Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bottom Right Corner ad and redirection


  • Please log in to reply
9 replies to this topic

#1 SteezyDolphin

SteezyDolphin

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 09 August 2012 - 12:45 AM

Hi,

When I am on a browser, both IE9 and Chrome, I am often redirected when I click on a link within a website. Previously when i got redirected, I got a pesky fake antivirus virus that I removed. it happened twice, but hasn't since. Also I almost always have a ad, or even two pop up in the bottom right corner. They are either in the shape of an iPhone, or a small white box. these two when I click the 'x' to close them a even smaller white box saying 'Recommended For You' remains. These ads have been in both French and English. Other ads include games, nudity and others.

Today I scanned my computer with AVG (full computer scan) and it found 2 Trojan Horses and 7 viruses that it moved to the virus vault. It also Found 26 tracking cookies that it either moved to the virus vault or healed. I restarted my computer and it did not fix the ads or redirection.

Please Help!

Thank you very much in advance,

James(steezydolphin)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 09 August 2012 - 12:45 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 SteezyDolphin

SteezyDolphin
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 09 August 2012 - 02:29 AM

TDSSkiller


01:47:11.0869 1420 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
01:47:12.0148 1420 ============================================================
01:47:12.0148 1420 Current date / time: 2012/08/09 01:47:12.0148
01:47:12.0148 1420 SystemInfo:
01:47:12.0148 1420
01:47:12.0148 1420 OS Version: 6.1.7601 ServicePack: 1.0
01:47:12.0148 1420 Product type: Workstation
01:47:12.0148 1420 ComputerName: JAMES-PC
01:47:12.0148 1420 UserName: James
01:47:12.0148 1420 Windows directory: C:\Windows
01:47:12.0148 1420 System windows directory: C:\Windows
01:47:12.0148 1420 Running under WOW64
01:47:12.0148 1420 Processor architecture: Intel x64
01:47:12.0148 1420 Number of processors: 2
01:47:12.0148 1420 Page size: 0x1000
01:47:12.0148 1420 Boot type: Normal boot
01:47:12.0148 1420 ============================================================
01:47:12.0623 1420 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:47:12.0626 1420 ============================================================
01:47:12.0626 1420 \Device\Harddisk0\DR0:
01:47:12.0626 1420 MBR partitions:
01:47:12.0627 1420 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
01:47:12.0627 1420 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x38553000
01:47:12.0627 1420 ============================================================
01:47:12.0657 1420 C: <-> \Device\Harddisk0\DR0\Partition1
01:47:12.0657 1420 ============================================================
01:47:12.0657 1420 Initialize success
01:47:12.0657 1420 ============================================================
01:47:30.0097 3096 Deinitialize success




