\system32\drivers\mferkdet.sys
08:40:56.0642 4252 mferkdet - ok
08:40:56.0673 4252 mfevtp (832ff782c16081535956403c488a9391) C:\windows\system32\mfevtps.exe
08:40:56.0689 4252 mfevtp - ok
08:40:56.0735 4252 mfewfpk (a07ae92232e9c1023d8011f5f48723c5) C:\windows\system32\drivers\mfewfpk.sys
08:40:56.0751 4252 mfewfpk - ok
08:40:56.0860 4252 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
08:40:56.0860 4252 Microsoft Office Groove Audit Service - ok
08:40:56.0907 4252 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:40:56.0907 4252 MMCSS - ok
08:40:56.0954 4252 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
08:40:56.0954 4252 Modem - ok
08:40:56.0985 4252 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
08:40:56.0985 4252 monitor - ok
08:40:57.0047 4252 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
08:40:57.0047 4252 mouclass - ok
08:40:57.0079 4252 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
08:40:57.0079 4252 mouhid - ok
08:40:57.0141 4252 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
08:40:57.0157 4252 mountmgr - ok
08:40:57.0250 4252 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:40:57.0250 4252 MozillaMaintenance - ok
08:40:57.0297 4252 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
08:40:57.0313 4252 mpio - ok
08:40:57.0344 4252 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
08:40:57.0344 4252 mpsdrv - ok
08:40:57.0406 4252 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
08:40:57.0422 4252 MRxDAV - ok
08:40:57.0469 4252 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
08:40:57.0484 4252 mrxsmb - ok
08:40:57.0531 4252 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
08:40:57.0547 4252 mrxsmb10 - ok
08:40:57.0609 4252 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
08:40:57.0625 4252 mrxsmb20 - ok
08:40:57.0656 4252 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
08:40:57.0671 4252 msahci - ok
08:40:57.0703 4252 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
08:40:57.0718 4252 msdsm - ok
08:40:57.0749 4252 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
08:40:57.0765 4252 MSDTC - ok
08:40:57.0827 4252 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
08:40:57.0827 4252 Msfs - ok
08:40:57.0859 4252 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
08:40:57.0859 4252 mshidkmdf - ok
08:40:57.0905 4252 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
08:40:57.0905 4252 msisadrv - ok
08:40:57.0952 4252 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
08:40:57.0983 4252 MSiSCSI - ok
08:40:57.0999 4252 msiserver - ok
08:40:58.0046 4252 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
08:40:58.0046 4252 MSKSSRV - ok
08:40:58.0061 4252 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
08:40:58.0061 4252 MSPCLOCK - ok
08:40:58.0077 4252 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
08:40:58.0093 4252 MSPQM - ok
08:40:58.0155 4252 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
08:40:58.0171 4252 MsRPC - ok
08:40:58.0217 4252 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
08:40:58.0217 4252 mssmbios - ok
08:40:58.0280 4252 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
08:40:58.0295 4252 MSTEE - ok
08:40:58.0342 4252 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
08:40:58.0342 4252 MTConfig - ok
08:40:58.0420 4252 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
08:40:58.0420 4252 Mup - ok
08:40:58.0498 4252 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
08:40:58.0529 4252 napagent - ok
08:40:58.0607 4252 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
08:40:58.0623 4252 NativeWifiP - ok
08:40:58.0732 4252 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
08:40:58.0748 4252 NDIS - ok
08:40:58.0795 4252 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
08:40:58.0795 4252 NdisCap - ok
08:40:58.0826 4252 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
08:40:58.0826 4252 NdisTapi - ok
08:40:58.0873 4252 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
08:40:58.0873 4252 Ndisuio - ok
08:40:58.0935 4252 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
08:40:58.0951 4252 NdisWan - ok
08:40:58.0997 4252 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
08:40:58.0997 4252 NDProxy - ok
08:40:59.0044 4252 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
08:40:59.0044 4252 NetBIOS - ok
08:40:59.0107 4252 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
08:40:59.0122 4252 NetBT - ok
08:40:59.0153 4252 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:40:59.0153 4252 Netlogon - ok
08:40:59.0216 4252 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
08:40:59.0247 4252 Netman - ok
08:40:59.0387 4252 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
08:40:59.0387 4252 netprofm - ok
08:40:59.0575 4252 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:40:59.0590 4252 NetTcpPortSharing - ok
08:40:59.0684 4252 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
08:40:59.0699 4252 nfrd960 - ok
08:40:59.0824 4252 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
08:40:59.0933 4252 NlaSvc - ok
08:40:59.0965 4252 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
08:40:59.0980 4252 Npfs - ok
08:41:00.0043 4252 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
08:41:00.0058 4252 nsi - ok
08:41:00.0074 4252 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
08:41:00.0074 4252 nsiproxy - ok
08:41:00.0682 4252 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
08:41:00.0745 4252 Ntfs - ok
08:41:01.0805 4252 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
08:41:01.0805 4252 Null - ok
08:41:01.0915 4252 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
08:41:01.0930 4252 nvraid - ok
08:41:02.0008 4252 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
