Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Relatives Computer... One scan says it has a Rootkit, others don't


  • Please log in to reply
13 replies to this topic

#1 xXbelrocXx

xXbelrocXx

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 AM

Posted 05 August 2012 - 06:50 PM

I am working on a notebook for my Aunt and she has been having reoccurring viruses and other issues. Things relating to videos on facebook not working and other random issues. Long story short I finally got it out of her social network addicted hands and am trying to fix it properly. I've ran several virus scans, and removed a lot of little stuff, trojans and little things, but they keep coming back. I suspect that there is something hidden deep withing the OS that is reinfecting the system. I've done a lot of searching on the internet and came across some forums suggesting combofix for similar issues. I've used it before and it has removed many problems in the past, but doesn't seem to be of any help right now. I've downloaded a program called Boot_Cleaner.exe v1.2 and it tells me that \\.\PhysicalDisk0 is controlled by a RootKit, but it won't remove it (not really sure if is supposed to). Does anyone have any suggestions on how I can confirm that there is indeed a rootkit or if it is just a false positive?

I'll go ahead and apologize if this is posted in the incorrect forum, but I couldn't find a better fit.

Thanks in Advance.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:23 AM

Posted 05 August 2012 - 06:53 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 xXbelrocXx

xXbelrocXx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 AM

Posted 05 August 2012 - 11:16 PM

Here is the TDSSKiller Results, sorry it took so long. I thought it would email me when someone replied. I'll post the other logs in a few...