01:47:49.0256 6372 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
01:47:49.0551 6372 ============================================================
01:47:49.0551 6372 Current date / time: 2012/08/09 01:47:49.0551
01:47:49.0551 6372 SystemInfo:
01:47:49.0551 6372
01:47:49.0551 6372 OS Version: 6.1.7601 ServicePack: 1.0
01:47:49.0551 6372 Product type: Workstation
01:47:49.0551 6372 ComputerName: JAMES-PC
01:47:49.0551 6372 UserName: James
01:47:49.0551 6372 Windows directory: C:\Windows
01:47:49.0551 6372 System windows directory: C:\Windows
01:47:49.0551 6372 Running under WOW64
01:47:49.0551 6372 Processor architecture: Intel x64
01:47:49.0551 6372 Number of processors: 2
01:47:49.0551 6372 Page size: 0x1000
01:47:49.0551 6372 Boot type: Normal boot
01:47:49.0551 6372 ============================================================
01:47:49.0976 6372 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:47:49.0980 6372 ============================================================
01:47:49.0980 6372 \Device\Harddisk0\DR0:
01:47:49.0980 6372 MBR partitions:
01:47:49.0980 6372 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
01:47:49.0980 6372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x38553000
01:47:49.0980 6372 ============================================================
01:47:50.0011 6372 C: <-> \Device\Harddisk0\DR0\Partition1
01:47:50.0011 6372 ============================================================
01:47:50.0011 6372 Initialize success
01:47:50.0011 6372 ============================================================
01:48:03.0535 6268 ============================================================
01:48:03.0535 6268 Scan started
01:48:03.0535 6268 Mode: Manual; TDLFS;
01:48:03.0535 6268 ============================================================
01:48:03.0808 6268 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
01:48:03.0810 6268 !SASCORE - ok
01:48:04.0050 6268 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
01:48:04.0052 6268 1394ohci - ok
01:48:04.0095 6268 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
01:48:04.0098 6268 ACPI - ok
01:48:04.0137 6268 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
01:48:04.0138 6268 AcpiPmi - ok
01:48:04.0223 6268 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
01:48:04.0227 6268 adp94xx - ok
01:48:04.0282 6268 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
01:48:04.0285 6268 adpahci - ok
01:48:04.0308 6268 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
01:48:04.0310 6268 adpu320 - ok
01:48:04.0370 6268 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
01:48:04.0371 6268 AeLookupSvc - ok
01:48:04.0452 6268 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
01:48:04.0456 6268 AFD - ok
01:48:04.0495 6268 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
01:48:04.0496 6268 agp440 - ok
01:48:04.0525 6268 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
01:48:04.0526 6268 ALG - ok
01:48:04.0546 6268 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
01:48:04.0546 6268 aliide - ok
01:48:04.0577 6268 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
01:48:04.0577 6268 amdide - ok
01:48:04.0604 6268 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
01:48:04.0605 6268 AmdK8 - ok
01:48:04.0616 6268 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
01:48:04.0617 6268 AmdPPM - ok
01:48:04.0661 6268 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
01:48:04.0663 6268 amdsata - ok
01:48:04.0716 6268 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
01:48:04.0718 6268 amdsbs - ok
01:48:04.0768 6268 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
01:48:04.0769 6268 amdxata - ok
01:48:04.0811 6268 AmUStor (92a848f962da91c631147d566414bb7e) C:\Windows\system32\drivers\AmUStor.SYS
01:48:04.0812 6268 AmUStor - ok
01:48:04.0834 6268 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
01:48:04.0835 6268 AppID - ok
01:48:04.0869 6268 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
01:48:04.0870 6268 AppIDSvc - ok
01:48:04.0904 6268 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
01:48:04.0905 6268 Appinfo - ok
01:48:05.0049 6268 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:48:05.0050 6268 Apple Mobile Device - ok
01:48:05.0108 6268 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
01:48:05.0109 6268 arc - ok
01:48:05.0124 6268 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
01:48:05.0126 6268 arcsas - ok
01:48:05.0170 6268 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
01:48:05.0171 6268 AsyncMac - ok
01:48:05.0209 6268 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
01:48:05.0210 6268 atapi - ok
01:48:05.0305 6268 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
01:48:05.0310 6268 AudioEndpointBuilder - ok
01:48:05.0320 6268 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
01:48:05.0325 6268 AudioSrv - ok
01:48:05.0682 6268 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
01:48:05.0715 6268 AVGIDSAgent - ok
01:48:05.0865 6268 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
01:48:05.0867 6268 AVGIDSDriver - ok
01:48:05.0904 6268 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
01:48:05.0905 6268 AVGIDSFilter - ok
01:48:05.0953 6268 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
01:48:05.0954 6268 AVGIDSHA - ok
01:48:06.0033 6268 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
01:48:06.0036 6268 Avgldx64 - ok
01:48:06.0072 6268 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
01:48:06.0074 6268 Avgmfx64 - ok
01:48:06.0137 6268 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
01:48:06.0137 6268 Avgrkx64 - ok
01:48:06.0196 6268 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
01:48:06.0199 6268 Avgtdia - ok
01:48:06.0314 6268 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
01:48:06.0316 6268 avgwd - ok
01:48:06.0359 6268 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
01:48:06.0360 6268 AxInstSV - ok
01:48:06.0435 6268 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
01:48:06.0438 6268 b06bdrv - ok
01:48:06.0494 6268 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
01:48:06.0496 6268 b57nd60a - ok
01:48:06.0542 6268 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
01:48:06.0543 6268 BDESVC - ok
01:48:06.0561 6268 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
01:48:06.0562 6268 Beep - ok
01:48:06.0642 6268 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
01:48:06.0648 6268 BFE - ok
01:48:06.0738 6268 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
01:48:06.0745 6268 BITS - ok
01:48:06.0808 6268 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
01:48:06.0808 6268 blbdrive - ok
01:48:06.0920 6268 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
01:48:06.0923 6268 Bonjour Service - ok
01:48:06.0947 6268 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
01:48:06.0948 6268 bowser - ok
01:48:06.0972 6268 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
01:48:06.0972 6268 BrFiltLo - ok
01:48:06.0993 6268 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
01:48:06.0993 6268 BrFiltUp - ok
01:48:07.0030 6268 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
01:48:07.0031 6268 Browser - ok
01:48:07.0067 6268 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
01:48:07.0069 6268 Brserid - ok
01:48:07.0093 6268 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
01:48:07.0094 6268 BrSerWdm - ok
01:48:07.0102 6268 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
01:48:07.0103 6268 BrUsbMdm - ok
01:48:07.0112 6268 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
01:48:07.0112 6268 BrUsbSer - ok
01:48:07.0140 6268 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
01:48:07.0141 6268 BTHMODEM - ok
01:48:07.0186 6268 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
01:48:07.0187 6268 bthserv - ok
01:48:07.0227 6268 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
01:48:07.0229 6268 cdfs - ok
01:48:07.0265 6268 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