08:41:02.0024 4252 nvstor - ok
08:41:02.0086 4252 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
08:41:02.0102 4252 nv_agp - ok
08:41:02.0242 4252 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:41:02.0258 4252 odserv - ok
08:41:02.0305 4252 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
08:41:02.0305 4252 ohci1394 - ok
08:41:02.0367 4252 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:41:02.0461 4252 ose - ok
08:41:02.0492 4252 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:41:02.0523 4252 p2pimsvc - ok
08:41:02.0570 4252 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
08:41:02.0601 4252 p2psvc - ok
08:41:02.0632 4252 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
08:41:02.0632 4252 Parport - ok
08:41:02.0695 4252 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
08:41:02.0695 4252 partmgr - ok
08:41:02.0726 4252 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
08:41:02.0741 4252 PcaSvc - ok
08:41:02.0788 4252 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
08:41:02.0804 4252 pci - ok
08:41:02.0819 4252 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
08:41:02.0819 4252 pciide - ok
08:41:02.0866 4252 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
08:41:02.0866 4252 pcmcia - ok
08:41:02.0897 4252 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
08:41:02.0897 4252 pcw - ok
08:41:02.0960 4252 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
08:41:02.0991 4252 PEAUTH - ok
08:41:03.0131 4252 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
08:41:03.0147 4252 PerfHost - ok
08:41:03.0256 4252 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
08:41:03.0256 4252 PGEffect - ok
08:41:03.0428 4252 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
08:41:03.0459 4252 pla - ok
08:41:03.0537 4252 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
08:41:03.0553 4252 PlugPlay - ok
08:41:03.0584 4252 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
08:41:03.0584 4252 PNRPAutoReg - ok
08:41:03.0615 4252 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:41:03.0631 4252 PNRPsvc - ok
08:41:03.0833 4252 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
08:41:03.0849 4252 PolicyAgent - ok
08:41:03.0896 4252 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
08:41:03.0911 4252 Power - ok
08:41:03.0989 4252 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
08:41:04.0005 4252 PptpMiniport - ok
08:41:04.0052 4252 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
08:41:04.0052 4252 Processor - ok
08:41:04.0114 4252 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
08:41:04.0208 4252 ProfSvc - ok
08:41:04.0239 4252 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:41:04.0239 4252 ProtectedStorage - ok
08:41:04.0301 4252 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
08:41:04.0317 4252 Psched - ok
08:41:04.0348 4252 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\windows\system32\Drivers\PxHlpa64.sys
08:41:04.0348 4252 PxHlpa64 - ok
08:41:04.0473 4252 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
08:41:04.0520 4252 ql2300 - ok
08:41:04.0645 4252 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
08:41:04.0676 4252 ql40xx - ok
08:41:04.0738 4252 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
08:41:04.0754 4252 QWAVE - ok
08:41:04.0785 4252 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
08:41:04.0785 4252 QWAVEdrv - ok
08:41:04.0801 4252 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
08:41:04.0801 4252 RasAcd - ok
08:41:04.0832 4252 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
08:41:04.0847 4252 RasAgileVpn - ok
08:41:04.0879 4252 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
08:41:04.0894 4252 RasAuto - ok
08:41:04.0972 4252 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
08:41:04.0988 4252 Rasl2tp - ok
08:41:05.0019 4252 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
08:41:05.0035 4252 RasMan - ok
08:41:05.0066 4252 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
08:41:05.0066 4252 RasPppoe - ok
08:41:05.0097 4252 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
08:41:05.0097 4252 RasSstp - ok
08:41:05.0175 4252 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
08:41:05.0175 4252 rdbss - ok
08:41:05.0206 4252 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
08:41:05.0222 4252 rdpbus - ok
08:41:05.0222 4252 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
08:41:05.0237 4252 RDPCDD - ok
08:41:05.0237 4252 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
08:41:05.0253 4252 RDPENCDD - ok
08:41:05.0269 4252 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
08:41:05.0269 4252 RDPREFMP - ok
08:41:05.0315 4252 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
08:41:05.0331 4252 RDPWD - ok
08:41:05.0393 4252 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
08:41:05.0409 4252 rdyboost - ok
08:41:05.0456 4252 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
08:41:05.0456 4252 RemoteAccess - ok
08:41:05.0503 4252 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
08:41:05.0503 4252 RemoteRegistry - ok
08:41:05.0518 4252 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
08:41:05.0534 4252 RpcEptMapper - ok
08:41:05.0549 4252 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
08:41:05.0565 4252 RpcLocator - ok
08:41:05.0674 4252 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:41:05.0674 4252 RpcSs - ok
08:41:05.0721 4252 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
08:41:05.0721 4252 rspndr - ok
08:41:05.0768 4252 RSUSBSTOR - ok
08:41:05.0955 4252 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\windows\system32\DRIVERS\Rt64win7.sys
08:41:05.0955 4252 RTL8167 - ok
08:41:06.0345 4252 rtl8192se (7475548b0ba58eba4d12414fc9e9dfe6) C:\windows\system32\DRIVERS\rtl8192se.sys
