Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop Up Ad Appearing At The Bottom Right Hand Corner Of The Browser


  • Please log in to reply
7 replies to this topic

#1 fconig

fconig

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 05 August 2012 - 10:44 PM

I've been reading a bunch of posts on this issue. I'm assuming that each computer is different. Here is what I am currently experiencing:

1) Every time I open up my internet browser using Firefox or Chrome a pop up ad related to the website appears on the bottom right hand corner of the browser. It sometimes shaped as an iPhone or a square box.

2) I also experience with redirects to other websites when I click a link on a website

Edited by fconig, 05 August 2012 - 10:45 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:07 AM

Posted 06 August 2012 - 07:18 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 fconig

fconig
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 07 August 2012 - 12:24 AM

TDSSKILLER

07:26:53.0191 2560 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
07:26:53.0565 2560 ============================================================
07:26:53.0565 2560 Current date / time: 2012/08/06 07:26:53.0565
07:26:53.0565 2560 SystemInfo:
07:26:53.0565 2560
07:26:53.0565 2560 OS Version: 6.1.7601 ServicePack: 1.0
07:26:53.0565 2560 Product type: Workstation
07:26:53.0565 2560 ComputerName: OWNER-PC
07:26:53.0565 2560 UserName: Owner
07:26:53.0565 2560 Windows directory: C:\Windows
07:26:53.0565 2560 System windows directory: C:\Windows
07:26:53.0565 2560 Running under WOW64
07:26:53.0565 2560 Processor architecture: Intel x64
07:26:53.0565 2560 Number of processors: 2
07:26:53.0565 2560 Page size: 0x1000
07:26:53.0565 2560 Boot type: Normal boot
07:26:53.0565 2560 ============================================================
07:26:54.0548 2560 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:26:54.0548 2560 ============================================================
07:26:54.0548 2560 \Device\Harddisk0\DR0:
07:26:54.0548 2560 MBR partitions:
07:26:54.0548 2560 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1D4B800, BlocksNum 0x236E2AB0
07:26:54.0548 2560 ============================================================
07:26:54.0579 2560 C: <-> \Device\Harddisk0\DR0\Partition0
07:26:54.0579 2560 ============================================================
07:26:54.0579 2560 Initialize success
07:26:54.0579 2560 ============================================================
07:26:57.0491 5588 ============================================================
07:26:57.0491 5588 Scan started
07:26:57.0491 5588 Mode: Manual;
07:26:57.0491 5588 ============================================================
07:26:57.0907 5588 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
07:26:57.0911 5588 1394ohci - ok
07:26:57.0939 5588 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
07:26:57.0954 5588 ACPI - ok
07:26:57.0977 5588 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
07:26:57.0979 5588 AcpiPmi - ok
07:26:58.0031 5588 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
07:26:58.0045 5588 adp94xx - ok
07:26:58.0071 5588 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
07:26:58.0088 5588 adpahci - ok
07:26:58.0118 5588 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
07:26:58.0122 5588 adpu320 - ok
07:26:58.0214 5588 ADSMService (c0bf554d2277f7a4c735d475ade2e3b2) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
07:26:58.0219 5588 ADSMService - ok
07:26:58.0242 5588 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
07:26:58.0245 5588 AeLookupSvc - ok
07:26:58.0283 5588 AFBAgent (fb2be0bae9b3f248080cdbf91ef16c7f) C:\Windows\system32\FBAgent.exe
07:26:58.0299 5588 AFBAgent - ok
07:26:58.0380 5588 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
07:26:58.0397 5588 AFD - ok
07:26:58.0450 5588 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
07:26:58.0452 5588 agp440 - ok
07:26:58.0470 5588 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
07:26:58.0473 5588 ALG - ok
07:26:58.0493 5588 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
07:26:58.0495 5588 aliide - ok
07:26:58.0506 5588 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
07:26:58.0509 5588 amdide - ok
07:26:58.0539 5588 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
07:26:58.0542 5588 AmdK8 - ok
07:26:58.0557 5588 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
07:26:58.0559 5588 AmdPPM - ok
07:26:58.0612 5588 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
07:26:58.0615 5588 amdsata - ok
07:26:58.0635 5588 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
07:26:58.0640 5588 amdsbs - ok
07:26:58.0657 5588 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
07:26:58.0658 5588 amdxata - ok
07:26:58.0716 5588 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
07:26:58.0718 5588 AppID - ok
07:26:58.0726 5588 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
07:26:58.0729 5588 AppIDSvc - ok
07:26:58.0779 5588 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
07:26:58.0782 5588 Appinfo - ok
07:26:58.0935 5588 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:26:58.0966 5588 Apple Mobile Device - ok
07:26:59.0005 5588 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
07:26:59.0009 5588 arc - ok
07:26:59.0025 5588 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
07:26:59.0026 5588 arcsas - ok
07:26:59.0042 5588 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
07:26:59.0042 5588 AsDsm - ok
07:26:59.0088 5588 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
07:26:59.0088 5588 ASLDRService - ok
07:26:59.0166 5588 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
07:26:59.0166 5588 ASMMAP64 - ok
07:26:59.0182 5588 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
07:26:59.0182 5588 AsyncMac - ok
07:26:59.0229 5588 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
07:26:59.0229 5588 atapi - ok
07:26:59.0307 5588 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys
07:26:59.0354 5588 athr - ok
07:26:59.0369 5588 ATKGFNEXSrv (7c157574a181b19b9dcf5f339e25337e) C:\Program Files\ATKGFNEX\GFNEXSrv.exe
07:26:59.0369 5588 ATKGFNEXSrv - ok
07:26:59.0494 5588 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:26:59.0525 5588 AudioEndpointBuilder - ok
07:26:59.0541 5588 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:26:59.0541 5588 AudioSrv - ok
07:26:59.0619 5588 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
07:26:59.0619 5588 AxInstSV - ok
07:26:59.0681 5588 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
07:26:59.0697 5588 b06bdrv - ok
07:26:59.0728 5588 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
07:26:59.0744 5588 b57nd60a - ok
07:26:59.0775 5588 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
07:26:59.0775 5588 BDESVC - ok
07:26:59.0796 5588 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
07:26:59.0798 5588 Beep - ok
07:26:59.0902 5588 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
07:26:59.0949 5588 BFE - ok
07:26:59.0998 5588 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
07:27:00.0041 5588 BITS - ok
07:27:00.0090 5588 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
07:27:00.0093 5588 blbdrive - ok
07:27:00.0192 5588 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
07:27:00.0206 5588 Bonjour Service - ok
07:27:00.0257 5588 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
07:27:00.0259 5588 bowser - ok
07:27:00.0278 5588 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:27:00.0281 5588 BrFiltLo - ok
07:27:00.0290 5588 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:27:00.0292 5588 BrFiltUp - ok
07:27:00.0346 5588 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
07:27:00.0349 5588 BridgeMP - ok
07:27:00.0397 5588 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
07:27:00.0401 5588 Browser - ok
07:27:00.0425 5588 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