01:48:07.0267 6268 cdrom - ok
01:48:07.0310 6268 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
01:48:07.0312 6268 CertPropSvc - ok
01:48:07.0338 6268 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
01:48:07.0338 6268 circlass - ok
01:48:07.0387 6268 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
01:48:07.0389 6268 CLFS - ok
01:48:07.0458 6268 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:48:07.0459 6268 clr_optimization_v2.0.50727_32 - ok
01:48:07.0504 6268 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:48:07.0505 6268 clr_optimization_v2.0.50727_64 - ok
01:48:07.0592 6268 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:48:07.0593 6268 clr_optimization_v4.0.30319_32 - ok
01:48:07.0646 6268 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:48:07.0648 6268 clr_optimization_v4.0.30319_64 - ok
01:48:07.0663 6268 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
01:48:07.0664 6268 CmBatt - ok
01:48:07.0697 6268 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
01:48:07.0698 6268 cmdide - ok
01:48:07.0775 6268 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
01:48:07.0778 6268 CNG - ok
01:48:07.0800 6268 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
01:48:07.0801 6268 Compbatt - ok
01:48:07.0823 6268 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
01:48:07.0824 6268 CompositeBus - ok
01:48:07.0845 6268 COMSysApp - ok
01:48:07.0871 6268 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
01:48:07.0871 6268 crcdisk - ok
01:48:07.0928 6268 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
01:48:07.0930 6268 CryptSvc - ok
01:48:08.0096 6268 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
01:48:08.0101 6268 cvhsvc - ok
01:48:08.0166 6268 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
01:48:08.0171 6268 DcomLaunch - ok
01:48:08.0217 6268 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
01:48:08.0220 6268 defragsvc - ok
01:48:08.0282 6268 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
01:48:08.0283 6268 DfsC - ok
01:48:08.0336 6268 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
01:48:08.0338 6268 Dhcp - ok
01:48:08.0357 6268 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
01:48:08.0357 6268 discache - ok
01:48:08.0398 6268 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
01:48:08.0399 6268 Disk - ok
01:48:08.0436 6268 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
01:48:08.0438 6268 Dnscache - ok
01:48:08.0460 6268 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
01:48:08.0462 6268 dot3svc - ok
01:48:08.0482 6268 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
01:48:08.0484 6268 DPS - ok
01:48:08.0518 6268 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
01:48:08.0518 6268 drmkaud - ok
01:48:08.0661 6268 DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
01:48:08.0664 6268 DsiWMIService - ok
01:48:08.0738 6268 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
01:48:08.0740 6268 dtsoftbus01 - ok
01:48:08.0859 6268 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
01:48:08.0865 6268 DXGKrnl - ok
01:48:08.0901 6268 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
01:48:08.0903 6268 EapHost - ok
01:48:09.0125 6268 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
01:48:09.0146 6268 ebdrv - ok
01:48:09.0270 6268 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
01:48:09.0271 6268 EFS - ok
01:48:09.0349 6268 EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
01:48:09.0351 6268 EgisTec Ticket Service - ok
01:48:09.0446 6268 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
01:48:09.0451 6268 ehRecvr - ok
01:48:09.0477 6268 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
01:48:09.0478 6268 ehSched - ok
01:48:09.0597 6268 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
01:48:09.0610 6268 elxstor - ok
01:48:09.0753 6268 ePowerSvc (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
01:48:09.0771 6268 ePowerSvc - ok
01:48:09.0871 6268 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
01:48:09.0873 6268 ErrDev - ok
01:48:09.0947 6268 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
01:48:09.0950 6268 EventSystem - ok
01:48:09.0981 6268 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
01:48:09.0989 6268 exfat - ok
01:48:10.0021 6268 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
01:48:10.0029 6268 fastfat - ok
01:48:10.0099 6268 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
01:48:10.0115 6268 Fax - ok
01:48:10.0123 6268 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
01:48:10.0125 6268 fdc - ok
01:48:10.0145 6268 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
01:48:10.0147 6268 fdPHost - ok
01:48:10.0163 6268 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
01:48:10.0165 6268 FDResPub - ok
01:48:10.0182 6268 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
01:48:10.0184 6268 FileInfo - ok
01:48:10.0208 6268 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
01:48:10.0210 6268 Filetrace - ok
01:48:10.0340 6268 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
01:48:10.0355 6268 FLEXnet Licensing Service - ok
01:48:10.0375 6268 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
01:48:10.0377 6268 flpydisk - ok
01:48:10.0427 6268 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
01:48:10.0430 6268 FltMgr - ok
01:48:10.0526 6268 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
01:48:10.0541 6268 FontCache - ok
01:48:10.0616 6268 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:48:10.0619 6268 FontCache3.0.0.0 - ok
01:48:10.0658 6268 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
01:48:10.0660 6268 FsDepends - ok
01:48:10.0696 6268 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
01:48:10.0698 6268 Fs_Rec - ok
01:48:10.0740 6268 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
01:48:10.0744 6268 fvevol - ok
01:48:10.0773 6268 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
01:48:10.0775 6268 gagp30kx - ok
01:48:10.0831 6268 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:48:10.0833 6268 GEARAspiWDM - ok
01:48:10.0904 6268 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
01:48:10.0916 6268 gpsvc - ok
01:48:10.0968 6268 GREGService (84e58fea8b1a7537696a20c59cb9b0c9) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
01:48:10.0969 6268 GREGService - ok
01:48:10.0984 6268 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
01:48:10.0986 6268 hcw85cir - ok
01:48:11.0034 6268 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
01:48:11.0046 6268 HdAudAddService - ok
01:48:11.0085 6268 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
01:48:11.0087 6268 HDAudBus - ok
01:48:11.0093 6268 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
01:48:11.0096 6268 HidBatt - ok
01:48:11.0106 6268 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
01:48:11.0108 6268 HidBth - ok
01:48:11.0115 6268 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
01:48:11.0117 6268 HidIr - ok
01:48:11.0135 6268 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
01:48:11.0137 6268 hidserv - ok
01:48:11.0160 6268 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
01:48:11.0160 6268 HidUsb - ok
01:48:11.0186 6268 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
01:48:11.0189 6268 hkmsvc - ok
01:48:11.0214 6268 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
01:48:11.0220 6268 HomeGroupListener - ok
01:48:11.0256 6268 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
01:48:11.0265 6268 HomeGroupProvider - ok
01:48:11.0283 6268 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
01:48:11.0285 6268 HpSAMD - ok
01:48:11.0353 6268 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
01:48:11.0367 6268 HTTP - ok
01:48:11.0377 6268 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
01:48:11.0378 6268 hwpolicy - ok
01:48:11.0399 6268 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
01:48:11.0401 6268 i8042prt - ok
01:48:11.0435 6268 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