08:41:06.0345 4252 rtl8192se - ok
08:41:06.0361 4252 RtsUIR - ok
08:41:06.0392 4252 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:41:06.0392 4252 SamSs - ok
08:41:06.0454 4252 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
08:41:06.0470 4252 sbp2port - ok
08:41:06.0517 4252 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
08:41:06.0532 4252 SCardSvr - ok
08:41:06.0579 4252 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
08:41:06.0579 4252 scfilter - ok
08:41:06.0704 4252 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
08:41:06.0797 4252 Schedule - ok
08:41:06.0829 4252 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:41:06.0844 4252 SCPolicySvc - ok
08:41:06.0860 4252 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
08:41:06.0875 4252 SDRSVC - ok
08:41:06.0922 4252 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
08:41:06.0922 4252 secdrv - ok
08:41:06.0969 4252 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
08:41:06.0985 4252 seclogon - ok
08:41:07.0016 4252 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
08:41:07.0016 4252 SENS - ok
08:41:07.0031 4252 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
08:41:07.0047 4252 SensrSvc - ok
08:41:07.0078 4252 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
08:41:07.0094 4252 Serenum - ok
08:41:07.0109 4252 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
08:41:07.0125 4252 Serial - ok
08:41:07.0156 4252 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
08:41:07.0172 4252 sermouse - ok
08:41:07.0219 4252 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
08:41:07.0234 4252 SessionEnv - ok
08:41:07.0265 4252 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
08:41:07.0265 4252 sffdisk - ok
08:41:07.0281 4252 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
08:41:07.0281 4252 sffp_mmc - ok
08:41:07.0297 4252 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
08:41:07.0297 4252 sffp_sd - ok
08:41:07.0328 4252 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
08:41:07.0328 4252 sfloppy - ok
08:41:07.0390 4252 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
08:41:07.0468 4252 ShellHWDetection - ok
08:41:07.0484 4252 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
08:41:07.0484 4252 SiSRaid2 - ok
08:41:07.0624 4252 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
08:41:07.0624 4252 SiSRaid4 - ok
08:41:07.0655 4252 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
08:41:07.0655 4252 Smb - ok
08:41:07.0687 4252 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
08:41:07.0702 4252 SNMPTRAP - ok
08:41:07.0733 4252 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
08:41:07.0733 4252 spldr - ok
08:41:07.0827 4252 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
08:41:07.0921 4252 Spooler - ok
08:41:08.0217 4252 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
08:41:08.0295 4252 sppsvc - ok
08:41:08.0591 4252 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
08:41:08.0591 4252 sppuinotify - ok
08:41:08.0701 4252 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
08:41:08.0810 4252 srv - ok
08:41:08.0872 4252 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
08:41:08.0888 4252 srv2 - ok
08:41:08.0903 4252 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
08:41:08.0919 4252 srvnet - ok
08:41:08.0966 4252 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
08:41:08.0997 4252 SSDPSRV - ok
08:41:09.0028 4252 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
08:41:09.0044 4252 SstpSvc - ok
08:41:09.0075 4252 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
08:41:09.0075 4252 stexstor - ok
08:41:09.0169 4252 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
08:41:09.0184 4252 stisvc - ok
08:41:09.0247 4252 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
08:41:09.0262 4252 stllssvr - ok
08:41:09.0309 4252 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
08:41:09.0325 4252 swenum - ok
08:41:09.0387 4252 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
08:41:09.0418 4252 swprv - ok
08:41:09.0496 4252 SynTP (be7311da9d6833fa69ed04b744a1c8f8) C:\windows\system32\DRIVERS\SynTP.sys
08:41:09.0496 4252 SynTP - ok
08:41:09.0652 4252 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
08:41:09.0746 4252 SysMain - ok
08:41:09.0902 4252 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
08:41:09.0902 4252 TabletInputService - ok
08:41:09.0949 4252 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
08:41:09.0964 4252 TapiSrv - ok
08:41:09.0995 4252 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
08:41:09.0995 4252 TBS - ok
08:41:10.0245 4252 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
08:41:10.0292 4252 Tcpip - ok
08:41:10.0619 4252 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
08:41:10.0635 4252 TCPIP6 - ok
08:41:10.0947 4252 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
08:41:10.0947 4252 tcpipreg - ok
08:41:10.0978 4252 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
08:41:10.0978 4252 tdcmdpst - ok
08:41:11.0009 4252 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
08:41:11.0009 4252 TDPIPE - ok
08:41:11.0041 4252 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
08:41:11.0041 4252 TDTCP - ok
08:41:11.0087 4252 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
08:41:11.0087 4252 tdx - ok
08:41:11.0134 4252 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
08:41:11.0134 4252 TermDD - ok
08:41:11.0212 4252 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
08:41:11.0228 4252 TermService - ok
08:41:11.0259 4252 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
08:41:11.0259 4252 Themes - ok
08:41:11.0306 4252 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:41:11.0306 4252 THREADORDER - ok