23:14:12.0047 5664 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
23:14:12.0656 5664 ============================================================
23:14:12.0656 5664 Current date / time: 2012/08/05 23:14:12.0656
23:14:12.0656 5664 SystemInfo:
23:14:12.0656 5664
23:14:12.0656 5664 OS Version: 6.1.7601 ServicePack: 1.0
23:14:12.0656 5664 Product type: Workstation
23:14:12.0656 5664 ComputerName: FAIN-PC
23:14:12.0656 5664 UserName: Fain
23:14:12.0656 5664 Windows directory: C:\Windows
23:14:12.0656 5664 System windows directory: C:\Windows
23:14:12.0656 5664 Running under WOW64
23:14:12.0656 5664 Processor architecture: Intel x64
23:14:12.0656 5664 Number of processors: 2
23:14:12.0656 5664 Page size: 0x1000
23:14:12.0656 5664 Boot type: Normal boot
23:14:12.0656 5664 ============================================================
23:14:13.0186 5664 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:14:13.0233 5664 Drive \Device\Harddisk1\DR1 - Size: 0x1DDC00000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:14:13.0249 5664 ============================================================
23:14:13.0249 5664 \Device\Harddisk0\DR0:
23:14:13.0249 5664 MBR partitions:
23:14:13.0249 5664 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
23:14:13.0249 5664 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
23:14:13.0249 5664 \Device\Harddisk1\DR1:
23:14:13.0249 5664 MBR partitions:
23:14:13.0249 5664 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xEEC080
23:14:13.0249 5664 ============================================================
23:14:13.0295 5664 C: <-> \Device\Harddisk0\DR0\Partition1
23:14:13.0295 5664 ============================================================
23:14:13.0295 5664 Initialize success
23:14:13.0295 5664 ============================================================
23:14:20.0097 6172 ============================================================
23:14:20.0097 6172 Scan started
23:14:20.0097 6172 Mode: Manual; TDLFS;
23:14:20.0097 6172 ============================================================
23:14:20.0581 6172 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:14:20.0596 6172 1394ohci - ok
23:14:20.0643 6172 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:14:20.0659 6172 ACPI - ok
23:14:20.0705 6172 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:14:20.0705 6172 AcpiPmi - ok
23:14:20.0861 6172 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:14:20.0877 6172 AdobeFlashPlayerUpdateSvc - ok
23:14:20.0971 6172 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:14:20.0986 6172 adp94xx - ok
23:14:21.0049 6172 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:14:21.0064 6172 adpahci - ok
23:14:21.0127 6172 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:14:21.0142 6172 adpu320 - ok
23:14:21.0189 6172 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:14:21.0189 6172 AeLookupSvc - ok
23:14:21.0298 6172 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:14:21.0329 6172 AFD - ok
23:14:21.0548 6172 AffinegyService (7f1130830b3ba85921519a5616e29803) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
23:14:21.0563 6172 AffinegyService - ok
23:14:21.0610 6172 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:14:21.0610 6172 agp440 - ok
23:14:21.0641 6172 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:14:21.0657 6172 ALG - ok
23:14:21.0688 6172 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:14:21.0688 6172 aliide - ok
23:14:21.0704 6172 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:14:21.0704 6172 amdide - ok
23:14:21.0751 6172 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:14:21.0751 6172 AmdK8 - ok
23:14:21.0766 6172 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:14:21.0782 6172 AmdPPM - ok
23:14:21.0844 6172 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:14:21.0860 6172 amdsata - ok
23:14:21.0907 6172 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:14:21.0907 6172 amdsbs - ok
23:14:21.0922 6172 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:14:21.0938 6172 amdxata - ok
23:14:21.0985 6172 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:14:21.0985 6172 AppID - ok
23:14:22.0016 6172 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:14:22.0016 6172 AppIDSvc - ok
23:14:22.0063 6172 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
23:14:22.0063 6172 Appinfo - ok
23:14:22.0203 6172 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:14:22.0203 6172 Apple Mobile Device - ok
23:14:22.0281 6172 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:14:22.0297 6172 arc - ok
23:14:22.0328 6172 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:14:22.0343 6172 arcsas - ok
23:14:22.0390 6172 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
23:14:22.0406 6172 aswFsBlk - ok
23:14:22.0453 6172 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
23:14:22.0453 6172 aswMonFlt - ok
23:14:22.0499 6172 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
23:14:22.0499 6172 aswRdr - ok
23:14:22.0640 6172 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
23:14:22.0671 6172 aswSnx - ok
23:14:22.0749 6172 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
23:14:22.0780 6172 aswSP - ok
23:14:22.0827 6172 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
23:14:22.0827 6172 aswTdi - ok
23:14:22.0874 6172 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:14:22.0889 6172 AsyncMac - ok
23:14:22.0936 6172 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:14:22.0936 6172 atapi - ok
23:14:23.0030 6172 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:14:23.0030 6172 AudioEndpointBuilder - ok
23:14:23.0045 6172 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:14:23.0061 6172 AudioSrv - ok
23:14:23.0186 6172 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:14:23.0186 6172 avast! Antivirus - ok
23:14:23.0248 6172 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
23:14:23.0264 6172 AxInstSV - ok
23:14:23.0342 6172 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:14:23.0373 6172 b06bdrv - ok
23:14:23.0451 6172 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:14:23.0482 6172 b57nd60a - ok
23:14:23.0545 6172 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
23:14:23.0545 6172 BCM42RLY - ok
23:14:24.0106 6172 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
23:14:24.0184 6172 BCM43XX - ok
23:14:24.0356 6172 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:14:24.0403 6172 BDESVC - ok
23:14:24.0465 6172 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:14:24.0465 6172 Beep - ok
23:14:24.0590 6172 Belkin Local Backup Service (299e54db3638a18e47bd3a2d2ef499f7) C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
23:14:24.0590 6172 Belkin Local Backup Service - ok
23:14:24.0652 6172 Belkin Network USB Helper (e62a04d615a8cac83601e1f07c010d3c) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
23:14:24.0668 6172 Belkin Network USB Helper - ok
23:14:24.0871 6172 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
23:14:24.0886 6172 BFE - ok
23:14:24.0995 6172 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
23:14:24.0995 6172 BITS - ok
23:14:25.0089 6172 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:14:25.0089 6172 blbdrive - ok
23:14:25.0149 6172 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:14:25.0151 6172 bowser - ok
23:14:25.0167 6172 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:14:25.0169 6172 BrFiltLo - ok
23:14:25.0182 6172 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:14:25.0184 6172 BrFiltUp - ok
23:14:25.0223 6172 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
23:14:25.0226 6172 BridgeMP - ok
23:14:25.0269 6172 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
23:14:25.0285 6172 Browser - ok
23:14:25.0342 6172 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:14:25.0367 6172 Brserid - ok
23:14:25.0393 6172 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:14:25.0395 6172 BrSerWdm - ok
23:14:25.0414 6172 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:14:25.0416 6172 BrUsbMdm - ok
23:14:25.0426 6172 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:14:25.0428 6172 BrUsbSer - ok
23:14:25.0451 6172 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:14:25.0454 6172 BTHMODEM - ok
23:14:25.0515 6172 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:14:25.0531 6172 bthserv - ok
23:14:25.0551 6172 catchme - ok
23:14:25.0576 6172 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:14:25.0579 6172 cdfs - ok
23:14:25.0651 6172 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
23:14:25.0663 6172 cdrom - ok
23:14:25.0721 6172 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:14:25.0724 6172 CertPropSvc - ok
23:14:25.0774 6172 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:14:25.0777 6172 circlass - ok
23:14:25.0839 6172 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:14:25.0845 6172 CLFS - ok
23:14:25.0934 6172 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:14:25.0941 6172 clr_optimization_v2.0.50727_32 - ok
23:14:26.0017 6172 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:14:26.0033 6172 clr_optimization_v2.0.50727_64 - ok
23:14:26.0134 6172 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:14:26.0134 6172 clr_optimization_v4.0.30319_32 - ok
23:14:26.0192 6172 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:14:26.0196 6172 clr_optimization_v4.0.30319_64 - ok