01:48:11.0439 6268 iaStor - ok
01:48:11.0530 6268 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
01:48:11.0531 6268 IAStorDataMgrSvc - ok
01:48:11.0584 6268 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
01:48:11.0592 6268 iaStorV - ok
01:48:11.0731 6268 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
01:48:11.0734 6268 IDriverT - ok
01:48:11.0862 6268 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:48:11.0880 6268 idsvc - ok
01:48:12.0557 6268 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys
01:48:12.0759 6268 igfx - ok
01:48:12.0874 6268 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
01:48:12.0876 6268 iirsp - ok
01:48:12.0968 6268 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
01:48:12.0987 6268 IKEEXT - ok
01:48:13.0194 6268 IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
01:48:13.0257 6268 IntcAzAudAddService - ok
01:48:13.0420 6268 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
01:48:13.0433 6268 IntcDAud - ok
01:48:13.0462 6268 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
01:48:13.0463 6268 intelide - ok
01:48:13.0505 6268 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
01:48:13.0507 6268 intelppm - ok
01:48:13.0541 6268 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
01:48:13.0544 6268 IPBusEnum - ok
01:48:13.0556 6268 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:48:13.0558 6268 IpFilterDriver - ok
01:48:13.0601 6268 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
01:48:13.0608 6268 iphlpsvc - ok
01:48:13.0620 6268 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
01:48:13.0623 6268 IPMIDRV - ok
01:48:13.0644 6268 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
01:48:13.0646 6268 IPNAT - ok
01:48:13.0789 6268 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
01:48:13.0799 6268 iPod Service - ok
01:48:13.0833 6268 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
01:48:13.0835 6268 IRENUM - ok
01:48:13.0844 6268 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
01:48:13.0846 6268 isapnp - ok
01:48:13.0890 6268 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
01:48:13.0906 6268 iScsiPrt - ok
01:48:13.0938 6268 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
01:48:13.0939 6268 kbdclass - ok
01:48:13.0978 6268 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
01:48:13.0979 6268 kbdhid - ok
01:48:14.0003 6268 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:48:14.0004 6268 KeyIso - ok
01:48:14.0048 6268 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
01:48:14.0050 6268 KSecDD - ok
01:48:14.0079 6268 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
01:48:14.0090 6268 KSecPkg - ok
01:48:14.0121 6268 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
01:48:14.0123 6268 ksthunk - ok
01:48:14.0198 6268 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
01:48:14.0229 6268 KtmRm - ok
01:48:14.0293 6268 L1C (655a5d8e80869781cce23760ada7e695) C:\Windows\system32\DRIVERS\L1C62x64.sys
01:48:14.0302 6268 L1C - ok
01:48:14.0358 6268 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
01:48:14.0365 6268 LanmanServer - ok
01:48:14.0408 6268 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
01:48:14.0411 6268 LanmanWorkstation - ok
01:48:14.0484 6268 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
01:48:14.0501 6268 Live Updater Service - ok
01:48:14.0539 6268 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
01:48:14.0541 6268 lltdio - ok
01:48:14.0598 6268 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
01:48:14.0612 6268 lltdsvc - ok
01:48:14.0634 6268 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
01:48:14.0636 6268 lmhosts - ok
01:48:14.0739 6268 LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
01:48:14.0752 6268 LMS - ok
01:48:14.0791 6268 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
01:48:14.0793 6268 LSI_FC - ok
01:48:14.0816 6268 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
01:48:14.0821 6268 LSI_SAS - ok
01:48:14.0833 6268 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
01:48:14.0835 6268 LSI_SAS2 - ok
01:48:14.0850 6268 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
01:48:14.0852 6268 LSI_SCSI - ok
01:48:14.0875 6268 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
01:48:14.0877 6268 luafv - ok
01:48:14.0891 6268 lxbk_device - ok
01:48:14.0933 6268 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
01:48:14.0936 6268 Mcx2Svc - ok
01:48:14.0946 6268 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
01:48:14.0948 6268 megasas - ok
01:48:15.0003 6268 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
01:48:15.0041 6268 MegaSR - ok
01:48:15.0085 6268 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
01:48:15.0087 6268 MEIx64 - ok
01:48:15.0129 6268 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:48:15.0132 6268 MMCSS - ok
01:48:15.0148 6268 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
01:48:15.0150 6268 Modem - ok
01:48:15.0179 6268 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
01:48:15.0181 6268 monitor - ok
01:48:15.0203 6268 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
01:48:15.0204 6268 mouclass - ok
01:48:15.0229 6268 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
01:48:15.0230 6268 mouhid - ok
01:48:15.0251 6268 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
01:48:15.0253 6268 mountmgr - ok
01:48:15.0284 6268 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
01:48:15.0307 6268 mpio - ok
01:48:15.0337 6268 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
01:48:15.0366 6268 mpsdrv - ok
01:48:15.0453 6268 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
01:48:15.0472 6268 MpsSvc - ok
01:48:15.0487 6268 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
01:48:15.0490 6268 MRxDAV - ok
01:48:15.0517 6268 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
01:48:15.0527 6268 mrxsmb - ok
01:48:15.0587 6268 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:48:15.0600 6268 mrxsmb10 - ok
01:48:15.0625 6268 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:48:15.0628 6268 mrxsmb20 - ok
01:48:15.0637 6268 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
01:48:15.0639 6268 msahci - ok
01:48:15.0655 6268 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
01:48:15.0657 6268 msdsm - ok
01:48:15.0686 6268 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
01:48:15.0689 6268 MSDTC - ok
01:48:15.0715 6268 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
01:48:15.0717 6268 Msfs - ok
01:48:15.0745 6268 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
01:48:15.0747 6268 mshidkmdf - ok
01:48:15.0762 6268 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
01:48:15.0764 6268 msisadrv - ok
01:48:15.0805 6268 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
01:48:15.0815 6268 MSiSCSI - ok
01:48:15.0825 6268 msiserver - ok
01:48:15.0850 6268 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
01:48:15.0852 6268 MSKSSRV - ok
01:48:15.0881 6268 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
01:48:15.0882 6268 MSPCLOCK - ok
01:48:15.0903 6268 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
01:48:15.0904 6268 MSPQM - ok
01:48:15.0945 6268 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
01:48:15.0949 6268 MsRPC - ok
01:48:15.0976 6268 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
01:48:15.0977 6268 mssmbios - ok
01:48:15.0986 6268 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
01:48:15.0987 6268 MSTEE - ok
01:48:15.0995 6268 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
01:48:15.0997 6268 MTConfig - ok
01:48:16.0018 6268 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
01:48:16.0020 6268 Mup - ok
01:48:16.0044 6268 mwlPSDFilter (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
01:48:16.0045 6268 mwlPSDFilter - ok
01:48:16.0076 6268 mwlPSDNServ (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
01:48:16.0077 6268 mwlPSDNServ - ok
01:48:16.0098 6268 mwlPSDVDisk (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