08:41:11.0415 4252 TMachInfo (32577b987ae5401038451bb392cb8d89) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
08:41:11.0415 4252 TMachInfo - ok
08:41:11.0477 4252 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
08:41:11.0493 4252 TODDSrv - ok
08:41:11.0602 4252 TosCoSrv (06c61275adc64f1e36240a2287998a5e) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:41:11.0618 4252 TosCoSrv - ok
08:41:11.0665 4252 TOSHIBA eco Utility Service (32ff64d06a91daa0331c624aff442679) C:\Program Files\TOSHIBA\TECO\TecoService.exe
08:41:11.0758 4252 TOSHIBA eco Utility Service - ok
08:41:11.0836 4252 TOSHIBA HDD SSD Alert Service (dd58e1250f604cbbadda04575e5e2376) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
08:41:11.0852 4252 TOSHIBA HDD SSD Alert Service - ok
08:41:11.0961 4252 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
08:41:11.0977 4252 tos_sps64 - ok
08:41:12.0055 4252 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
08:41:12.0086 4252 TPCHSrv - ok
08:41:12.0211 4252 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
08:41:12.0226 4252 TrkWks - ok
08:41:12.0304 4252 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
08:41:12.0398 4252 TrustedInstaller - ok
08:41:12.0491 4252 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
08:41:12.0491 4252 tssecsrv - ok
08:41:12.0554 4252 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
08:41:12.0569 4252 TsUsbFlt - ok
08:41:12.0647 4252 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
08:41:12.0663 4252 tunnel - ok
08:41:12.0710 4252 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
08:41:12.0710 4252 TVALZ - ok
08:41:12.0741 4252 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
08:41:12.0741 4252 TVALZFL - ok
08:41:12.0788 4252 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
08:41:12.0788 4252 uagp35 - ok
08:41:12.0835 4252 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
08:41:12.0850 4252 udfs - ok
08:41:12.0913 4252 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
08:41:12.0928 4252 UI0Detect - ok
08:41:13.0006 4252 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
08:41:13.0006 4252 uliagpkx - ok
08:41:13.0100 4252 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
08:41:13.0115 4252 umbus - ok
08:41:13.0162 4252 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
08:41:13.0178 4252 UmPass - ok
08:41:13.0381 4252 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
08:41:13.0412 4252 upnphost - ok
08:41:13.0521 4252 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
08:41:13.0521 4252 USBAAPL64 - ok
08:41:13.0568 4252 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
08:41:13.0599 4252 usbccgp - ok
08:41:13.0599 4252 USBCCID - ok
08:41:13.0661 4252 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
08:41:13.0661 4252 usbcir - ok
08:41:13.0708 4252 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
08:41:13.0708 4252 usbehci - ok
08:41:13.0786 4252 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
08:41:13.0802 4252 usbhub - ok
08:41:13.0833 4252 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
08:41:13.0833 4252 usbohci - ok
08:41:13.0849 4252 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
08:41:13.0864 4252 usbprint - ok
08:41:13.0911 4252 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
08:41:13.0911 4252 usbscan - ok
08:41:13.0958 4252 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
08:41:13.0973 4252 USBSTOR - ok
08:41:14.0005 4252 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys
08:41:14.0020 4252 usbuhci - ok
08:41:14.0083 4252 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
08:41:14.0098 4252 usbvideo - ok
08:41:14.0129 4252 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
08:41:14.0129 4252 UxSms - ok
08:41:14.0161 4252 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:41:14.0161 4252 VaultSvc - ok
08:41:14.0223 4252 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
08:41:14.0223 4252 vdrvroot - ok
08:41:14.0317 4252 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
08:41:14.0332 4252 vds - ok
08:41:14.0379 4252 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
08:41:14.0379 4252 vga - ok
08:41:14.0410 4252 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
08:41:14.0410 4252 VgaSave - ok
08:41:14.0457 4252 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
08:41:14.0473 4252 vhdmp - ok
08:41:14.0504 4252 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
08:41:14.0504 4252 viaide - ok
08:41:14.0535 4252 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
08:41:14.0535 4252 volmgr - ok
08:41:14.0613 4252 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
08:41:14.0629 4252 volmgrx - ok
08:41:14.0691 4252 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
08:41:14.0707 4252 volsnap - ok
08:41:14.0863 4252 vpnagent (3b98ab9849754cb88265111422441df7) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
08:41:14.0878 4252 vpnagent - ok
08:41:14.0925 4252 vpnva (13e6d95e7ac67abb7a1196557ef8849f) C:\windows\system32\DRIVERS\vpnva64.sys
08:41:14.0925 4252 vpnva - ok
08:41:14.0972 4252 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
08:41:15.0003 4252 vsmraid - ok
08:41:15.0143 4252 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
08:41:15.0190 4252 VSS - ok
08:41:15.0346 4252 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
08:41:15.0346 4252 vwifibus - ok
08:41:15.0377 4252 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
08:41:15.0377 4252 vwififlt - ok
08:41:15.0409 4252 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
08:41:15.0409 4252 vwifimp - ok
08:41:15.0471 4252 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
08:41:15.0487 4252 W32Time - ok
08:41:15.0502 4252 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