23:14:26.0229 6172 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:14:26.0231 6172 CmBatt - ok
23:14:26.0271 6172 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:14:26.0273 6172 cmdide - ok
23:14:26.0347 6172 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
23:14:26.0355 6172 CNG - ok
23:14:26.0409 6172 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:14:26.0411 6172 Compbatt - ok
23:14:26.0474 6172 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:14:26.0476 6172 CompositeBus - ok
23:14:26.0493 6172 COMSysApp - ok
23:14:26.0517 6172 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:14:26.0519 6172 crcdisk - ok
23:14:26.0640 6172 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
23:14:26.0644 6172 Creative ALchemy AL6 Licensing Service - ok
23:14:26.0687 6172 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
23:14:26.0693 6172 Creative Audio Engine Licensing Service - ok
23:14:26.0765 6172 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
23:14:26.0768 6172 CryptSvc - ok
23:14:26.0856 6172 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
23:14:26.0862 6172 CTAudSvcService - ok
23:14:26.0930 6172 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
23:14:26.0939 6172 CtClsFlt - ok
23:14:27.0041 6172 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:14:27.0052 6172 DcomLaunch - ok
23:14:27.0124 6172 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:14:27.0129 6172 defragsvc - ok
23:14:27.0194 6172 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:14:27.0194 6172 DfsC - ok
23:14:27.0282 6172 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
23:14:27.0337 6172 Dhcp - ok
23:14:27.0390 6172 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:14:27.0393 6172 discache - ok
23:14:27.0425 6172 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:14:27.0428 6172 Disk - ok
23:14:27.0510 6172 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
23:14:27.0540 6172 Dnscache - ok
23:14:27.0639 6172 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
23:14:27.0641 6172 DockLoginService - ok
23:14:27.0712 6172 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
23:14:27.0749 6172 dot3svc - ok
23:14:27.0804 6172 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
23:14:27.0808 6172 DPS - ok
23:14:27.0875 6172 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:14:27.0877 6172 drmkaud - ok
23:14:28.0038 6172 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:14:28.0115 6172 DXGKrnl - ok
23:14:28.0182 6172 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:14:28.0195 6172 EapHost - ok
23:14:28.0535 6172 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:14:28.0588 6172 ebdrv - ok
23:14:28.0740 6172 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
23:14:28.0743 6172 EFS - ok
23:14:28.0886 6172 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
23:14:28.0900 6172 ehRecvr - ok
23:14:28.0936 6172 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:14:28.0950 6172 ehSched - ok
23:14:29.0060 6172 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:14:29.0074 6172 elxstor - ok
23:14:29.0103 6172 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:14:29.0105 6172 ErrDev - ok
23:14:29.0193 6172 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:14:29.0208 6172 EventSystem - ok
23:14:29.0241 6172 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:14:29.0248 6172 exfat - ok
23:14:29.0281 6172 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:14:29.0289 6172 fastfat - ok
23:14:29.0411 6172 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
23:14:29.0425 6172 Fax - ok
23:14:29.0512 6172 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:14:29.0515 6172 fdc - ok
23:14:29.0551 6172 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:14:29.0554 6172 fdPHost - ok
23:14:29.0568 6172 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:14:29.0571 6172 FDResPub - ok
23:14:29.0588 6172 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:14:29.0591 6172 FileInfo - ok
23:14:29.0602 6172 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:14:29.0604 6172 Filetrace - ok
23:14:29.0616 6172 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:14:29.0619 6172 flpydisk - ok
23:14:29.0687 6172 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:14:29.0698 6172 FltMgr - ok
23:14:29.0865 6172 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
23:14:29.0959 6172 FontCache - ok
23:14:30.0089 6172 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:14:30.0092 6172 FontCache3.0.0.0 - ok
23:14:30.0135 6172 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:14:30.0137 6172 FsDepends - ok
23:14:30.0178 6172 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
23:14:30.0180 6172 Fs_Rec - ok
23:14:30.0247 6172 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:14:30.0299 6172 fvevol - ok
23:14:30.0331 6172 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:14:30.0334 6172 gagp30kx - ok
23:14:30.0390 6172 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:14:30.0393 6172 GEARAspiWDM - ok
23:14:30.0507 6172 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
23:14:30.0509 6172 GoToAssist - ok
23:14:30.0630 6172 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
23:14:30.0647 6172 gpsvc - ok
23:14:30.0796 6172 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:14:30.0799 6172 gupdate - ok
23:14:30.0817 6172 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:14:30.0819 6172 gupdatem - ok
23:14:30.0864 6172 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:14:30.0875 6172 gusvc - ok
23:14:30.0898 6172 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:14:30.0900 6172 hcw85cir - ok
23:14:30.0961 6172 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:14:30.0964 6172 HDAudBus - ok
23:14:30.0981 6172 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:14:30.0983 6172 HidBatt - ok
23:14:31.0004 6172 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:14:31.0020 6172 HidBth - ok
23:14:31.0033 6172 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:14:31.0036 6172 HidIr - ok
23:14:31.0071 6172 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
23:14:31.0074 6172 hidserv - ok
23:14:31.0111 6172 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
23:14:31.0113 6172 HidUsb - ok
23:14:31.0157 6172 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
23:14:31.0174 6172 hkmsvc - ok
23:14:31.0236 6172 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
23:14:31.0252 6172 HomeGroupListener - ok
23:14:31.0305 6172 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
23:14:31.0325 6172 HomeGroupProvider - ok
23:14:31.0356 6172 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:14:31.0359 6172 HpSAMD - ok
23:14:31.0482 6172 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:14:31.0504 6172 HTTP - ok
23:14:31.0541 6172 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:14:31.0542 6172 hwpolicy - ok
23:14:31.0576 6172 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:14:31.0579 6172 i8042prt - ok
23:14:31.0691 6172 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
23:14:31.0710 6172 IAANTMON - ok
23:14:31.0799 6172 iaStor (4f6fb2cdbdeefc47e7d2066e78254580) C:\Windows\system32\DRIVERS\iaStor.sys
23:14:31.0805 6172 iaStor - ok
23:14:31.0914 6172 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:14:31.0937 6172 iaStorV - ok
23:14:32.0053 6172 IBUpdaterService (2fa1bee0891fb9f3a0c2ed31b882f184) C:\ProgramData\IBUpdaterService\ibsvc.exe
23:14:32.0068 6172 IBUpdaterService - ok
23:14:32.0274 6172 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:14:32.0303 6172 idsvc - ok
23:14:33.0163 6172 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
23:14:33.0308 6172 igfx - ok
23:14:33.0481 6172 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:14:33.0484 6172 iirsp - ok
23:14:33.0611 6172 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
23:14:33.0640 6172 IKEEXT - ok
23:14:33.0681 6172 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:14:33.0684 6172 intelide - ok
23:14:33.0710 6172 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:14:33.0713 6172 intelppm - ok
23:14:33.0751 6172 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:14:33.0767 6172 IPBusEnum - ok
23:14:33.0825 6172 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:14:33.0828 6172 IpFilterDriver - ok
23:14:33.0945 6172 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
23:14:33.0978 6172 iphlpsvc - ok
23:14:34.0025 6172 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:14:34.0030 6172 IPMIDRV - ok
23:14:34.0056 6172 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:14:34.0070 6172 IPNAT - ok
23:14:34.0233 6172 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
23:14:34.0266 6172 iPod Service - ok
23:14:34.0290 6172 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:14:34.0293 6172 IRENUM - ok
23:14:34.0330 6172 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:14:34.0332 6172 isapnp - ok
23:14:34.0390 6172 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:14:34.0404 6172 iScsiPrt - ok
23:14:34.0431 6172 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
23:14:34.0434 6172 kbdclass - ok
23:14:34.0473 6172 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
23:14:34.0475 6172 kbdhid - ok
23:14:34.0511 6172 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:14:34.0514 6172 KeyIso - ok
23:14:34.0549 6172 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