01:48:16.0100 6268 mwlPSDVDisk - ok
01:48:16.0166 6268 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
01:48:16.0182 6268 napagent - ok
01:48:16.0257 6268 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
01:48:16.0270 6268 NativeWifiP - ok
01:48:16.0375 6268 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
01:48:16.0385 6268 NDIS - ok
01:48:16.0404 6268 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
01:48:16.0406 6268 NdisCap - ok
01:48:16.0441 6268 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
01:48:16.0443 6268 NdisTapi - ok
01:48:16.0467 6268 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
01:48:16.0469 6268 Ndisuio - ok
01:48:16.0501 6268 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
01:48:16.0511 6268 NdisWan - ok
01:48:16.0538 6268 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
01:48:16.0539 6268 NDProxy - ok
01:48:16.0562 6268 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
01:48:16.0563 6268 NetBIOS - ok
01:48:16.0607 6268 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
01:48:16.0623 6268 NetBT - ok
01:48:16.0639 6268 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:48:16.0640 6268 Netlogon - ok
01:48:16.0701 6268 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
01:48:16.0712 6268 Netman - ok
01:48:16.0747 6268 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
01:48:16.0754 6268 netprofm - ok
01:48:16.0837 6268 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:48:16.0840 6268 NetTcpPortSharing - ok
01:48:16.0893 6268 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
01:48:16.0895 6268 nfrd960 - ok
01:48:16.0941 6268 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
01:48:16.0988 6268 NlaSvc - ok
01:48:17.0259 6268 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
01:48:17.0311 6268 NOBU - ok
01:48:17.0425 6268 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
01:48:17.0426 6268 Npfs - ok
01:48:17.0459 6268 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
01:48:17.0461 6268 nsi - ok
01:48:17.0478 6268 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
01:48:17.0479 6268 nsiproxy - ok
01:48:17.0610 6268 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
01:48:17.0629 6268 Ntfs - ok
01:48:17.0751 6268 NTI IScheduleSvc (1873214666f6f0a883742df91fbc48c9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
01:48:17.0756 6268 NTI IScheduleSvc - ok
01:48:17.0883 6268 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
01:48:17.0885 6268 NTIDrvr - ok
01:48:17.0908 6268 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
01:48:17.0909 6268 Null - ok
01:48:17.0952 6268 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
01:48:17.0962 6268 nvraid - ok
01:48:17.0982 6268 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
01:48:17.0985 6268 nvstor - ok
01:48:18.0009 6268 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
01:48:18.0011 6268 nv_agp - ok
01:48:18.0024 6268 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
01:48:18.0025 6268 ohci1394 - ok
01:48:18.0117 6268 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:48:18.0128 6268 ose - ok
01:48:18.0452 6268 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:48:18.0552 6268 osppsvc - ok
01:48:18.0690 6268 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:48:18.0703 6268 p2pimsvc - ok
01:48:18.0764 6268 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
01:48:18.0782 6268 p2psvc - ok
01:48:18.0817 6268 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
01:48:18.0819 6268 Parport - ok
01:48:18.0856 6268 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
01:48:18.0858 6268 partmgr - ok
01:48:18.0877 6268 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
01:48:18.0880 6268 PcaSvc - ok
01:48:18.0917 6268 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
01:48:18.0919 6268 pci - ok
01:48:18.0928 6268 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
01:48:18.0929 6268 pciide - ok
01:48:18.0950 6268 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
01:48:18.0953 6268 pcmcia - ok
01:48:18.0973 6268 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
01:48:18.0975 6268 pcw - ok
01:48:19.0030 6268 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
01:48:19.0048 6268 PEAUTH - ok
01:48:19.0145 6268 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
01:48:19.0146 6268 PerfHost - ok
01:48:19.0283 6268 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
01:48:19.0309 6268 pla - ok
01:48:19.0363 6268 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
01:48:19.0372 6268 PlugPlay - ok
01:48:19.0391 6268 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
01:48:19.0394 6268 PNRPAutoReg - ok
01:48:19.0434 6268 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:48:19.0438 6268 PNRPsvc - ok
01:48:19.0501 6268 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
01:48:19.0515 6268 PolicyAgent - ok
01:48:19.0549 6268 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
01:48:19.0558 6268 Power - ok
01:48:19.0636 6268 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
01:48:19.0638 6268 PptpMiniport - ok
01:48:19.0660 6268 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
01:48:19.0663 6268 Processor - ok
01:48:19.0720 6268 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
01:48:19.0728 6268 ProfSvc - ok
01:48:19.0759 6268 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:48:19.0760 6268 ProtectedStorage - ok
01:48:19.0797 6268 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
01:48:19.0800 6268 Psched - ok
01:48:19.0909 6268 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
01:48:19.0939 6268 ql2300 - ok
01:48:20.0069 6268 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
01:48:20.0079 6268 ql40xx - ok
01:48:20.0128 6268 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
01:48:20.0145 6268 QWAVE - ok
01:48:20.0162 6268 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
01:48:20.0164 6268 QWAVEdrv - ok
01:48:20.0172 6268 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
01:48:20.0180 6268 RasAcd - ok
01:48:20.0226 6268 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
01:48:20.0228 6268 RasAgileVpn - ok
01:48:20.0256 6268 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
01:48:20.0259 6268 RasAuto - ok
01:48:20.0283 6268 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:48:20.0285 6268 Rasl2tp - ok
01:48:20.0321 6268 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
01:48:20.0334 6268 RasMan - ok
01:48:20.0358 6268 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
01:48:20.0360 6268 RasPppoe - ok
01:48:20.0391 6268 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
01:48:20.0393 6268 RasSstp - ok
01:48:20.0436 6268 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
01:48:20.0450 6268 rdbss - ok
01:48:20.0473 6268 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
01:48:20.0474 6268 rdpbus - ok
01:48:20.0489 6268 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:48:20.0490 6268 RDPCDD - ok
01:48:20.0518 6268 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
01:48:20.0519 6268 RDPENCDD - ok
01:48:20.0545 6268 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
01:48:20.0546 6268 RDPREFMP - ok
01:48:20.0605 6268 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
01:48:20.0613 6268 RDPWD - ok
01:48:20.0644 6268 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
01:48:20.0648 6268 rdyboost - ok
01:48:20.0685 6268 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
01:48:20.0688 6268 RemoteAccess - ok
01:48:20.0721 6268 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
01:48:20.0732 6268 RemoteRegistry - ok
01:48:20.0789 6268 RimUsb (ad42432d22940b4215177be113e4919c) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
01:48:20.0790 6268 RimUsb - ok
01:48:20.0854 6268 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
01:48:20.0855 6268 RimVSerPort - ok
01:48:20.0898 6268 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
01:48:20.0899 6268 ROOTMODEM - ok