07:27:00.0440 5588 Brserid - ok
07:27:00.0453 5588 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
07:27:00.0455 5588 BrSerWdm - ok
07:27:00.0465 5588 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
07:27:00.0481 5588 BrUsbMdm - ok
07:27:00.0491 5588 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
07:27:00.0494 5588 BrUsbSer - ok
07:27:00.0522 5588 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
07:27:00.0525 5588 BTHMODEM - ok
07:27:00.0575 5588 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
07:27:00.0578 5588 bthserv - ok
07:27:00.0623 5588 catchme - ok
07:27:00.0646 5588 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
07:27:00.0648 5588 cdfs - ok
07:27:00.0714 5588 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
07:27:00.0718 5588 cdrom - ok
07:27:00.0780 5588 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:27:00.0783 5588 CertPropSvc - ok
07:27:00.0855 5588 CinemaNow Service (98c3dbafbcc4515a6bb422321d187d37) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
07:27:00.0857 5588 CinemaNow Service - ok
07:27:00.0877 5588 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
07:27:00.0880 5588 circlass - ok
07:27:00.0911 5588 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
07:27:00.0927 5588 CLFS - ok
07:27:00.0991 5588 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:27:00.0991 5588 clr_optimization_v2.0.50727_32 - ok
07:27:01.0038 5588 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:27:01.0038 5588 clr_optimization_v2.0.50727_64 - ok
07:27:01.0147 5588 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:27:01.0163 5588 clr_optimization_v4.0.30319_32 - ok
07:27:01.0179 5588 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:27:01.0194 5588 clr_optimization_v4.0.30319_64 - ok
07:27:01.0225 5588 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
07:27:01.0225 5588 CmBatt - ok
07:27:01.0257 5588 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
07:27:01.0272 5588 cmdide - ok
07:27:01.0335 5588 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
07:27:01.0350 5588 CNG - ok
07:27:01.0366 5588 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
07:27:01.0381 5588 Compbatt - ok
07:27:01.0444 5588 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
07:27:01.0444 5588 CompositeBus - ok
07:27:01.0459 5588 COMSysApp - ok
07:27:01.0475 5588 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
07:27:01.0475 5588 crcdisk - ok
07:27:01.0553 5588 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
07:27:01.0553 5588 Creative ALchemy AL6 Licensing Service - ok
07:27:01.0615 5588 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
07:27:01.0631 5588 Creative Audio Engine Licensing Service - ok
07:27:01.0678 5588 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
07:27:01.0693 5588 CryptSvc - ok
07:27:01.0756 5588 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:27:01.0771 5588 DcomLaunch - ok
07:27:01.0803 5588 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
07:27:01.0818 5588 defragsvc - ok
07:27:01.0865 5588 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
07:27:01.0865 5588 DfsC - ok
07:27:01.0912 5588 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
07:27:01.0927 5588 Dhcp - ok
07:27:01.0943 5588 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
07:27:01.0959 5588 discache - ok
07:27:01.0990 5588 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
07:27:01.0990 5588 Disk - ok
07:27:02.0037 5588 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
07:27:02.0052 5588 Dnscache - ok
07:27:02.0099 5588 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
07:27:02.0115 5588 dot3svc - ok
07:27:02.0177 5588 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
07:27:02.0177 5588 DPS - ok
07:27:02.0239 5588 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
07:27:02.0239 5588 drmkaud - ok
07:27:02.0286 5588 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
07:27:02.0333 5588 DXGKrnl - ok
07:27:02.0364 5588 EagleX64 - ok
07:27:02.0411 5588 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
07:27:02.0411 5588 EapHost - ok
07:27:02.0551 5588 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
07:27:02.0645 5588 ebdrv - ok
07:27:02.0739 5588 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
07:27:02.0739 5588 EFS - ok
07:27:02.0832 5588 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
07:27:02.0879 5588 ehRecvr - ok
07:27:02.0910 5588 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
07:27:02.0910 5588 ehSched - ok
07:27:02.0957 5588 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
07:27:02.0988 5588 elxstor - ok
07:27:03.0035 5588 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
07:27:03.0035 5588 ErrDev - ok
07:27:03.0082 5588 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
07:27:03.0082 5588 EventSystem - ok
07:27:03.0113 5588 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
07:27:03.0129 5588 exfat - ok
07:27:03.0144 5588 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
07:27:03.0144 5588 fastfat - ok
07:27:03.0160 5588 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
07:27:03.0160 5588 fdc - ok
07:27:03.0191 5588 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
07:27:03.0191 5588 fdPHost - ok
07:27:03.0207 5588 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
07:27:03.0207 5588 FDResPub - ok
07:27:03.0222 5588 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
07:27:03.0222 5588 FileInfo - ok
07:27:03.0238 5588 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
07:27:03.0238 5588 Filetrace - ok
07:27:03.0238 5588 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
07:27:03.0238 5588 flpydisk - ok
07:27:03.0300 5588 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
07:27:03.0300 5588 FltMgr - ok
07:27:03.0394 5588 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
07:27:03.0441 5588 FontCache - ok
07:27:03.0581 5588 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:27:03.0581 5588 FontCache3.0.0.0 - ok
07:27:03.0612 5588 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
07:27:03.0628 5588 FsDepends - ok
07:27:03.0659 5588 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
07:27:03.0659 5588 Fs_Rec - ok
07:27:03.0706 5588 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
07:27:03.0706 5588 fvevol - ok
07:27:03.0721 5588 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
07:27:03.0721 5588 gagp30kx - ok
07:27:03.0799 5588 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:27:03.0799 5588 GEARAspiWDM - ok
07:27:03.0877 5588 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
07:27:03.0909 5588 gpsvc - ok
07:27:03.0924 5588 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
07:27:03.0924 5588 hcw85cir - ok
07:27:04.0002 5588 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
07:27:04.0018 5588 HdAudAddService - ok
07:27:04.0033 5588 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
07:27:04.0049 5588 HDAudBus - ok
07:27:04.0111 5588 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
07:27:04.0111 5588 HidBatt - ok
07:27:04.0127 5588 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
07:27:04.0127 5588 HidBth - ok
07:27:04.0158 5588 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
07:27:04.0158 5588 HidIr - ok
07:27:04.0174 5588 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
07:27:04.0189 5588 hidserv - ok
07:27:04.0205 5588 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
07:27:04.0221 5588 HidUsb - ok
07:27:04.0267 5588 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
07:27:04.0267 5588 hkmsvc - ok
07:27:04.0330 5588 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
07:27:04.0361 5588 HomeGroupListener - ok
07:27:04.0408 5588 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
07:27:04.0423 5588 HomeGroupProvider - ok
07:27:04.0439 5588 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
07:27:04.0439 5588 HpSAMD - ok