08:41:15.0502 4252 WacomPen - ok
08:41:15.0611 4252 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:41:15.0611 4252 WANARP - ok
08:41:15.0643 4252 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:41:15.0643 4252 Wanarpv6 - ok
08:41:15.0861 4252 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
08:41:15.0939 4252 WatAdminSvc - ok
08:41:16.0095 4252 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
08:41:16.0126 4252 wbengine - ok
08:41:16.0267 4252 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
08:41:16.0267 4252 WbioSrvc - ok
08:41:16.0329 4252 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
08:41:16.0345 4252 wcncsvc - ok
08:41:16.0360 4252 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
08:41:16.0360 4252 WcsPlugInService - ok
08:41:16.0407 4252 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
08:41:16.0407 4252 Wd - ok
08:41:16.0469 4252 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
08:41:16.0485 4252 Wdf01000 - ok
08:41:16.0516 4252 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:41:16.0516 4252 WdiServiceHost - ok
08:41:16.0516 4252 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:41:16.0532 4252 WdiSystemHost - ok
08:41:16.0579 4252 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
08:41:16.0594 4252 WebClient - ok
08:41:16.0625 4252 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
08:41:16.0641 4252 Wecsvc - ok
08:41:16.0672 4252 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
08:41:16.0688 4252 wercplsupport - ok
08:41:16.0719 4252 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
08:41:16.0719 4252 WerSvc - ok
08:41:16.0781 4252 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
08:41:16.0797 4252 WfpLwf - ok
08:41:16.0813 4252 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
08:41:16.0828 4252 WIMMount - ok
08:41:16.0844 4252 WinHttpAutoProxySvc - ok
08:41:16.0906 4252 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
08:41:16.0922 4252 Winmgmt - ok
08:41:17.0109 4252 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
08:41:17.0156 4252 WinRM - ok
08:41:17.0327 4252 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
08:41:17.0343 4252 WinUsb - ok
08:41:17.0437 4252 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
08:41:17.0468 4252 Wlansvc - ok
08:41:17.0780 4252 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:41:17.0858 4252 wlidsvc - ok
08:41:18.0170 4252 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
08:41:18.0170 4252 WmiAcpi - ok
08:41:18.0263 4252 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
08:41:18.0295 4252 wmiApSrv - ok
08:41:18.0341 4252 WMPNetworkSvc - ok
08:41:18.0373 4252 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
08:41:18.0373 4252 WPCSvc - ok
08:41:18.0419 4252 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
08:41:18.0435 4252 WPDBusEnum - ok
08:41:18.0466 4252 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
08:41:18.0466 4252 ws2ifsl - ok
08:41:18.0466 4252 WSearch - ok
08:41:18.0685 4252 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
08:41:18.0700 4252 wuauserv - ok
08:41:18.0872 4252 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
08:41:18.0887 4252 WudfPf - ok
08:41:18.0934 4252 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
08:41:18.0950 4252 WUDFRd - ok
08:41:19.0012 4252 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
08:41:19.0028 4252 wudfsvc - ok
08:41:19.0090 4252 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
08:41:19.0106 4252 WwanSvc - ok
08:41:19.0168 4252 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
08:41:19.0559 4252 \Device\Harddisk0\DR0 - ok
08:41:19.0575 4252 Boot (0x1200) (0c8f079051bcb1fc17e864377f69aa07) \Device\Harddisk0\DR0\Partition0
08:41:19.0590 4252 \Device\Harddisk0\DR0\Partition0 - ok
08:41:19.0590 4252 ============================================================
08:41:19.0590 4252 Scan finished
08:41:19.0590 4252 ============================================================
08:41:19.0590 4312 Detected object count: 0
08:41:19.0590 4312 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-02 08:45:41
-----------------------------
08:45:41.747 OS Version: Windows x64 6.1.7601 Service Pack 1
08:45:41.747 Number of processors: 2 586 0x602
08:45:41.747 ComputerName: MARK-PC UserName: Mark
08:45:42.870 Initialize success
08:46:37.594 AVAST engine defs: 12080200
08:46:53.538 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
08:46:53.538 Disk 0 Vendor: FUJITSU_MJA2320BH_G2 00400018 Size: 305245MB BusType: 11
08:46:53.553 Disk 0 MBR read successfully
08:46:53.569 Disk 0 MBR scan
08:46:53.600 Disk 0 Windows VISTA default MBR code
08:46:53.631 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
08:46:53.662 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 294514 MB offset 3074048
08:46:53.694 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 9230 MB offset 606238720
08:46:53.787 Disk 0 scanning C:\windows\system32\drivers
08:47:23.694 Service scanning
08:48:30.931 Modules scanning
08:48:30.946 Disk 0 trace - called modules:
08:48:30.977 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
08:48:30.993 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80043a5790]
08:48:31.009 3 CLASSPNP.SYS[fffff88001adf43f] -> nt!IofCallDriver -> [0xfffffa8004304560]
08:48:31.024 5 ACPI.sys[fffff88000eeb7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa8004316060]
08:48:32.335 AVAST engine scan C:\windows
08:48:36.469 AVAST engine scan C:\windows\system32
08:55:46.517 AVAST engine scan C:\windows\system32\drivers
08:56:18.060 AVAST engine scan C:\Users\Mark
08:59:56.853 Disk 0 MBR has been saved successfully to "C:\Users\Mark\Desktop\MBR.dat"
08:59:56.853 The log file has been saved successfully to "C:\Users\Mark\Desktop\aswMBR.txt"