23:14:34.0565 6172 KSecDD - ok
23:14:34.0580 6172 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
23:14:34.0584 6172 KSecPkg - ok
23:14:34.0626 6172 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:14:34.0628 6172 ksthunk - ok
23:14:34.0681 6172 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:14:34.0701 6172 KtmRm - ok
23:14:34.0769 6172 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
23:14:34.0786 6172 LanmanServer - ok
23:14:34.0828 6172 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
23:14:34.0842 6172 LanmanWorkstation - ok
23:14:34.0884 6172 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:14:34.0946 6172 lltdio - ok
23:14:34.0998 6172 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:14:35.0010 6172 lltdsvc - ok
23:14:35.0031 6172 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:14:35.0034 6172 lmhosts - ok
23:14:35.0075 6172 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:14:35.0088 6172 LSI_FC - ok
23:14:35.0134 6172 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:14:35.0150 6172 LSI_SAS - ok
23:14:35.0178 6172 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:14:35.0181 6172 LSI_SAS2 - ok
23:14:35.0209 6172 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:14:35.0224 6172 LSI_SCSI - ok
23:14:35.0259 6172 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:14:35.0273 6172 luafv - ok
23:14:35.0314 6172 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
23:14:35.0330 6172 Mcx2Svc - ok
23:14:35.0367 6172 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:14:35.0369 6172 megasas - ok
23:14:35.0412 6172 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:14:35.0435 6172 MegaSR - ok
23:14:35.0475 6172 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:14:35.0481 6172 MMCSS - ok
23:14:35.0503 6172 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:14:35.0506 6172 Modem - ok
23:14:35.0532 6172 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:14:35.0534 6172 monitor - ok
23:14:35.0585 6172 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
23:14:35.0588 6172 mouclass - ok
23:14:35.0632 6172 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:14:35.0634 6172 mouhid - ok
23:14:35.0683 6172 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:14:35.0698 6172 mountmgr - ok
23:14:35.0747 6172 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:14:35.0759 6172 mpio - ok
23:14:35.0783 6172 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:14:35.0790 6172 mpsdrv - ok
23:14:35.0912 6172 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
23:14:35.0922 6172 MpsSvc - ok
23:14:35.0971 6172 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:14:35.0983 6172 MRxDAV - ok
23:14:36.0013 6172 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:14:36.0024 6172 mrxsmb - ok
23:14:36.0085 6172 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:14:36.0097 6172 mrxsmb10 - ok
23:14:36.0120 6172 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:14:36.0133 6172 mrxsmb20 - ok
23:14:36.0163 6172 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:14:36.0166 6172 msahci - ok
23:14:36.0221 6172 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:14:36.0233 6172 msdsm - ok
23:14:36.0279 6172 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:14:36.0293 6172 MSDTC - ok
23:14:36.0340 6172 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:14:36.0342 6172 Msfs - ok
23:14:36.0352 6172 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:14:36.0354 6172 mshidkmdf - ok
23:14:36.0369 6172 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:14:36.0371 6172 msisadrv - ok
23:14:36.0424 6172 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:14:36.0435 6172 MSiSCSI - ok
23:14:36.0441 6172 msiserver - ok
23:14:36.0475 6172 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:14:36.0477 6172 MSKSSRV - ok
23:14:36.0510 6172 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:14:36.0512 6172 MSPCLOCK - ok
23:14:36.0531 6172 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:14:36.0533 6172 MSPQM - ok
23:14:36.0605 6172 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:14:36.0622 6172 MsRPC - ok
23:14:36.0671 6172 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:14:36.0673 6172 mssmbios - ok
23:14:36.0684 6172 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:14:36.0686 6172 MSTEE - ok
23:14:36.0698 6172 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:14:36.0700 6172 MTConfig - ok
23:14:36.0729 6172 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:14:36.0732 6172 Mup - ok
23:14:36.0803 6172 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
23:14:36.0824 6172 napagent - ok
23:14:36.0884 6172 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:14:36.0949 6172 NativeWifiP - ok
23:14:37.0068 6172 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:14:37.0083 6172 NDIS - ok
23:14:37.0115 6172 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:14:37.0115 6172 NdisCap - ok
23:14:37.0146 6172 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:14:37.0146 6172 NdisTapi - ok
23:14:37.0193 6172 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:14:37.0193 6172 Ndisuio - ok
23:14:37.0255 6172 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:14:37.0255 6172 NdisWan - ok
23:14:37.0317 6172 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:14:37.0317 6172 NDProxy - ok
23:14:37.0349 6172 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:14:37.0349 6172 NetBIOS - ok
23:14:37.0411 6172 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:14:37.0458 6172 NetBT - ok
23:14:37.0489 6172 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:14:37.0489 6172 Netlogon - ok
23:14:37.0567 6172 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:14:37.0583 6172 Netman - ok
23:14:37.0645 6172 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:14:37.0661 6172 netprofm - ok
23:14:37.0770 6172 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:14:37.0785 6172 NetTcpPortSharing - ok
23:14:37.0832 6172 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:14:37.0848 6172 nfrd960 - ok
23:14:37.0910 6172 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
23:14:37.0926 6172 NlaSvc - ok
23:14:37.0941 6172 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:14:37.0941 6172 Npfs - ok
23:14:38.0019 6172 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:14:38.0019 6172 nsi - ok
23:14:38.0035 6172 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:14:38.0051 6172 nsiproxy - ok
23:14:38.0238 6172 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:14:38.0269 6172 Ntfs - ok
23:14:38.0409 6172 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:14:38.0409 6172 Null - ok
23:14:38.0472 6172 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:14:38.0487 6172 nvraid - ok
23:14:38.0519 6172 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:14:38.0519 6172 nvstor - ok
23:14:38.0565 6172 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:14:38.0581 6172 nv_agp - ok
23:14:38.0753 6172 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:14:38.0768 6172 odserv - ok
23:14:38.0815 6172 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:14:38.0831 6172 ohci1394 - ok
23:14:38.0862 6172 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:14:38.0877 6172 ose - ok
23:14:38.0940 6172 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:14:38.0987 6172 p2pimsvc - ok
23:14:39.0049 6172 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:14:39.0065 6172 p2psvc - ok
23:14:39.0096 6172 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:14:39.0111 6172 Parport - ok
23:14:39.0158 6172 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
23:14:39.0174 6172 partmgr - ok
23:14:39.0205 6172 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:14:39.0205 6172 PcaSvc - ok
23:14:39.0267 6172 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:14:39.0267 6172 pci - ok
23:14:39.0299 6172 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:14:39.0299 6172 pciide - ok
23:14:39.0330 6172 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:14:39.0345 6172 pcmcia - ok
23:14:39.0361 6172 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:14:39.0361 6172 pcw - ok
23:14:39.0439 6172 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:14:39.0455 6172 PEAUTH - ok
23:14:39.0548 6172 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:14:39.0548 6172 PerfHost - ok
23:14:39.0751 6172 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
23:14:39.0782 6172 pla - ok
23:14:39.0891 6172 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
23:14:39.0907 6172 PlugPlay - ok
23:14:39.0938 6172 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:14:39.0938 6172 PNRPAutoReg - ok
23:14:39.0985 6172 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:14:39.0985 6172 PNRPsvc - ok
23:14:40.0079 6172 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
23:14:40.0094 6172 PolicyAgent - ok
23:14:40.0141 6172 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:14:40.0141 6172 Power - ok
23:14:40.0235 6172 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:14:40.0250 6172 PptpMiniport - ok
23:14:40.0281 6172 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:14:40.0281 6172 Processor - ok
23:14:40.0344 6172 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
23:14:40.0359 6172 ProfSvc - ok
23:14:40.0391 6172 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:14:40.0391 6172 ProtectedStorage - ok