07:27:04.0501 5588 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
07:27:04.0548 5588 HTTP - ok
07:27:04.0548 5588 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
07:27:04.0564 5588 hwpolicy - ok
07:27:04.0579 5588 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
07:27:04.0579 5588 i8042prt - ok
07:27:04.0611 5588 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
07:27:04.0626 5588 iaStor - ok
07:27:04.0642 5588 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
07:27:04.0657 5588 iaStorV - ok
07:27:04.0798 5588 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:27:04.0845 5588 idsvc - ok
07:27:04.0860 5588 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
07:27:04.0860 5588 iirsp - ok
07:27:04.0954 5588 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
07:27:05.0001 5588 IKEEXT - ok
07:27:05.0110 5588 IntcAzAudAddService (a9638fa0fb0c5b86229c3fd809ce8cff) C:\Windows\system32\drivers\RTKVHD64.sys
07:27:05.0157 5588 IntcAzAudAddService - ok
07:27:05.0258 5588 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
07:27:05.0261 5588 intelide - ok
07:27:05.0286 5588 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
07:27:05.0288 5588 intelppm - ok
07:27:05.0318 5588 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
07:27:05.0323 5588 IPBusEnum - ok
07:27:05.0361 5588 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:27:05.0364 5588 IpFilterDriver - ok
07:27:05.0469 5588 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
07:27:05.0489 5588 iphlpsvc - ok
07:27:05.0537 5588 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
07:27:05.0540 5588 IPMIDRV - ok
07:27:05.0569 5588 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
07:27:05.0572 5588 IPNAT - ok
07:27:05.0677 5588 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
07:27:05.0710 5588 iPod Service - ok
07:27:05.0735 5588 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
07:27:05.0737 5588 IRENUM - ok
07:27:05.0757 5588 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
07:27:05.0759 5588 isapnp - ok
07:27:05.0786 5588 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
07:27:05.0797 5588 iScsiPrt - ok
07:27:05.0830 5588 itecir (9291643b494f87bfdac95a524f69e737) C:\Windows\system32\DRIVERS\itecir.sys
07:27:05.0833 5588 itecir - ok
07:27:05.0856 5588 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
07:27:05.0860 5588 kbdclass - ok
07:27:05.0885 5588 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
07:27:05.0887 5588 kbdhid - ok
07:27:05.0920 5588 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
07:27:05.0922 5588 kbfiltr - ok
07:27:05.0966 5588 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:27:05.0969 5588 KeyIso - ok
07:27:06.0020 5588 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
07:27:06.0023 5588 KSecDD - ok
07:27:06.0074 5588 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
07:27:06.0077 5588 KSecPkg - ok
07:27:06.0093 5588 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
07:27:06.0097 5588 ksthunk - ok
07:27:06.0127 5588 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
07:27:06.0144 5588 KtmRm - ok
07:27:06.0204 5588 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
07:27:06.0220 5588 LanmanServer - ok
07:27:06.0268 5588 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
07:27:06.0275 5588 LanmanWorkstation - ok
07:27:06.0309 5588 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
07:27:06.0312 5588 lltdio - ok
07:27:06.0378 5588 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
07:27:06.0385 5588 lltdsvc - ok
07:27:06.0401 5588 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
07:27:06.0405 5588 lmhosts - ok
07:27:06.0441 5588 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
07:27:06.0444 5588 LSI_FC - ok
07:27:06.0461 5588 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
07:27:06.0464 5588 LSI_SAS - ok
07:27:06.0478 5588 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:27:06.0481 5588 LSI_SAS2 - ok
07:27:06.0739 5588 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:27:06.0741 5588 LSI_SCSI - ok
07:27:06.0755 5588 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
07:27:06.0758 5588 luafv - ok
07:27:06.0802 5588 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
07:27:06.0821 5588 Mcx2Svc - ok
07:27:06.0840 5588 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
07:27:06.0843 5588 megasas - ok
07:27:06.0865 5588 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
07:27:06.0877 5588 MegaSR - ok
07:27:07.0030 5588 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:27:07.0039 5588 MMCSS - ok
07:27:07.0049 5588 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
07:27:07.0051 5588 Modem - ok
07:27:07.0071 5588 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
07:27:07.0072 5588 monitor - ok
07:27:07.0117 5588 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
07:27:07.0120 5588 mouclass - ok
07:27:07.0127 5588 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
07:27:07.0127 5588 mouhid - ok
07:27:07.0174 5588 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
07:27:07.0174 5588 mountmgr - ok
07:27:07.0299 5588 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:27:07.0299 5588 MozillaMaintenance - ok
07:27:07.0377 5588 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
07:27:07.0377 5588 MpFilter - ok
07:27:07.0424 5588 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
07:27:07.0439 5588 mpio - ok
07:27:07.0455 5588 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
07:27:07.0455 5588 mpsdrv - ok
07:27:07.0611 5588 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
07:27:07.0642 5588 MpsSvc - ok
07:27:07.0689 5588 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
07:27:07.0689 5588 MRxDAV - ok
07:27:07.0736 5588 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:27:07.0736 5588 mrxsmb - ok
07:27:07.0814 5588 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:27:07.0829 5588 mrxsmb10 - ok
07:27:07.0861 5588 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:27:07.0861 5588 mrxsmb20 - ok
07:27:07.0907 5588 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
07:27:07.0907 5588 msahci - ok
07:27:07.0923 5588 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
07:27:07.0923 5588 msdsm - ok
07:27:07.0954 5588 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
07:27:07.0970 5588 MSDTC - ok
07:27:08.0001 5588 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
07:27:08.0001 5588 Msfs - ok
07:27:08.0017 5588 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
07:27:08.0017 5588 mshidkmdf - ok
07:27:08.0032 5588 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
07:27:08.0032 5588 msisadrv - ok
07:27:08.0079 5588 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
07:27:08.0079 5588 MSiSCSI - ok
07:27:08.0095 5588 msiserver - ok
07:27:08.0110 5588 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
07:27:08.0110 5588 MSKSSRV - ok
07:27:08.0219 5588 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:27:08.0219 5588 MsMpSvc - ok
07:27:08.0251 5588 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
07:27:08.0251 5588 MSPCLOCK - ok
07:27:08.0251 5588 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
07:27:08.0251 5588 MSPQM - ok
07:27:08.0313 5588 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
07:27:08.0329 5588 MsRPC - ok
07:27:08.0438 5588 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
07:27:08.0438 5588 mssmbios - ok
07:27:08.0438 5588 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
07:27:08.0438 5588 MSTEE - ok
07:27:08.0453 5588 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
07:27:08.0453 5588 MTConfig - ok
07:27:08.0485 5588 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
07:27:08.0485 5588 MTsensor - ok
07:27:08.0500 5588 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
07:27:08.0500 5588 Mup - ok
07:27:08.0531 5588 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
07:27:08.0563 5588 napagent - ok