I also ran the ESET online scanner as requested, but at the end it just said "no threats found." There was no LIST of found threats for me to post.

Thank you.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 AM

Posted 02 August 2012 - 08:55 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 joe_305

joe_305
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 03 August 2012 - 12:57 AM

After I posted my last reply, I re-scanned with ESET online scanner checking more boxes of things to scan beyond the default settings. Now it found a threat:

C:\Users\Mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\6ad51e08-7f98209e multiple threats deleted - quarantined

Does this change your recommendation of next steps to do that you put in your last post?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 AM

Posted 03 August 2012 - 01:05 AM

No,go ahead with other scans :thumbup2:

#7 joe_305

joe_305
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 03 August 2012 - 10:25 AM

Thanks for the help. Here are the 4 results.


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.03.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mark :: MARK-PC [administrator]

8/2/2012 11:36:09 PM
mbam-log-2012-08-02 (23-36-09).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 399041
Time elapsed: 2 hour(s), 19 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox by Farbar Version: 23-07-2012
Ran by Mark (administrator) on 03-08-2012 at 08:05:36
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)
Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = Local Area Connection 2 (Hardware not present)
Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=enabled advertise=enabled metric=1 nud=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Mark-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.or.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 70-F1-A1-55-9A-A1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.or.comcast.net.
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-6C-6C-7A-C7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::45:bcce:26dd:18b%12(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, August 02, 2012 8:38:10 AM
Lease Expires . . . . . . . . . . : Thursday, August 09, 2012 6:17:42 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 318776940
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-60-32-73-00-26-6C-6C-7A-C7
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : uoregon.edu
Description . . . . . . . . . . . : Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 70-F1-A1-55-9A-A1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E3DF9F08-DAF1-479C-98D8-CA52E6F90AF6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.or.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:400a:800::1002
173.194.33.46
173.194.33.38
173.194.33.37
173.194.33.39
173.194.33.34
173.194.33.33
173.194.33.32
173.194.33.36
173.194.33.35
173.194.33.40
173.194.33.41


Pinging google.com [173.194.33.33] with 32 bytes of data:
Reply from 173.194.33.33: bytes=32 time=16ms TTL=55
Reply from 173.194.33.33: bytes=32 time=15ms TTL=55

Ping statistics for 173.194.33.33:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 15ms, Maximum = 16ms, Average = 15ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=50ms TTL=52
Reply from 72.30.38.140: bytes=32 time=51ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 51ms, Average = 50ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...70 f1 a1 55 9a a1 ......Microsoft Virtual WiFi Miniport Adapter
12...00 26 6c 6c 7a c7 ......Realtek PCIe FE Family Controller
10...70 f1 a1 55 9a a1 ......Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.3 20
10.0.0.0 255.255.255.0 On-link 10.0.0.3 276
10.0.0.3 255.255.255.255 On-link 10.0.0.3 276
10.0.0.255 255.255.255.255 On-link 10.0.0.3 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 276 fe80::/64 On-link
12 276 fe80::45:bcce:26dd:18b/128
On-link
1 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/02/2012 11:24:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/02/2012 11:22:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/02/2012 06:22:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/02/2012 06:22:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/02/2012 09:02:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/02/2012 09:02:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/02/2012 09:01:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/12/2012 06:39:55 PM) (Source: McLogEvent) (User: Mark-PC)Mark-PC
Description: The scan found detections. Scan engine version 5400.1158 DAT version 6769.