23:14:40.0453 6172 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:14:40.0469 6172 Psched - ok
23:14:40.0500 6172 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
23:14:40.0500 6172 PxHlpa64 - ok
23:14:40.0656 6172 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:14:40.0687 6172 ql2300 - ok
23:14:40.0874 6172 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:14:40.0874 6172 ql40xx - ok
23:14:40.0983 6172 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:14:40.0999 6172 QWAVE - ok
23:14:41.0015 6172 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:14:41.0015 6172 QWAVEdrv - ok
23:14:41.0030 6172 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:14:41.0030 6172 RasAcd - ok
23:14:41.0077 6172 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:14:41.0093 6172 RasAgileVpn - ok
23:14:41.0108 6172 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:14:41.0124 6172 RasAuto - ok
23:14:41.0171 6172 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:14:41.0171 6172 Rasl2tp - ok
23:14:41.0233 6172 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
23:14:41.0249 6172 RasMan - ok
23:14:41.0280 6172 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:14:41.0295 6172 RasPppoe - ok
23:14:41.0327 6172 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:14:41.0327 6172 RasSstp - ok
23:14:41.0405 6172 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:14:41.0405 6172 rdbss - ok
23:14:41.0420 6172 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:14:41.0420 6172 rdpbus - ok
23:14:41.0436 6172 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:14:41.0436 6172 RDPCDD - ok
23:14:41.0467 6172 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:14:41.0467 6172 RDPENCDD - ok
23:14:41.0483 6172 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:14:41.0483 6172 RDPREFMP - ok
23:14:41.0545 6172 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
23:14:41.0561 6172 RDPWD - ok
23:14:41.0639 6172 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:14:41.0654 6172 rdyboost - ok
23:14:41.0685 6172 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:14:41.0701 6172 RemoteAccess - ok
23:14:41.0748 6172 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:14:41.0763 6172 RemoteRegistry - ok
23:14:41.0779 6172 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:14:41.0795 6172 RpcEptMapper - ok
23:14:41.0841 6172 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:14:41.0841 6172 RpcLocator - ok
23:14:41.0951 6172 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:14:41.0951 6172 RpcSs - ok
23:14:41.0997 6172 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:14:42.0013 6172 rspndr - ok
23:14:42.0075 6172 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
23:14:42.0091 6172 RSUSBSTOR - ok
23:14:42.0122 6172 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:14:42.0138 6172 SamSs - ok
23:14:42.0185 6172 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:14:42.0185 6172 sbp2port - ok
23:14:42.0247 6172 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:14:42.0263 6172 SCardSvr - ok
23:14:42.0309 6172 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:14:42.0309 6172 scfilter - ok
23:14:42.0434 6172 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
23:14:42.0465 6172 Schedule - ok
23:14:42.0528 6172 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:14:42.0528 6172 SCPolicySvc - ok
23:14:42.0575 6172 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
23:14:42.0590 6172 SDRSVC - ok
23:14:42.0715 6172 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23:14:42.0731 6172 SeaPort - ok
23:14:42.0824 6172 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:14:42.0824 6172 secdrv - ok
23:14:42.0871 6172 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
23:14:42.0871 6172 seclogon - ok
23:14:42.0902 6172 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
23:14:42.0902 6172 SENS - ok
23:14:42.0918 6172 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:14:42.0918 6172 SensrSvc - ok
23:14:42.0949 6172 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:14:42.0949 6172 Serenum - ok
23:14:42.0980 6172 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:14:42.0996 6172 Serial - ok
23:14:43.0027 6172 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:14:43.0027 6172 sermouse - ok
23:14:43.0105 6172 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
23:14:43.0121 6172 SessionEnv - ok
23:14:43.0152 6172 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:14:43.0152 6172 sffdisk - ok
23:14:43.0152 6172 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:14:43.0167 6172 sffp_mmc - ok
23:14:43.0167 6172 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:14:43.0167 6172 sffp_sd - ok
23:14:43.0183 6172 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:14:43.0183 6172 sfloppy - ok
23:14:43.0323 6172 SftService (38f88f0df46c4d42125ef721abd7f6b9) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
23:14:43.0339 6172 SftService - ok
23:14:43.0401 6172 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:14:43.0417 6172 SharedAccess - ok
23:14:43.0495 6172 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
23:14:43.0511 6172 ShellHWDetection - ok
23:14:43.0589 6172 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:14:43.0604 6172 SiSRaid2 - ok
23:14:43.0620 6172 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:14:43.0620 6172 SiSRaid4 - ok
23:14:43.0667 6172 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:14:43.0682 6172 Smb - ok
23:14:43.0729 6172 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:14:43.0745 6172 SNMPTRAP - ok
23:14:43.0838 6172 Sound Blaster X-Fi MB Licensing Service (9b24dca429f819db314f30ee4c6c80fd) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
23:14:43.0838 6172 Sound Blaster X-Fi MB Licensing Service - ok
23:14:43.0869 6172 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:14:43.0869 6172 spldr - ok
23:14:43.0979 6172 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
23:14:44.0010 6172 Spooler - ok
23:14:44.0384 6172 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
23:14:44.0447 6172 sppsvc - ok
23:14:44.0603 6172 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:14:44.0603 6172 sppuinotify - ok
23:14:44.0727 6172 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
23:14:44.0727 6172 sprtsvc_DellSupportCenter - ok
23:14:44.0805 6172 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:14:44.0821 6172 srv - ok
23:14:44.0915 6172 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:14:44.0946 6172 srv2 - ok
23:14:44.0985 6172 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:14:44.0995 6172 srvnet - ok
23:14:45.0054 6172 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:14:45.0073 6172 SSDPSRV - ok
23:14:45.0091 6172 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:14:45.0110 6172 SstpSvc - ok
23:14:45.0253 6172 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
23:14:45.0269 6172 STacSV - ok
23:14:45.0299 6172 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:14:45.0302 6172 stexstor - ok
23:14:45.0373 6172 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
23:14:45.0418 6172 STHDA - ok
23:14:45.0509 6172 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
23:14:45.0532 6172 stisvc - ok
23:14:45.0565 6172 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:14:45.0567 6172 swenum - ok
23:14:45.0638 6172 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:14:45.0657 6172 swprv - ok
23:14:45.0736 6172 sxuptp (52eb25bd8ab4e331028c48b178441b36) C:\Windows\system32\DRIVERS\sxuptp.sys
23:14:45.0749 6172 sxuptp - ok
23:14:45.0820 6172 SynTP (3178b56219e0e4fb5f95299e49b83b44) C:\Windows\system32\DRIVERS\SynTP.sys
23:14:45.0833 6172 SynTP - ok
23:14:46.0082 6172 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
23:14:46.0117 6172 SysMain - ok
23:14:46.0268 6172 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
23:14:46.0284 6172 TabletInputService - ok
23:14:46.0347 6172 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
23:14:46.0368 6172 TapiSrv - ok
23:14:46.0401 6172 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:14:46.0419 6172 TBS - ok
23:14:46.0634 6172 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
23:14:46.0673 6172 Tcpip - ok
23:14:46.0998 6172 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
23:14:47.0017 6172 TCPIP6 - ok
23:14:47.0132 6172 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:14:47.0135 6172 tcpipreg - ok
23:14:47.0173 6172 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:14:47.0175 6172 TDPIPE - ok
23:14:47.0207 6172 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
23:14:47.0209 6172 TDTCP - ok
23:14:47.0254 6172 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:14:47.0267 6172 tdx - ok
23:14:47.0311 6172 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:14:47.0317 6172 TermDD - ok
23:14:47.0403 6172 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
23:14:47.0413 6172 TermService - ok
23:14:47.0444 6172 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:14:47.0449 6172 Themes - ok
23:14:47.0492 6172 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:14:47.0495 6172 THREADORDER - ok
23:14:47.0617 6172 TomTomHOMEService (fbd16717fd68b206c4ce3bb3c9ee5cb3) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
23:14:47.0620 6172 TomTomHOMEService - ok