07:27:08.0594 5588 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
07:27:08.0609 5588 NativeWifiP - ok
07:27:08.0703 5588 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
07:27:08.0750 5588 NDIS - ok
07:27:08.0781 5588 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
07:27:08.0781 5588 NdisCap - ok
07:27:08.0843 5588 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
07:27:08.0843 5588 NdisTapi - ok
07:27:08.0890 5588 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
07:27:08.0906 5588 Ndisuio - ok
07:27:08.0953 5588 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
07:27:08.0953 5588 NdisWan - ok
07:27:08.0968 5588 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
07:27:08.0968 5588 NDProxy - ok
07:27:09.0031 5588 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
07:27:09.0031 5588 Netaapl - ok
07:27:09.0046 5588 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
07:27:09.0046 5588 NetBIOS - ok
07:27:09.0109 5588 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
07:27:09.0124 5588 NetBT - ok
07:27:09.0171 5588 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:27:09.0171 5588 Netlogon - ok
07:27:09.0218 5588 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
07:27:09.0233 5588 Netman - ok
07:27:09.0265 5588 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
07:27:09.0296 5588 netprofm - ok
07:27:09.0405 5588 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:27:09.0405 5588 NetTcpPortSharing - ok
07:27:09.0701 5588 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
07:27:09.0889 5588 NETw5s64 - ok
07:27:10.0481 5588 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys
07:27:10.0591 5588 netw5v64 - ok
07:27:10.0669 5588 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
07:27:10.0669 5588 nfrd960 - ok
07:27:10.0747 5588 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:27:10.0762 5588 NisDrv - ok
07:27:10.0871 5588 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
07:27:10.0887 5588 NisSrv - ok
07:27:10.0967 5588 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
07:27:10.0983 5588 NlaSvc - ok
07:27:11.0008 5588 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
07:27:11.0009 5588 Npfs - ok
07:27:11.0034 5588 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
07:27:11.0039 5588 nsi - ok
07:27:11.0050 5588 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
07:27:11.0052 5588 nsiproxy - ok
07:27:11.0171 5588 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
07:27:11.0230 5588 Ntfs - ok
07:27:11.0316 5588 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
07:27:11.0318 5588 Null - ok
07:27:11.0940 5588 nvlddmkm (1cf597c9f0745735a6c5181ecb83706e) C:\Windows\system32\DRIVERS\nvlddmkm.sys
07:27:12.0118 5588 nvlddmkm - ok
07:27:12.0259 5588 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
07:27:12.0274 5588 nvraid - ok
07:27:12.0290 5588 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
07:27:12.0290 5588 nvstor - ok
07:27:12.0337 5588 nvsvc (e71cfa7ae5e7518e29073d7c20a8fca1) C:\Windows\system32\nvvsvc.exe
07:27:12.0352 5588 nvsvc - ok
07:27:12.0384 5588 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
07:27:12.0399 5588 nv_agp - ok
07:27:12.0477 5588 OberonGameConsoleService (649791f5b905e6a8ecced15ad8efd436) C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
07:27:12.0493 5588 OberonGameConsoleService - ok
07:27:12.0586 5588 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:27:12.0602 5588 odserv - ok
07:27:12.0649 5588 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
07:27:12.0649 5588 ohci1394 - ok
07:27:12.0680 5588 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:27:12.0680 5588 ose - ok
07:27:12.0727 5588 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:27:12.0742 5588 p2pimsvc - ok
07:27:12.0758 5588 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
07:27:12.0789 5588 p2psvc - ok
07:27:12.0820 5588 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
07:27:12.0820 5588 Parport - ok
07:27:12.0867 5588 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
07:27:12.0867 5588 partmgr - ok
07:27:12.0883 5588 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
07:27:12.0898 5588 PcaSvc - ok
07:27:12.0945 5588 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
07:27:12.0961 5588 pci - ok
07:27:12.0961 5588 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
07:27:12.0961 5588 pciide - ok
07:27:13.0008 5588 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
07:27:13.0008 5588 pcmcia - ok
07:27:13.0023 5588 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
07:27:13.0023 5588 pcw - ok
07:27:13.0070 5588 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
07:27:13.0101 5588 PEAUTH - ok
07:27:13.0164 5588 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
07:27:13.0179 5588 PerfHost - ok
07:27:13.0273 5588 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
07:27:13.0335 5588 pla - ok
07:27:13.0398 5588 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
07:27:13.0413 5588 PlugPlay - ok
07:27:13.0444 5588 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
07:27:13.0444 5588 PNRPAutoReg - ok
07:27:13.0476 5588 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:27:13.0476 5588 PNRPsvc - ok
07:27:13.0538 5588 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
07:27:13.0554 5588 PolicyAgent - ok
07:27:13.0585 5588 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
07:27:13.0600 5588 Power - ok
07:27:13.0678 5588 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
07:27:13.0678 5588 PptpMiniport - ok
07:27:13.0694 5588 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
07:27:13.0694 5588 Processor - ok
07:27:13.0803 5588 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
07:27:13.0819 5588 ProfSvc - ok
07:27:13.0850 5588 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:27:13.0866 5588 ProtectedStorage - ok
07:27:13.0912 5588 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
07:27:13.0928 5588 Psched - ok
07:27:14.0146 5588 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
07:27:14.0178 5588 ql2300 - ok
07:27:14.0256 5588 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
07:27:14.0256 5588 ql40xx - ok
07:27:14.0318 5588 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
07:27:14.0334 5588 QWAVE - ok
07:27:14.0349 5588 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
07:27:14.0349 5588 QWAVEdrv - ok
07:27:14.0365 5588 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
07:27:14.0365 5588 RasAcd - ok
07:27:14.0396 5588 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
07:27:14.0396 5588 RasAgileVpn - ok
07:27:14.0412 5588 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
07:27:14.0427 5588 RasAuto - ok
07:27:14.0474 5588 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:27:14.0474 5588 Rasl2tp - ok
07:27:14.0505 5588 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
07:27:14.0521 5588 RasMan - ok
07:27:14.0536 5588 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
07:27:14.0536 5588 RasPppoe - ok
07:27:14.0568 5588 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
07:27:14.0568 5588 RasSstp - ok
07:27:14.0583 5588 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
07:27:14.0614 5588 rdbss - ok
07:27:14.0614 5588 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
07:27:14.0630 5588 rdpbus - ok
07:27:14.0630 5588 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:27:14.0630 5588 RDPCDD - ok
07:27:14.0661 5588 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
07:27:14.0661 5588 RDPENCDD - ok
07:27:14.0677 5588 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
07:27:14.0677 5588 RDPREFMP - ok
07:27:14.0739 5588 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
07:27:14.0739 5588 RDPWD - ok
07:27:14.0802 5588 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
07:27:14.0802 5588 rdyboost - ok
07:27:14.0833 5588 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
07:27:14.0848 5588 RemoteAccess - ok