Error: (07/12/2012 04:35:19 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_262.exe, version: 11.3.300.262, time stamp: 0x4fe20fae
Faulting module name: NPSWF32_11_3_300_262.dll, version: 11.3.300.262, time stamp: 0x4fe21212
Exception code: 0xc0000005
Fault offset: 0x000d6fa0
Faulting process id: 0x1380
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_262.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_262.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_262.exe2
Report Id: FlashPlayerPlugin_11_3_300_262.exe3

Error: (07/09/2012 11:28:12 PM) (Source: McLogEvent) (User: Mark-PC)Mark-PC
Description: The scan found detections. Scan engine version 5400.1158 DAT version 6766.


System errors:
=============
Error: (08/02/2012 06:17:41 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (08/02/2012 00:02:42 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (08/02/2012 08:37:31 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/02/2012 08:37:31 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/02/2012 08:37:31 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/02/2012 08:37:18 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (08/02/2012 08:37:18 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (08/01/2012 00:21:28 AM) (Source: DCOM) (User: )
Description: {DD100006-6205-11CF-AE61-0000E8A28647}

Error: (07/31/2012 10:27:57 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/31/2012 10:27:55 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (05/11/2012 10:20:27 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/22/2012 10:24:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (02/15/2012 08:48:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 99 seconds with 0 seconds of active time. This session ended with a crash.

Error: (02/04/2012 02:14:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/13/2011 10:24:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 19 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.5.1.17730)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Best Buy Software Installer (Version: 2.1.0.29)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.5.0.15)
Canon RAW Image Task for ZoomBrowser EX (Version: 0.9.3.9)
Canon Utilities CameraWindow (Version: 7.0.0.8)
Canon Utilities CameraWindow DC (Version: 7.0.0.15)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.1.15)
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities MyCamera DC (Version: 7.0.0.5)
Canon Utilities PhotoStitch (Version: 3.1.20.44)
Canon Utilities RemoteCapture DC (Version: 3.0.1.8)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.0.0.246)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.0.0.19)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Full Existing (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Full New (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Light (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Previews Common (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0729.2238.38827)
Catalyst Control Center InstallProxy (Version: 2009.0729.2238.38827)
Catalyst Control Center Localization All (Version: 2009.0729.2238.38827)
ccc-core-static (Version: 2009.0729.2238.38827)
ccc-utility64 (Version: 2009.0729.2238.38827)
CCC Help Chinese Standard (Version: 2009.0729.2237.38827)
CCC Help Chinese Traditional (Version: 2009.0729.2237.38827)
CCC Help Czech (Version: 2009.0729.2237.38827)
CCC Help Danish (Version: 2009.0729.2237.38827)
CCC Help Dutch (Version: 2009.0729.2237.38827)
CCC Help English (Version: 2009.0729.2237.38827)
CCC Help Finnish (Version: 2009.0729.2237.38827)
CCC Help French (Version: 2009.0729.2237.38827)
CCC Help German (Version: 2009.0729.2237.38827)
CCC Help Greek (Version: 2009.0729.2237.38827)
CCC Help Hungarian (Version: 2009.0729.2237.38827)
CCC Help Italian (Version: 2009.0729.2237.38827)
CCC Help Japanese (Version: 2009.0729.2237.38827)
CCC Help Korean (Version: 2009.0729.2237.38827)
CCC Help Norwegian (Version: 2009.0729.2237.38827)
CCC Help Polish (Version: 2009.0729.2237.38827)
CCC Help Portuguese (Version: 2009.0729.2237.38827)
CCC Help Russian (Version: 2009.0729.2237.38827)
CCC Help Spanish (Version: 2009.0729.2237.38827)
CCC Help Swedish (Version: 2009.0729.2237.38827)
CCC Help Thai (Version: 2009.0729.2237.38827)
CCC Help Turkish (Version: 2009.0729.2237.38827)
Cisco AnyConnect VPN Client (Version: 2.5.3055)
Comcast High-Speed Internet Install Wizard
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Dragon NaturallySpeaking 11 (Version: 11.50.100)
EndNote X5 (Version: 15.0.0.5478)
ESET Online Scanner v3
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
HP Officejet 6500 E710n-z Basic Device Software (Version: 22.50.231.0)
HP Officejet 6500 E710n-z Help (Version: 140.0.2.2)
HP Officejet 6500 E710n-z Product Improvement Study (Version: 22.50.231.0)
HP Update (Version: 5.002.006.003)
iTunes (Version: 10.5.0.142)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 30 (64-bit) (Version: 6.0.300)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 5 (64-bit) (Version: 7.0.50)
Juniper Networks Host Checker (Version: 6.5.0.15551)
Juniper Networks Setup Client (Version: 2.1.3.6931)
Juniper Networks Setup Client Activex Control (Version: 2.1.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
LeapFrog Connect (Version: 3.2.19.13664)
LeapFrog Tag Plugin (Version: 3.2.19.13664)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Agent (Version: 4.6.0.2292)
McAfee VirusScan Enterprise (Version: 8.8.01000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
OverDrive Media Console (Version: 3.2.5)
PlayReady PC Runtime amd64 (Version: 1.3.0)
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver (Version: 1.00.0008)
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30101)
Realtek WLAN Driver (Version: 2.00.0006)
ResearchSoft Direct Export Helper
Roxio Burn (Version: 1.2)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Roxio Burn (Version: 1.0.0)
Roxio Update Manager (Version: 6.0.0)
Synaptics Pointing Device Driver (Version: 13.2.6.1)
TOSHIBA Application Installer (Version: 9.0.1.0)
TOSHIBA Assist (Version: 3.00.10)
TOSHIBA Bulletin Board (Version: 1.5.05.64)
TOSHIBA ConfigFree (Version: 8.0.21)
TOSHIBA Disc Creator (Version: 2.1.0.1 for x64)
TOSHIBA DVD PLAYER (Version: 3.01.0.07-A)
TOSHIBA eco Utility (Version: 1.1.7.64)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: )
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Face Recognition (Version: 3.1.0.64)
TOSHIBA Hardware Setup (Version: 2.00.11)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.0)
TOSHIBA Media Controller (Version: 1.0.65)
TOSHIBA PC Health Monitor (Version: 1.4.1.64)
TOSHIBA Quality Application (Version: 1.0.1)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.5.07.64)
TOSHIBA Service Station (Version: 2.1.33)
TOSHIBA Speech System Applications (Version: 1.00.2518)
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.09)
TOSHIBA Value Added Package (Version: 1.2.26.64)
TOSHIBA Web Camera Application (Version: 1.1.1.4)
ToshibaRegistration (Version: 1.0.3)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.3535)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0425)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0202)
TurboTax 2010 woriper (Version: 010.000.1160)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2010 wvaiper (Version: 010.000.1147)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2837)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0449)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0212)
TurboTax 2011 woriper (Version: 011.000.1435)
TurboTax 2011 wrapper (Version: 011.000.0121)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (Version: 3.2.19.13664)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (Version: 11.0.200)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (Version: 11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 3836.17 MB
Available physical RAM: 1901.29 MB
Total Pagefile: 7670.53 MB
Available Pagefile: 4189.55 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.98 MB