23:14:47.0642 6172 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:14:47.0658 6172 TrkWks - ok
23:14:47.0746 6172 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
23:14:47.0789 6172 TrustedInstaller - ok
23:14:47.0903 6172 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:14:47.0906 6172 tssecsrv - ok
23:14:48.0019 6172 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:14:48.0022 6172 TsUsbFlt - ok
23:14:48.0089 6172 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:14:48.0104 6172 tunnel - ok
23:14:48.0160 6172 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:14:48.0163 6172 uagp35 - ok
23:14:48.0223 6172 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:14:48.0253 6172 udfs - ok
23:14:48.0291 6172 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:14:48.0296 6172 UI0Detect - ok
23:14:48.0344 6172 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:14:48.0347 6172 uliagpkx - ok
23:14:48.0402 6172 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
23:14:48.0405 6172 umbus - ok
23:14:48.0415 6172 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:14:48.0417 6172 UmPass - ok
23:14:48.0469 6172 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:14:48.0478 6172 upnphost - ok
23:14:48.0524 6172 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
23:14:48.0527 6172 USBAAPL64 - ok
23:14:48.0568 6172 usbbus (5fcc71487888589a9244af54cfefab29) C:\Windows\system32\DRIVERS\lgx64bus.sys
23:14:48.0570 6172 usbbus - ok
23:14:48.0609 6172 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:14:48.0624 6172 usbccgp - ok
23:14:48.0683 6172 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:14:48.0698 6172 usbcir - ok
23:14:48.0749 6172 UsbDiag (3fb6e423f7567c92c32ea786f5fd0c69) C:\Windows\system32\DRIVERS\lgx64diag.sys
23:14:48.0752 6172 UsbDiag - ok
23:14:48.0778 6172 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
23:14:48.0781 6172 usbehci - ok
23:14:48.0833 6172 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:14:48.0841 6172 usbhub - ok
23:14:48.0870 6172 USBModem (78d551f5b93488b4666f5fc8dd4815f3) C:\Windows\system32\DRIVERS\lgx64modem.sys
23:14:48.0873 6172 USBModem - ok
23:14:48.0947 6172 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
23:14:48.0949 6172 usbohci - ok
23:14:48.0980 6172 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:14:48.0982 6172 usbprint - ok
23:14:49.0025 6172 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:14:49.0040 6172 USBSTOR - ok
23:14:49.0051 6172 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
23:14:49.0054 6172 usbuhci - ok
23:14:49.0126 6172 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
23:14:49.0135 6172 usbvideo - ok
23:14:49.0163 6172 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:14:49.0168 6172 UxSms - ok
23:14:49.0208 6172 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:14:49.0212 6172 VaultSvc - ok
23:14:49.0234 6172 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:14:49.0237 6172 vdrvroot - ok
23:14:49.0362 6172 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
23:14:49.0385 6172 vds - ok
23:14:49.0417 6172 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:14:49.0420 6172 vga - ok
23:14:49.0441 6172 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:14:49.0444 6172 VgaSave - ok
23:14:49.0473 6172 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:14:49.0489 6172 vhdmp - ok
23:14:49.0520 6172 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:14:49.0520 6172 viaide - ok
23:14:49.0551 6172 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:14:49.0551 6172 volmgr - ok
23:14:49.0614 6172 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:14:49.0629 6172 volmgrx - ok
23:14:49.0676 6172 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:14:49.0692 6172 volsnap - ok
23:14:49.0738 6172 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:14:49.0754 6172 vsmraid - ok
23:14:49.0957 6172 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
23:14:49.0988 6172 VSS - ok
23:14:50.0144 6172 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:14:50.0144 6172 vwifibus - ok
23:14:50.0175 6172 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:14:50.0175 6172 vwififlt - ok
23:14:50.0425 6172 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
23:14:50.0425 6172 vwifimp - ok
23:14:50.0487 6172 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:14:50.0503 6172 W32Time - ok
23:14:50.0534 6172 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:14:50.0534 6172 WacomPen - ok
23:14:50.0643 6172 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:14:50.0659 6172 WANARP - ok
23:14:50.0674 6172 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:14:50.0674 6172 Wanarpv6 - ok
23:14:50.0940 6172 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
23:14:50.0986 6172 WatAdminSvc - ok
23:14:51.0158 6172 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
23:14:51.0189 6172 wbengine - ok
23:14:51.0361 6172 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:14:51.0376 6172 WbioSrvc - ok
23:14:51.0454 6172 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
23:14:51.0470 6172 wcncsvc - ok
23:14:51.0501 6172 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:14:51.0501 6172 WcsPlugInService - ok
23:14:51.0564 6172 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:14:51.0564 6172 Wd - ok
23:14:51.0626 6172 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:14:51.0642 6172 Wdf01000 - ok
23:14:51.0673 6172 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:14:51.0688 6172 WdiServiceHost - ok
23:14:51.0688 6172 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:14:51.0704 6172 WdiSystemHost - ok
23:14:51.0766 6172 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
23:14:51.0782 6172 WebClient - ok
23:14:51.0829 6172 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:14:51.0844 6172 Wecsvc - ok
23:14:51.0860 6172 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:14:51.0876 6172 wercplsupport - ok
23:14:51.0907 6172 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:14:51.0922 6172 WerSvc - ok
23:14:52.0000 6172 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:14:52.0016 6172 WfpLwf - ok
23:14:52.0063 6172 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
23:14:52.0078 6172 WimFltr - ok
23:14:52.0094 6172 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:14:52.0094 6172 WIMMount - ok
23:14:52.0156 6172 WinDefend - ok
23:14:52.0172 6172 WinHttpAutoProxySvc - ok
23:14:52.0266 6172 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:14:52.0281 6172 Winmgmt - ok
23:14:52.0500 6172 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
23:14:52.0546 6172 WinRM - ok
23:14:52.0796 6172 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
23:14:52.0796 6172 WinUsb - ok
23:14:52.0890 6172 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:14:52.0936 6172 Wlansvc - ok
23:14:53.0311 6172 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:14:53.0373 6172 wlidsvc - ok
23:14:53.0420 6172 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
23:14:53.0436 6172 wltrysvc - ok
23:14:53.0607 6172 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:14:53.0607 6172 WmiAcpi - ok
23:14:53.0701 6172 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:14:53.0716 6172 wmiApSrv - ok
23:14:53.0763 6172 WMPNetworkSvc - ok
23:14:53.0810 6172 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:14:53.0810 6172 WPCSvc - ok
23:14:53.0857 6172 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
23:14:53.0872 6172 WPDBusEnum - ok
23:14:53.0904 6172 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:14:53.0904 6172 ws2ifsl - ok
23:14:53.0935 6172 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
23:14:53.0950 6172 wscsvc - ok
23:14:53.0966 6172 WSearch - ok
23:14:54.0200 6172 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
23:14:54.0247 6172 wuauserv - ok
23:14:54.0481 6172 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:14:54.0481 6172 WudfPf - ok
23:14:54.0528 6172 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:14:54.0543 6172 WUDFRd - ok
23:14:54.0590 6172 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
23:14:54.0606 6172 wudfsvc - ok
23:14:54.0652 6172 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:14:54.0668 6172 WwanSvc - ok
23:14:54.0762 6172 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
23:14:54.0777 6172 yukonw7 - ok
23:14:54.0808 6172 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
23:14:55.0276 6172 \Device\Harddisk0\DR0 - ok
23:14:55.0276 6172 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
23:14:55.0432 6172 \Device\Harddisk1\DR1 - ok
23:14:55.0448 6172 Boot (0x1200) (844c807994e1622088c74b59aca5fb41) \Device\Harddisk0\DR0\Partition0
23:14:55.0448 6172 \Device\Harddisk0\DR0\Partition0 - ok
23:14:55.0464 6172 Boot (0x1200) (eea4d12aa54c36c0efde1d90af15ef89) \Device\Harddisk0\DR0\Partition1
23:14:55.0464 6172 \Device\Harddisk0\DR0\Partition1 - ok
23:14:55.0464 6172 Boot (0x1200) (995db864cbfd2bd4d40340f2eb1897a4) \Device\Harddisk1\DR1\Partition0
23:14:55.0464 6172 \Device\Harddisk1\DR1\Partition0 - ok
23:14:55.0464 6172 ============================================================
23:14:55.0464 6172 Scan finished
23:14:55.0464 6172 ============================================================
23:14:55.0495 2864 Detected object count: 0
23:14:55.0495 2864 Actual detected object count: 0
23:15:10.0551 3284 Deinitialize success