01:48:20.0943 6268 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
01:48:20.0945 6268 RpcEptMapper - ok
01:48:20.0967 6268 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
01:48:20.0969 6268 RpcLocator - ok
01:48:21.0021 6268 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
01:48:21.0026 6268 RpcSs - ok
01:48:21.0056 6268 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
01:48:21.0058 6268 rspndr - ok
01:48:21.0174 6268 RTL8192Ce (64fdf4fe366ca42da2b7d9d424b6e39b) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
01:48:21.0191 6268 RTL8192Ce - ok
01:48:21.0214 6268 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:48:21.0216 6268 SamSs - ok
01:48:21.0323 6268 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
01:48:21.0324 6268 SASDIFSV - ok
01:48:21.0368 6268 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
01:48:21.0369 6268 SASKUTIL - ok
01:48:21.0390 6268 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
01:48:21.0393 6268 sbp2port - ok
01:48:21.0444 6268 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
01:48:21.0454 6268 SCardSvr - ok
01:48:21.0482 6268 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
01:48:21.0483 6268 scfilter - ok
01:48:21.0572 6268 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
01:48:21.0602 6268 Schedule - ok
01:48:21.0654 6268 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
01:48:21.0656 6268 SCPolicySvc - ok
01:48:21.0686 6268 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
01:48:21.0695 6268 SDRSVC - ok
01:48:21.0770 6268 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
01:48:21.0771 6268 secdrv - ok
01:48:21.0786 6268 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
01:48:21.0789 6268 seclogon - ok
01:48:21.0811 6268 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
01:48:21.0814 6268 SENS - ok
01:48:21.0851 6268 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
01:48:21.0854 6268 SensrSvc - ok
01:48:21.0877 6268 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
01:48:21.0879 6268 Serenum - ok
01:48:21.0900 6268 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
01:48:21.0905 6268 Serial - ok
01:48:21.0914 6268 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
01:48:21.0916 6268 sermouse - ok
01:48:21.0960 6268 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
01:48:21.0964 6268 SessionEnv - ok
01:48:21.0972 6268 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
01:48:21.0974 6268 sffdisk - ok
01:48:21.0983 6268 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
01:48:21.0985 6268 sffp_mmc - ok
01:48:21.0994 6268 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
01:48:21.0997 6268 sffp_sd - ok
01:48:22.0006 6268 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
01:48:22.0007 6268 sfloppy - ok
01:48:22.0128 6268 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
01:48:22.0150 6268 Sftfs - ok
01:48:22.0273 6268 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
01:48:22.0286 6268 sftlist - ok
01:48:22.0328 6268 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
01:48:22.0344 6268 Sftplay - ok
01:48:22.0366 6268 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
01:48:22.0367 6268 Sftredir - ok
01:48:22.0382 6268 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
01:48:22.0384 6268 Sftvol - ok
01:48:22.0417 6268 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
01:48:22.0425 6268 sftvsa - ok
01:48:22.0478 6268 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
01:48:22.0489 6268 SharedAccess - ok
01:48:22.0544 6268 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
01:48:22.0552 6268 ShellHWDetection - ok
01:48:22.0606 6268 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
01:48:22.0607 6268 SiSRaid2 - ok
01:48:22.0620 6268 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
01:48:22.0622 6268 SiSRaid4 - ok
01:48:22.0651 6268 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
01:48:22.0653 6268 Smb - ok
01:48:22.0692 6268 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
01:48:22.0695 6268 SNMPTRAP - ok
01:48:22.0712 6268 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
01:48:22.0714 6268 spldr - ok
01:48:22.0777 6268 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
01:48:22.0789 6268 Spooler - ok
01:48:22.0983 6268 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
01:48:23.0055 6268 sppsvc - ok
01:48:23.0175 6268 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
01:48:23.0178 6268 sppuinotify - ok
01:48:23.0236 6268 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
01:48:23.0253 6268 srv - ok
01:48:23.0285 6268 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
01:48:23.0290 6268 srv2 - ok
01:48:23.0326 6268 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
01:48:23.0335 6268 srvnet - ok
01:48:23.0384 6268 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
01:48:23.0388 6268 SSDPSRV - ok
01:48:23.0412 6268 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
01:48:23.0415 6268 SstpSvc - ok
01:48:23.0503 6268 Steam Client Service - ok
01:48:23.0528 6268 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
01:48:23.0530 6268 stexstor - ok
01:48:23.0602 6268 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
01:48:23.0621 6268 stisvc - ok
01:48:23.0658 6268 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
01:48:23.0660 6268 swenum - ok
01:48:23.0713 6268 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
01:48:23.0723 6268 swprv - ok
01:48:23.0843 6268 SynTP (bc642d540aedf9a253c74d10c848ebd2) C:\Windows\system32\DRIVERS\SynTP.sys
01:48:23.0865 6268 SynTP - ok
01:48:24.0116 6268 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
01:48:24.0157 6268 SysMain - ok
01:48:24.0230 6268 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
01:48:24.0233 6268 TabletInputService - ok
01:48:24.0270 6268 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
01:48:24.0281 6268 TapiSrv - ok
01:48:24.0297 6268 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
01:48:24.0300 6268 TBS - ok
01:48:24.0476 6268 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
01:48:24.0489 6268 Tcpip - ok
01:48:24.0700 6268 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
01:48:24.0712 6268 TCPIP6 - ok
01:48:24.0791 6268 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
01:48:24.0793 6268 tcpipreg - ok
01:48:24.0815 6268 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
01:48:24.0817 6268 TDPIPE - ok
01:48:24.0866 6268 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
01:48:24.0867 6268 TDTCP - ok
01:48:24.0914 6268 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
01:48:24.0919 6268 tdx - ok
01:48:24.0935 6268 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
01:48:24.0937 6268 TermDD - ok
01:48:25.0005 6268 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
01:48:25.0021 6268 TermService - ok
01:48:25.0046 6268 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
01:48:25.0049 6268 Themes - ok
01:48:25.0085 6268 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:48:25.0087 6268 THREADORDER - ok
01:48:25.0122 6268 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
01:48:25.0126 6268 TrkWks - ok
01:48:25.0206 6268 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
01:48:25.0215 6268 TrustedInstaller - ok
01:48:25.0239 6268 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:48:25.0241 6268 tssecsrv - ok
01:48:25.0268 6268 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
01:48:25.0270 6268 TsUsbFlt - ok
01:48:25.0291 6268 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
01:48:25.0293 6268 TsUsbGD - ok
01:48:25.0338 6268 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
01:48:25.0340 6268 tunnel - ok
01:48:25.0354 6268 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
01:48:25.0357 6268 uagp35 - ok
01:48:25.0376 6268 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
01:48:25.0378 6268 UBHelper - ok
01:48:25.0422 6268 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
01:48:25.0435 6268 udfs - ok