07:27:14.0880 5588 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
07:27:14.0880 5588 RemoteRegistry - ok
07:27:14.0911 5588 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
07:27:14.0911 5588 rimmptsk - ok
07:27:14.0942 5588 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
07:27:14.0942 5588 rimsptsk - ok
07:27:14.0958 5588 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
07:27:14.0973 5588 rismxdp - ok
07:27:14.0973 5588 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
07:27:14.0989 5588 RpcEptMapper - ok
07:27:14.0989 5588 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
07:27:14.0989 5588 RpcLocator - ok
07:27:15.0067 5588 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:27:15.0067 5588 RpcSs - ok
07:27:15.0098 5588 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
07:27:15.0098 5588 rspndr - ok
07:27:15.0188 5588 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
07:27:15.0208 5588 RTL8167 - ok
07:27:15.0250 5588 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:27:15.0252 5588 SamSs - ok
07:27:15.0301 5588 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
07:27:15.0304 5588 sbp2port - ok
07:27:15.0331 5588 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
07:27:15.0347 5588 SCardSvr - ok
07:27:15.0387 5588 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
07:27:15.0390 5588 scfilter - ok
07:27:15.0488 5588 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
07:27:15.0548 5588 Schedule - ok
07:27:15.0591 5588 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:27:15.0592 5588 SCPolicySvc - ok
07:27:15.0656 5588 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
07:27:15.0659 5588 sdbus - ok
07:27:15.0674 5588 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
07:27:15.0687 5588 SDRSVC - ok
07:27:15.0832 5588 SeaPort (331e7bde228914574fc9ae6cd520dafa) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
07:27:15.0842 5588 SeaPort - ok
07:27:15.0879 5588 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
07:27:15.0882 5588 secdrv - ok
07:27:15.0930 5588 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
07:27:15.0935 5588 seclogon - ok
07:27:15.0963 5588 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
07:27:15.0968 5588 SENS - ok
07:27:15.0992 5588 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
07:27:15.0997 5588 SensrSvc - ok
07:27:16.0016 5588 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
07:27:16.0018 5588 Serenum - ok
07:27:16.0040 5588 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
07:27:16.0043 5588 Serial - ok
07:27:16.0096 5588 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
07:27:16.0099 5588 sermouse - ok
07:27:16.0157 5588 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
07:27:16.0164 5588 SessionEnv - ok
07:27:16.0200 5588 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
07:27:16.0203 5588 sffdisk - ok
07:27:16.0211 5588 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
07:27:16.0213 5588 sffp_mmc - ok
07:27:16.0224 5588 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
07:27:16.0226 5588 sffp_sd - ok
07:27:16.0241 5588 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
07:27:16.0243 5588 sfloppy - ok
07:27:16.0305 5588 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
07:27:16.0321 5588 SharedAccess - ok
07:27:16.0383 5588 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
07:27:16.0399 5588 ShellHWDetection - ok
07:27:16.0423 5588 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
07:27:16.0426 5588 SiSGbeLH - ok
07:27:16.0450 5588 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:27:16.0452 5588 SiSRaid2 - ok
07:27:16.0463 5588 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
07:27:16.0465 5588 SiSRaid4 - ok
07:27:16.0495 5588 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
07:27:16.0497 5588 Smb - ok
07:27:16.0546 5588 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
07:27:16.0551 5588 SNMPTRAP - ok
07:27:16.0649 5588 SNP2UVC (2d280b5799f9c143fa7d49e032fbce46) C:\Windows\system32\DRIVERS\snp2uvc.sys
07:27:16.0704 5588 SNP2UVC - ok
07:27:16.0770 5588 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
07:27:16.0770 5588 spldr - ok
07:27:16.0817 5588 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
07:27:16.0848 5588 Spooler - ok
07:27:17.0051 5588 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
07:27:17.0144 5588 sppsvc - ok
07:27:17.0238 5588 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
07:27:17.0238 5588 sppuinotify - ok
07:27:17.0300 5588 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
07:27:17.0316 5588 srv - ok
07:27:17.0378 5588 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
07:27:17.0394 5588 srv2 - ok
07:27:17.0410 5588 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
07:27:17.0425 5588 srvnet - ok
07:27:17.0456 5588 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
07:27:17.0472 5588 SSDPSRV - ok
07:27:17.0488 5588 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
07:27:17.0503 5588 SstpSvc - ok
07:27:17.0519 5588 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
07:27:17.0519 5588 stexstor - ok
07:27:17.0597 5588 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
07:27:17.0628 5588 stisvc - ok
07:27:17.0659 5588 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
07:27:17.0675 5588 swenum - ok
07:27:17.0722 5588 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
07:27:17.0737 5588 swprv - ok
07:27:17.0815 5588 SynTP (be7311da9d6833fa69ed04b744a1c8f8) C:\Windows\system32\DRIVERS\SynTP.sys
07:27:17.0831 5588 SynTP - ok
07:27:18.0034 5588 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
07:27:18.0112 5588 SysMain - ok
07:27:18.0221 5588 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
07:27:18.0221 5588 TabletInputService - ok
07:27:18.0268 5588 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
07:27:18.0283 5588 TapiSrv - ok
07:27:18.0314 5588 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
07:27:18.0330 5588 TBS - ok
07:27:18.0486 5588 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
07:27:18.0548 5588 Tcpip - ok
07:27:18.0689 5588 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
07:27:18.0704 5588 TCPIP6 - ok
07:27:18.0814 5588 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
07:27:18.0814 5588 tcpipreg - ok
07:27:18.0860 5588 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
07:27:18.0860 5588 TDPIPE - ok
07:27:18.0892 5588 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
07:27:18.0907 5588 TDTCP - ok
07:27:18.0954 5588 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
07:27:18.0954 5588 tdx - ok
07:27:19.0001 5588 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
07:27:19.0016 5588 TermDD - ok
07:27:19.0048 5588 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
07:27:19.0094 5588 TermService - ok
07:27:19.0110 5588 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
07:27:19.0126 5588 Themes - ok
07:27:19.0141 5588 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:27:19.0157 5588 THREADORDER - ok
07:27:19.0188 5588 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
07:27:19.0188 5588 TrkWks - ok
07:27:19.0250 5588 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
07:27:19.0266 5588 TrustedInstaller - ok
07:27:19.0313 5588 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:27:19.0328 5588 tssecsrv - ok
07:27:19.0391 5588 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
07:27:19.0391 5588 TsUsbFlt - ok
07:27:19.0453 5588 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
07:27:19.0453 5588 tunnel - ok
07:27:19.0484 5588 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
07:27:19.0484 5588 uagp35 - ok
07:27:19.0547 5588 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
07:27:19.0562 5588 udfs - ok
07:27:19.0609 5588 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
07:27:19.0609 5588 UI0Detect - ok
07:27:19.0672 5588 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