#4 xXbelrocXx

xXbelrocXx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 AM

Posted 05 August 2012 - 11:37 PM

Here are the Second scans results.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-05 23:17:25
-----------------------------
23:17:25.655 OS Version: Windows x64 6.1.7601 Service Pack 1
23:17:25.655 Number of processors: 2 586 0x170A
23:17:25.655 ComputerName: FAIN-PC UserName: Fain
23:17:26.342 Initialize success
23:17:27.028 AVAST engine defs: 12080501
23:17:35.764 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:17:35.764 Disk 0 Vendor: WDC_WD25 11.0 Size: 238475MB BusType: 3
23:17:35.795 Disk 0 MBR read successfully
23:17:35.795 Disk 0 MBR scan
23:17:35.811 Disk 0 Windows VISTA default MBR code
23:17:35.827 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
23:17:35.842 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
23:17:35.873 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 223434 MB offset 30801920
23:17:35.936 Disk 0 scanning C:\Windows\system32\drivers
23:17:56.780 Service scanning
23:18:17.886 Modules scanning
23:18:17.886 Disk 0 trace - called modules:
23:18:17.949 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
23:18:17.949 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80025c7060]
23:18:17.964 3 CLASSPNP.SYS[fffff88001a1743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002263050]
23:18:18.869 AVAST engine scan C:\Windows
23:18:31.630 AVAST engine scan C:\Windows\system32
23:21:59.819 AVAST engine scan C:\Windows\system32\drivers
23:22:10.802 AVAST engine scan C:\Users\Fain
23:34:02.009 AVAST engine scan C:\ProgramData
23:35:46.906 Scan finished successfully
23:36:56.642 Disk 0 MBR has been saved successfully to "C:\Users\Fain\Downloads\MBR.dat"
23:36:56.658 The log file has been saved successfully to "C:\Users\Fain\Downloads\aswMBR.txt"

#5 xXbelrocXx

xXbelrocXx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 AM

Posted 06 August 2012 - 08:25 PM

Eset Results.

C:\ProgramData\IBUpdaterService\ibsvc.exe a variant of Win32/InstallBrain.A application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\FunWebProducts\Installr\1.bin\F3EZSETP.DLL.vir a variant of Win32/FunWeb.AA application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\FunWebProducts\Installr\1.bin\F3PLUGIN.DLL.vir Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFUNWEB.DLL.vir Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\FunWebProducts\Installr\setups\mwsbarSp.exe.vir Win32/Toolbar.MyWebSearch.K application cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:23 AM

Posted 06 August 2012 - 11:48 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

Edited by narenxp, 07 August 2012 - 01:47 AM.


#7 xXbelrocXx

xXbelrocXx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 AM

Posted 11 August 2012 - 09:21 AM

MiniToolbox Results


MiniToolBox by Farbar Version: 23-07-2012
Ran by Fain (administrator) on 11-08-2012 at 09:16:59
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Fain-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 70-1A-04-E3-D1-38
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 70-1A-04-E3-D1-38
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cdc0:b6ec:b323:503%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.138(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, August 11, 2012 12:30:53 AM
Lease Expires . . . . . . . . . . : Sunday, August 12, 2012 9:13:25 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 225450500
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-F6-77-C3-A4-BA-DB-9E-78-98
DNS Servers . . . . . . . . . . . : 8.8.8.8
8.8.4.4
97.64.168.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : A4-BA-DB-9E-78-98
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A819203D-FBA0-4491-9762-DA1C40748295}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:1015:354c:52e9:26bb(Preferred)
Link-local IPv6 Address . . . . . : fe80::1015:354c:52e9:26bb%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{80BFCF2E-34EC-490C-9016-7337C401016F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: google.com
Addresses: 2001:4860:400a:800::1006
74.125.225.7
74.125.225.6
74.125.225.2
74.125.225.1
74.125.225.14
74.125.225.5
74.125.225.4
74.125.225.9
74.125.225.0
74.125.225.8
74.125.225.3


Pinging google.com [74.125.225.7] with 32 bytes of data:
Reply from 74.125.225.7: bytes=32 time=36ms TTL=53
Reply from 74.125.225.7: bytes=32 time=34ms TTL=53

Ping statistics for 74.125.225.7:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 34ms, Maximum = 36ms, Average = 35ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=75ms TTL=47
Reply from 209.191.122.70: bytes=32 time=56ms TTL=47

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 56ms, Maximum = 75ms, Average = 65ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...70 1a 04 e3 d1 38 ......Microsoft Virtual WiFi Miniport Adapter
11...70 1a 04 e3 d1 38 ......Dell Wireless 1397 WLAN Mini-Card
10...a4 ba db 9e 78 98 ......Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.138 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.138 281
192.168.1.138 255.255.255.255 On-link 192.168.1.138 281
192.168.1.255 255.255.255.255 On-link 192.168.1.138 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.138 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.138 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 58 ::/0 On-link
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:9d38:953c:1015:354c:52e9:26bb/128
On-link
11 281 fe80::/64 On-link
17 306 fe80::/64 On-link
17 306 fe80::1015:354c:52e9:26bb/128
On-link
11 281 fe80::cdc0:b6ec:b323:503/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/08/2012 00:03:52 AM) (Source: Google Update) (User: Fain-PC)Fain-PC
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (08/07/2012 09:04:06 PM) (Source: Google Update) (User: Fain-PC)Fain-PC
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (08/07/2012 06:03:52 PM) (Source: Google Update) (User: Fain-PC)Fain-PC
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7