01:48:25.0479 6268 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
01:48:25.0482 6268 UI0Detect - ok
01:48:25.0521 6268 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
01:48:25.0565 6268 uliagpkx - ok
01:48:25.0592 6268 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
01:48:25.0597 6268 umbus - ok
01:48:25.0605 6268 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
01:48:25.0607 6268 UmPass - ok
01:48:25.0847 6268 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
01:48:25.0900 6268 UNS - ok
01:48:26.0063 6268 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
01:48:26.0074 6268 upnphost - ok
01:48:26.0114 6268 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
01:48:26.0115 6268 USBAAPL64 - ok
01:48:26.0141 6268 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
01:48:26.0143 6268 usbccgp - ok
01:48:26.0179 6268 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
01:48:26.0181 6268 usbcir - ok
01:48:26.0201 6268 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
01:48:26.0202 6268 usbehci - ok
01:48:26.0250 6268 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
01:48:26.0261 6268 usbhub - ok
01:48:26.0271 6268 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
01:48:26.0273 6268 usbohci - ok
01:48:26.0303 6268 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
01:48:26.0304 6268 usbprint - ok
01:48:26.0346 6268 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
01:48:26.0348 6268 usbscan - ok
01:48:26.0373 6268 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:48:26.0375 6268 USBSTOR - ok
01:48:26.0384 6268 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
01:48:26.0386 6268 usbuhci - ok
01:48:26.0429 6268 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
01:48:26.0438 6268 usbvideo - ok
01:48:26.0468 6268 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
01:48:26.0471 6268 UxSms - ok
01:48:26.0502 6268 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:48:26.0504 6268 VaultSvc - ok
01:48:26.0528 6268 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
01:48:26.0530 6268 vdrvroot - ok
01:48:26.0580 6268 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
01:48:26.0588 6268 vds - ok
01:48:26.0634 6268 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
01:48:26.0636 6268 vga - ok
01:48:26.0655 6268 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
01:48:26.0657 6268 VgaSave - ok
01:48:26.0697 6268 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
01:48:26.0705 6268 vhdmp - ok
01:48:26.0714 6268 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
01:48:26.0715 6268 viaide - ok
01:48:26.0740 6268 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
01:48:26.0741 6268 volmgr - ok
01:48:26.0785 6268 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
01:48:26.0789 6268 volmgrx - ok
01:48:26.0814 6268 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
01:48:26.0818 6268 volsnap - ok
01:48:26.0870 6268 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
01:48:26.0880 6268 vsmraid - ok
01:48:27.0007 6268 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
01:48:27.0041 6268 VSS - ok
01:48:27.0166 6268 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
01:48:27.0168 6268 vwifibus - ok
01:48:27.0200 6268 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
01:48:27.0202 6268 vwififlt - ok
01:48:27.0262 6268 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
01:48:27.0271 6268 W32Time - ok
01:48:27.0294 6268 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
01:48:27.0296 6268 WacomPen - ok
01:48:27.0342 6268 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:48:27.0344 6268 WANARP - ok
01:48:27.0361 6268 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:48:27.0362 6268 Wanarpv6 - ok
01:48:27.0507 6268 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
01:48:27.0526 6268 WatAdminSvc - ok
01:48:27.0653 6268 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
01:48:27.0690 6268 wbengine - ok
01:48:27.0813 6268 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
01:48:27.0820 6268 WbioSrvc - ok
01:48:27.0853 6268 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
01:48:27.0859 6268 wcncsvc - ok
01:48:27.0877 6268 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
01:48:27.0879 6268 WcsPlugInService - ok
01:48:27.0907 6268 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
01:48:27.0909 6268 Wd - ok
01:48:27.0982 6268 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
01:48:27.0998 6268 Wdf01000 - ok
01:48:28.0020 6268 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:48:28.0023 6268 WdiServiceHost - ok
01:48:28.0030 6268 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:48:28.0033 6268 WdiSystemHost - ok
01:48:28.0068 6268 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
01:48:28.0085 6268 WebClient - ok
01:48:28.0143 6268 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
01:48:28.0150 6268 Wecsvc - ok
01:48:28.0171 6268 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
01:48:28.0174 6268 wercplsupport - ok
01:48:28.0215 6268 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
01:48:28.0218 6268 WerSvc - ok
01:48:28.0290 6268 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
01:48:28.0291 6268 WfpLwf - ok
01:48:28.0315 6268 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
01:48:28.0317 6268 WIMMount - ok
01:48:28.0369 6268 WinDefend - ok
01:48:28.0379 6268 WinHttpAutoProxySvc - ok
01:48:28.0439 6268 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
01:48:28.0445 6268 Winmgmt - ok
01:48:28.0596 6268 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
01:48:28.0643 6268 WinRM - ok
01:48:28.0825 6268 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
01:48:28.0826 6268 WinUsb - ok
01:48:28.0915 6268 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
01:48:28.0932 6268 Wlansvc - ok
01:48:28.0990 6268 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
01:48:28.0991 6268 wlcrasvc - ok
01:48:29.0148 6268 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:48:29.0192 6268 wlidsvc - ok
01:48:29.0328 6268 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
01:48:29.0329 6268 WmiAcpi - ok
01:48:29.0419 6268 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
01:48:29.0427 6268 wmiApSrv - ok
01:48:29.0486 6268 WMPNetworkSvc - ok
01:48:29.0513 6268 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
01:48:29.0516 6268 WPCSvc - ok
01:48:29.0548 6268 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
01:48:29.0551 6268 WPDBusEnum - ok
01:48:29.0593 6268 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
01:48:29.0595 6268 ws2ifsl - ok
01:48:29.0621 6268 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
01:48:29.0625 6268 wscsvc - ok
01:48:29.0633 6268 WSearch - ok
01:48:29.0814 6268 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
01:48:29.0865 6268 wuauserv - ok
01:48:30.0032 6268 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
01:48:30.0035 6268 WudfPf - ok
01:48:30.0100 6268 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:48:30.0110 6268 WUDFRd - ok
01:48:30.0150 6268 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
01:48:30.0153 6268 wudfsvc - ok
01:48:30.0184 6268 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
01:48:30.0191 6268 WwanSvc - ok
01:48:30.0241 6268 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
01:48:30.0646 6268 \Device\Harddisk0\DR0 - ok
01:48:30.0652 6268 Boot (0x1200) (b26e899785be64db0c7febf2f3d29418) \Device\Harddisk0\DR0\Partition0
01:48:30.0654 6268 \Device\Harddisk0\DR0\Partition0 - ok
01:48:30.0692 6268 Boot (0x1200) (7340be34a96f7eaafd8cc1dbe02b0b41) \Device\Harddisk0\DR0\Partition1
01:48:30.0694 6268 \Device\Harddisk0\DR0\Partition1 - ok
01:48:30.0696 6268 ============================================================
01:48:30.0696 6268 Scan finished
01:48:30.0696 6268 ============================================================
01:48:30.0709 6964 Detected object count: 0
01:48:30.0709 6964 Actual detected object count: 0