07:27:19.0672 5588 uliagpkx - ok
07:27:19.0734 5588 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
07:27:19.0734 5588 umbus - ok
07:27:19.0765 5588 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
07:27:19.0781 5588 UmPass - ok
07:27:19.0906 5588 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
07:27:19.0921 5588 upnphost - ok
07:27:19.0984 5588 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
07:27:19.0984 5588 USBAAPL64 - ok
07:27:20.0046 5588 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
07:27:20.0046 5588 usbaudio - ok
07:27:20.0093 5588 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
07:27:20.0093 5588 usbccgp - ok
07:27:20.0171 5588 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
07:27:20.0171 5588 usbcir - ok
07:27:20.0186 5588 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
07:27:20.0186 5588 usbehci - ok
07:27:20.0218 5588 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
07:27:20.0249 5588 usbhub - ok
07:27:20.0264 5588 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
07:27:20.0264 5588 usbohci - ok
07:27:20.0311 5588 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
07:27:20.0311 5588 usbprint - ok
07:27:20.0374 5588 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
07:27:20.0389 5588 usbscan - ok
07:27:20.0420 5588 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:27:20.0420 5588 USBSTOR - ok
07:27:20.0467 5588 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
07:27:20.0467 5588 usbuhci - ok
07:27:20.0498 5588 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
07:27:20.0514 5588 usbvideo - ok
07:27:20.0545 5588 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
07:27:20.0545 5588 UxSms - ok
07:27:20.0608 5588 VaneFltr (81a9f455bf2c9180348949f7c8d93e66) C:\Windows\system32\drivers\Lachesis.sys
07:27:20.0608 5588 VaneFltr - ok
07:27:20.0654 5588 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:27:20.0654 5588 VaultSvc - ok
07:27:20.0717 5588 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
07:27:20.0717 5588 vdrvroot - ok
07:27:20.0795 5588 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
07:27:20.0810 5588 vds - ok
07:27:20.0842 5588 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
07:27:20.0842 5588 vga - ok
07:27:20.0857 5588 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
07:27:20.0857 5588 VgaSave - ok
07:27:20.0904 5588 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
07:27:20.0920 5588 vhdmp - ok
07:27:20.0935 5588 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
07:27:20.0951 5588 viaide - ok
07:27:20.0966 5588 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
07:27:20.0966 5588 volmgr - ok
07:27:21.0107 5588 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
07:27:21.0169 5588 volmgrx - ok
07:27:21.0185 5588 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
07:27:21.0216 5588 volsnap - ok
07:27:21.0247 5588 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
07:27:21.0247 5588 vsmraid - ok
07:27:21.0356 5588 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
07:27:21.0434 5588 VSS - ok
07:27:21.0497 5588 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
07:27:21.0497 5588 vwifibus - ok
07:27:21.0512 5588 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
07:27:21.0512 5588 vwififlt - ok
07:27:21.0544 5588 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
07:27:21.0544 5588 vwifimp - ok
07:27:21.0590 5588 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
07:27:21.0606 5588 W32Time - ok
07:27:21.0622 5588 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
07:27:21.0637 5588 WacomPen - ok
07:27:21.0700 5588 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:27:21.0700 5588 WANARP - ok
07:27:21.0700 5588 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:27:21.0700 5588 Wanarpv6 - ok
07:27:22.0027 5588 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
07:27:22.0090 5588 WatAdminSvc - ok
07:27:22.0199 5588 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
07:27:22.0261 5588 wbengine - ok
07:27:22.0355 5588 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
07:27:22.0370 5588 WbioSrvc - ok
07:27:22.0417 5588 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
07:27:22.0433 5588 wcncsvc - ok
07:27:22.0448 5588 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
07:27:22.0464 5588 WcsPlugInService - ok
07:27:22.0495 5588 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
07:27:22.0495 5588 Wd - ok
07:27:22.0542 5588 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
07:27:22.0589 5588 Wdf01000 - ok
07:27:22.0604 5588 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:27:22.0604 5588 WdiServiceHost - ok
07:27:22.0620 5588 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:27:22.0620 5588 WdiSystemHost - ok
07:27:22.0667 5588 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
07:27:22.0698 5588 WebClient - ok
07:27:22.0714 5588 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
07:27:22.0729 5588 Wecsvc - ok
07:27:22.0745 5588 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
07:27:22.0745 5588 wercplsupport - ok
07:27:22.0776 5588 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
07:27:22.0792 5588 WerSvc - ok
07:27:22.0854 5588 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
07:27:22.0854 5588 WfpLwf - ok
07:27:22.0885 5588 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
07:27:22.0885 5588 WimFltr - ok
07:27:22.0901 5588 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
07:27:22.0901 5588 WIMMount - ok
07:27:22.0979 5588 WinDefend - ok
07:27:22.0979 5588 WinHttpAutoProxySvc - ok
07:27:23.0041 5588 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
07:27:23.0041 5588 Winmgmt - ok
07:27:23.0166 5588 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
07:27:23.0244 5588 WinRM - ok
07:27:23.0447 5588 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
07:27:23.0447 5588 WinUsb - ok
07:27:23.0509 5588 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
07:27:23.0572 5588 Wlansvc - ok
07:27:23.0728 5588 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:27:23.0806 5588 wlidsvc - ok
07:27:23.0915 5588 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
07:27:23.0915 5588 WmiAcpi - ok
07:27:23.0962 5588 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
07:27:23.0977 5588 wmiApSrv - ok
07:27:24.0024 5588 WMPNetworkSvc - ok
07:27:24.0040 5588 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
07:27:24.0040 5588 WPCSvc - ok
07:27:24.0086 5588 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
07:27:24.0102 5588 WPDBusEnum - ok
07:27:24.0118 5588 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
07:27:24.0118 5588 ws2ifsl - ok
07:27:24.0180 5588 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
07:27:24.0196 5588 wscsvc - ok
07:27:24.0196 5588 WSearch - ok
07:27:24.0336 5588 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
07:27:24.0414 5588 wuauserv - ok
07:27:24.0523 5588 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
07:27:24.0523 5588 WudfPf - ok
07:27:24.0570 5588 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:27:24.0570 5588 WUDFRd - ok
07:27:24.0617 5588 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
07:27:24.0617 5588 wudfsvc - ok
07:27:24.0664 5588 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
07:27:24.0679 5588 WwanSvc - ok
07:27:24.0710 5588 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
07:27:25.0022 5588 \Device\Harddisk0\DR0 - ok
07:27:25.0038 5588 Boot (0x1200) (9e989bcca1eff3706089e2e5260889f6) \Device\Harddisk0\DR0\Partition0
07:27:25.0054 5588 \Device\Harddisk0\DR0\Partition0 - ok
07:27:25.0054 5588 ============================================================
07:27:25.0054 5588 Scan finished
07:27:25.0054 5588 ============================================================
07:27:25.0054 5916 Detected object count: 0
07:27:25.0054 5916 Actual detected object count: 0
07:29:40.0776 5444 Deinitialize success

aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-06 07:30:28
-----------------------------
07:30:28.982 OS Version: Windows x64 6.1.7601 Service Pack 1
07:30:28.982 Number of processors: 2 586 0x170A
07:30:28.983 ComputerName: OWNER-PC UserName: Owner
07:30:29.895 Initialize success
07:31:29.656 AVAST engine defs: 12080600
07:32:05.520 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

ESET Online Scanner

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1e21ac036ffb414c8540720479701fab
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-07 12:43:32
# local_time=2012-08-06 05:43:32 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 152841 95807271 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=1565040
# found=12
# cleaned=12
# scan_time=36391
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HO62HZXE\firstload_com[1].txt HTML/Hoax.FastDownload.C.Gen application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HO62HZXE\landing[5].htm HTML/ScrInject.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HO62HZXE\mx_mainxu[1].txt HTML/Iframe.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HO62HZXE\pqrunix_info[1].htm HTML/TrojanDownloader.Applet.A trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HO62HZXE\stpunix_info[1].htm HTML/TrojanDownloader.Applet.A trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K6DA4KSC\mx_usenet[1].txt HTML/Iframe.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJRI6L53\crystmassoft3_net[1].htm HTML/TrojanDownloader.Applet.A trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJRI6L53\defunix_net[1].htm HTML/TrojanDownloader.Applet.A trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJRI6L53\firstload_com[1].txt HTML/Hoax.FastDownload.C.Gen application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJRI6L53\landing[1].htm HTML/ScrInject.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJRI6L53\mx_mainxu[1].txt HTML/Iframe.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJRI6L53\newyear4_net[1].htm HTML/TrojanDownloader.Applet.A trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:07 AM

Posted 07 August 2012 - 12:29 AM

ASWMBR log looks incomplete.Please scan again

#5 fconig

fconig
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 07 August 2012 - 01:20 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-06 23:05:11
-----------------------------
23:05:11.616 OS Version: Windows x64 6.1.7601 Service Pack 1
23:05:11.616 Number of processors: 2 586 0x170A
23:05:11.617 ComputerName: OWNER-PC UserName: Owner
23:05:14.536 Initialize success
23:05:20.580 AVAST engine defs: 12080600
23:05:24.188 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:05:24.190 Disk 0 Vendor: ST932042 0002 Size: 305245MB BusType: 3
23:05:24.194 Disk 0 MBR read successfully
23:05:24.197 Disk 0 MBR scan
23:05:24.230 Disk 0 Windows VISTA default MBR code
23:05:24.239 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14998 MB offset 2048
23:05:24.253 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 290245 MB offset 30717952
23:05:24.329 Disk 0 scanning C:\Windows\system32\drivers
23:05:39.866 Service scanning
23:06:19.688 Modules scanning
23:06:19.697 Disk 0 trace - called modules:
23:06:19.709 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
23:06:19.714 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80057b2060]
23:06:19.719 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80046d18a0]
23:06:19.729 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800471f050]
23:06:20.612 AVAST engine scan C:\Windows
23:06:25.857 AVAST engine scan C:\Windows\system32
23:10:56.588 AVAST engine scan C:\Windows\system32\drivers
23:11:20.966 AVAST engine scan C:\Users\Owner
23:19:40.080 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
23:19:40.115 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:07 AM

Posted 07 August 2012 - 01:38 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 fconig

fconig
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 07 August 2012 - 08:23 PM

Rogue Killer


RogueKiller V7.6.5 [08/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Owner [Admin rights]
Mode: HOSTSFix -- Date: 08/07/2012 18:08:41

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
::1 localhost
216.240.133.193 www.google-analytics.com.
216.240.133.193 ad-emea.doubleclick.net.
216.240.133.193 www.statcounter.com.
69.72.252.254 www.google-analytics.com.
69.72.252.254 ad-emea.doubleclick.net.
69.72.252.254 www.statcounter.com.


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt


Mini Toolbox


MiniToolBox by Farbar Version: 23-07-2012
Ran by Owner (administrator) on 07-08-2012 at 18:13:23
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-1E-65-87-A6-F7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-1E-65-87-A6-F6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6cef:dc25:8f60:9754%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, August 07, 2012 5:53:39 PM
Lease Expires . . . . . . . . . . : Wednesday, August 08, 2012 5:53:39 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 301997669
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-84-06-9C-90-E6-BA-82-78-BF
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 90-E6-BA-82-78-BF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{728EBE00-DA96-4341-AAAC-A1799E3A3B69}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:340c:7c:b34f:8674(Preferred)
Link-local IPv6 Address . . . . . : fe80::340c:7c:b34f:8674%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4007:800::1009
74.125.224.225
74.125.224.226
74.125.224.227
74.125.224.228
74.125.224.229
74.125.224.230
74.125.224.231
74.125.224.232
74.125.224.233
74.125.224.238
74.125.224.224


Pinging google.com [74.125.224.162] with 32 bytes of data:
Reply from 74.125.224.162: bytes=32 time=15ms TTL=54
Reply from 74.125.224.162: bytes=32 time=14ms TTL=54