Error: (08/05/2012 11:38:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/05/2012 11:37:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/03/2012 06:02:57 PM) (Source: Google Update) (User: Fain-PC)Fain-PC
Description: Network Request Error.
Error: 0x80072efd. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072efd. Ht

Error: (08/02/2012 06:02:06 PM) (Source: Google Update) (User: Fain-PC)Fain-PC
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (08/01/2012 10:25:31 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1ec4

Start Time: 01cd705d62f03f70

Termination Time: 28

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (08/01/2012 10:16:34 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1460

Start Time: 01cd705cb8876847

Termination Time: 40

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (08/01/2012 10:12:08 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f50

Start Time: 01cd705c53179ef0

Termination Time: 29

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:


System errors:
=============
Error: (08/10/2012 10:55:41 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (08/03/2012 08:56:14 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (08/03/2012 08:56:14 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (08/03/2012 07:52:11 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\Fain\AppData\Local\Temp\OnlineScanner\Anti-Virus\f has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/03/2012 07:19:15 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (08/03/2012 07:19:15 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (08/03/2012 07:02:57 PM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%31

Error: (08/03/2012 07:01:36 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (08/03/2012 07:01:36 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (08/03/2012 07:01:26 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 4.57
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Reader 9.5.1 (Version: 9.5.1)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 7.0.1456.0)
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center (Version: 1.1.2)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 2.31)
Dell DataSafe Local Backup (Version: 9.4.51)
Dell DataSafe Online (Version: 1.2.0009)
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Touchpad (Version: 13.2.3.0)
Dell Webcam Central (Version: 1.40.05)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
Facebook Plug-In
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Google Chrome (Version: 21.0.1180.75)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
GoToAssist 8.0.0.514
HijackThis 1.99.1 (Version: 1.99.1)
Intel® Graphics Media Accelerator Driver
Intel® Rapid Storage Technology (Version: 10.5.0.1029)
Intel® Matrix Storage Manager
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 17 (64-bit) (Version: 6.0.170)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
LG USB Modem driver
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 1.2.1)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Panda Cloud Cleaner (Version: 1.0.23)
PC Optimizer Pro (Version: 6.1.5.6)
Picasa 3 (Version: 3.8)
PowerDVD DX (Version: 8.3.5424)
Quickset64 (Version: 9.6.6)
QuickTime (Version: 7.71.80.42)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.5)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Burn (Version: 1.01)
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701)
Skype Toolbars (Version: 5.0.4126)
Skype™ 5.0 (Version: 5.0.152)
Sound Blaster X-Fi MB (Version: 1.0)
TomTom HOME 2.7.3.1894 (Version: 2.7.3.1894)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Updater Service (Version: 14,1,1,3)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 63%
Total physical RAM: 2008.36 MB
Available physical RAM: 739.46 MB
Total Pagefile: 4016.73 MB
Available Pagefile: 2277.99 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.53 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:151.67 GB) NTFS

========================= Users: ========================================

User accounts for \\PC_NAME

Administrator Fain Guest


**** End of log ***

#8 xXbelrocXx

xXbelrocXx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 AM

Posted 11 August 2012 - 09:25 AM

FSS Results

Farbar Service Scanner Version: 06-08-2012
Ran by CurrentUser (administrator) on 11-08-2012 at 09:23:28
Running from "C:\Users\CurrentUser\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:23 AM

Posted 11 August 2012 - 09:28 AM

Any current issues? You dont have any MBR rootkits

MBAM and adware cleaner logs?

Edited by narenxp, 11 August 2012 - 09:29 AM.


#10 xXbelrocXx

xXbelrocXx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 AM

Posted 11 August 2012 - 09:32 AM

Adware Cleaner Results


# AdwCleaner v1.800 - Logfile created 08/11/2012 at 09:26:28
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : CurrentUser - PCName
# Running from : C:\Users\CurrentUser\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\CurrentUser\AppData\Local\APN
Folder Deleted : C:\Users\CurrentUser\AppData\Roaming\Babylon
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com

***** [Registry] *****

Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\AppDataLow\Software\RewardsArcade
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.75

File : C:\Users\CurrentUser\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "homepage": "hxxp://search.babylon.com/?affID=114066&babsrc=HP_ss&mntrId=e4b405630000000000007[...]
Deleted : "scriptable_host": [ "*://*.ask.com/", "*://*.bagsbuy.com/*", "*://*.childrenschorus.[...]
Deleted : "matches": [ "*://*.google.com/*", "*://*.ask.com/", "*://*.bagsbuy.com/*", "*://*[...]
Deleted : "update_url": "hxxp://apnmedia.ask.com/media/toolbar/supertoolbar/chrome/manifest.php[...]
Deleted : "js": [ "chrome.js", "surfcanyon.js" ],
Deleted : "description": "Find stuff faster on Google, Yahoo! and Bing by digging out search re[...]
Deleted : "update_url": "hxxp://www.surfcanyon.com/chrome_update.xml",
Deleted : "description": "The fastest way to search the web.",
Deleted : "default_icon": "browser_icon_babylon48.png",
Deleted : "default_title": "Babylon Toolbar"
Deleted : "description": "Babylon ToolBar",
Deleted : "128": "babylon48.png",
Deleted : "48": "babylon48.png"
Deleted : "name": "Babylon Toolbar",
Deleted : "path": "BabylonChromeToolBar.dll",
Deleted : "update_url": "hxxp://img.babylon.com/ext/chrome/update/update1.xml",
Deleted : "www.imesh.com": -1.0,

*************************

AdwCleaner[S1].txt - [8544 octets] - [11/08/2012 09:26:28]

########## EOF - C:\AdwCleaner[S1].txt - [8672 octets] ##########

#11 xXbelrocXx

xXbelrocXx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 AM

Posted 11 August 2012 - 09:34 AM

Again sorry it took me so long to reply. My internet was down, then a vehicle took the internet line down. Not been an enjoyable week.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:23 AM

Posted 11 August 2012 - 09:34 AM

No problem

Any current issues? You dont have any MBR rootkits


?

#13 xXbelrocXx

xXbelrocXx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 AM

Posted 11 August 2012 - 09:50 AM

It seems stable right now, but it always would be when I finish with it. It would be okay or a few days or weeks and then it would start pulling some shenanigans, like Adobe Flash Player wouldn't load on facebook, and the random applications, that she claims to not have installed. So I probably won't know for a few days. I was just curious because one scan stated that the Partition was controlled by a RootKit. I know they are difficult to detect with just you standard AV. I'll call it done for now and if it happens again, I'll post another forum.

Thanks for your assistance.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:23 AM

Posted 11 August 2012 - 10:00 AM

That looks like a good idea

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users