========================= Partitions: =====================================

1 Drive c: (TI105736W0B) (Fixed) (Total:287.61 GB) (Free:191.27 GB) NTFS

========================= Users: ========================================

User accounts for \\MARK-PC

Administrator Guest Mark


**** End of log ****



Farbar Service Scanner Version: 26-07-2012
Ran by Mark (administrator) on 03-08-2012 at 08:12:18
Running from "C:\Users\Mark\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile. The key does not exist.
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v1.800 - Logfile created 08/03/2012 at 08:16:38
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Mark - MARK-PC
# Running from : C:\Users\Mark\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wise Solutions
[x64] Key Deleted : HKLM\SOFTWARE\Software

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\jddxzvu6.default\prefs.js

C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\jddxzvu6.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [890 octets] - [03/08/2012 08:16:38]

########## EOF - C:\AdwCleaner[S1].txt - [1017 octets] ##########

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 AM

Posted 03 August 2012 - 01:00 PM

Download

MpsSvc
BFE
wscsvc
defender
Sharedaccess


Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#9 joe_305

joe_305
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 04 August 2012 - 03:35 PM

Thanks for your reply to my message about logs. Resetting the firewall and windows defender registry by following your steps will not interfere with McAfee anti-virus software, right? These are issues that need to be resolved through these steps? Just want to be sure, so thank you for all the help.

Last thing: do I need to make a backup of my registry before fixing it in case something goes awry somehow?

Edited by joe_305, 04 August 2012 - 07:11 PM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 AM

Posted 04 August 2012 - 11:39 PM

Create a restore point and continue :)

#11 joe_305

joe_305
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 05 August 2012 - 02:19 AM

I did the repairs. Here is the new FSS log:

Farbar Service Scanner Version: 26-07-2012
Ran by Mark (administrator) on 05-08-2012 at 00:14:22
Running from "C:\Users\Mark\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 AM

Posted 05 August 2012 - 02:47 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#13 joe_305

joe_305
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 05 August 2012 - 09:53 PM

Thank you so much for all the help. Things seem to be fine now. Just so I know, was there any malware on the machine, especially the kind that could have stolen passwords or anything like that? Thank you again for your time.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 AM

Posted 05 August 2012 - 10:02 PM

Except for single infection by ESET scanner,there was no infections in the logs.You were missing some important windows services which we were able to replace.

safe surfing

Edited by narenxp, 05 August 2012 - 10:02 PM.


#15 joe_305

joe_305
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 06 August 2012 - 09:43 AM

Thanks again. You can close the topic now. Much appreciated.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users