Ping statistics for 74.125.224.162:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 15ms, Average = 14ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=151ms TTL=47
Reply from 98.139.183.24: bytes=32 time=188ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 151ms, Maximum = 188ms, Average = 169ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 1e 65 87 a6 f7 ......Microsoft Virtual WiFi Miniport Adapter
11...00 1e 65 87 a6 f6 ......Intel® WiFi Link 5100 AGN
10...90 e6 ba 82 78 bf ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.9 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.9 281
192.168.1.9 255.255.255.255 On-link 192.168.1.9 281
192.168.1.255 255.255.255.255 On-link 192.168.1.9 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.9 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.9 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:340c:7c:b34f:8674/128
On-link
11 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::340c:7c:b34f:8674/128
On-link
11 281 fe80::6cef:dc25:8f60:9754/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 04 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 26 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 27 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/07/2012 08:09:29 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/07/2012 08:09:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/06/2012 05:45:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/06/2012 05:43:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/06/2012 05:43:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/06/2012 04:35:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/05/2012 10:09:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2075

Error: (08/05/2012 10:09:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2075

Error: (08/05/2012 10:09:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/04/2012 11:00:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 561760


System errors:
=============
Error: (08/07/2012 05:53:43 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/05/2012 08:30:06 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a56\??\C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT

Error: (08/05/2012 08:30:16 AM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa80046c3a10, 0xfffff800045654d8, 0xfffffa8004c51010)C:\Windows\MEMORY.DMP080512-20529-01

Error: (08/05/2012 08:30:07 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:50:44 PM on ?8/?4/?2012 was unexpected.

Error: (08/02/2012 05:49:22 PM) (Source: Service Control Manager) (User: )
Description: The Oberon Media Game Console service service failed to start due to the following error:
%%1053

Error: (08/02/2012 05:49:22 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Oberon Media Game Console service service to connect.

Error: (08/02/2012 05:48:39 PM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa8004625060, 0xfffff80000b9c4d8, 0xfffffa800c3d5010)C:\Windows\MEMORY.DMP080212-19546-01

Error: (08/02/2012 05:48:30 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:20:42 PM on ?8/?1/?2012 was unexpected.

Error: (07/30/2012 07:25:27 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%1053

Error: (07/30/2012 07:25:27 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.


Microsoft Office Sessions:
=========================
Error: (11/08/2010 09:50:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.63)
Adobe Reader 9.5.1 MUI (Version: 9.5.1)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Akamai NetSession Interface
Akamai NetSession Interface Service
Aleks 3.13
Alice Greenfingers
Amazon Kindle
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ASUS AI Recovery (Version: 1.0.6)
ASUS AP Bank (Version: 1.0.0.0)
ASUS Data Security Manager (Version: 1.00.0013)
ASUS FancyStart (Version: 1.0.6)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.19)
ASUS SmartLogon (Version: 1.0.0007)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
ASUS Virtual Camera (Version: 1.0.16)
Asus WebStorage (Version: 2.0.31.477)
Asus_Camera_ScreenSaver (Version: 2.0.0009)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.0.0051)
ATK Media (Version: 2.0.0005)
ATKOSD2 (Version: 7.0.0005)
Bandisoft MPEG-1 Decoder
Bonjour (Version: 3.0.0.10)
Chicken Invaders 2
Choice Guard (Version: 1.2.87.0)
CinemaNow Media Manager (Version: 1.9.0.56)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ControlDeck (Version: 1.0.3)
Creative MediaSource 5 (Version: 5.00)
Curse Client (Version: 5.1.1.410)
CyberLink Power2Go (Version: 6.1.2713)
Diablo III (Version: 1.0.3.10235)
DivX Setup (Version: 2.6.1.8)
Dream Day Wedding Married in Manhattan
ESET Online Scanner v3
Express Gate (Version: 1.2.13.14)
Fast Boot (Version: 1.0.4)
Game Park Console (Version: 5.2.1.4)
Google Chrome (Version: 21.0.1180.60)
HP Photo Creations (Version: 1.0.0.5192)
HP Photosmart 5510 series Basic Device Software (Version: 24.0.342.0)
HP Photosmart 5510 series Help (Version: 140.0.2.2)
HP Photosmart 5510 series Product Improvement Study (Version: 24.0.342.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
Island Wars 2
ITECIR (Version: 1.00.0000)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
NVIDIA Drivers (Version: 1.5)
OpenOffice.org 3.2 (Version: 3.2.9502)
Piggly
QuickTime (Version: 7.71.80.42)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Realtek High Definition Audio Driver (Version: 6.0.1.5928)
RICOH R5U8xx Media Driver ver.3.62.02 (Version: 3.62.02)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.163)
Smileyville
Sound Blaster Audigy HD (Version: 1.0)
Synaptics Pointing Device Driver (Version: 13.2.6.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Ventrilo Client (Version: 3.0.5)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
WinFlash (Version: 2.29.0)
Wireless Console 3 (Version: 3.0.10)
World of Warcraft (Version: 5.0.1.15650)
World of Warcraft Beta (Version: )
World of Warcraft Public Test (Version: 0.0.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 4095.24 MB
Available physical RAM: 2589.64 MB
Total Pagefile: 8188.67 MB
Available Pagefile: 6403.95 MB
Total Virtual: 4095.88 MB
Available Virtual: 3953.96 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:283.44 GB) (Free:123.47 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest Owner


**** End of log ****
FSS
Farbar Service Scanner Version: 06-08-2012
Ran by Owner (administrator) on 07-08-2012 at 18:15:31
Running from "C:\Users\Owner\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Adware Cleaner


# AdwCleaner v1.800 - Logfile created 08/07/2012 at 18:17:27
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Owner - OWNER-PC
# Running from : C:\Users\Owner\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Owner\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\ProgramData\InstallMate

***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zlpschbn.default\prefs.js

C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zlpschbn.default\user.js ... Deleted !

Deleted : user_pref("browser.search..selectedEngineURL", "hxxp://mp3tubetoolbar.com/?&prt=pinballtbfour01ff&cl[...]
Deleted : user_pref("browser.search.selectedEngineURL", "hxxp://mp3tubetoolbarsearch.com/?prt=pinballtbfour01f[...]
Deleted : user_pref("keyword.URL", "hxxp://mp3tubetoolbar.com/?tmp=nemo_results_removelink2&q=");
Deleted : user_pref("mp3tubetoolbar.configXml", "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\r\n<toolbarlayout[...]
Deleted : user_pref("mp3tubetoolbar.configXml_lastcheck", "21884079");
Deleted : user_pref("mp3tubetoolbar.startupPop", "yes");

-\\ Google Chrome v21.0.1180.60

File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [1679 octets] - [07/08/2012 18:17:27]

########## EOF - C:\AdwCleaner[S1].txt - [1807 octets] ##########

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:07 AM

Posted 07 August 2012 - 08:47 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users