aswMBR


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-09 01:49:26
-----------------------------
01:49:26.569 OS Version: Windows x64 6.1.7601 Service Pack 1
01:49:26.569 Number of processors: 2 586 0x2A07
01:49:26.570 ComputerName: JAMES-PC UserName: James
01:49:27.970 Initialize success
01:51:14.869 AVAST engine defs: 12080801
01:51:36.559 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:51:36.561 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
01:51:36.578 Disk 0 MBR read successfully
01:51:36.580 Disk 0 MBR scan
01:51:36.598 Disk 0 Windows 7 default MBR code
01:51:36.608 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
01:51:36.622 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
01:51:36.639 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461478 MB offset 31664128
01:51:36.657 Disk 0 scanning C:\Windows\system32\drivers
01:51:44.576 Service scanning
01:52:05.807 Modules scanning
01:52:05.815 Disk 0 trace - called modules:
01:52:05.832 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
01:52:06.201 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80067c1060]
01:52:06.207 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004985050]
01:52:08.153 AVAST engine scan C:\Windows
01:52:10.975 AVAST engine scan C:\Windows\system32
01:55:15.212 AVAST engine scan C:\Windows\system32\drivers
01:55:36.212 AVAST engine scan C:\Users\James
01:58:13.572 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
01:58:13.579 The log file has been saved successfully to "C:\aswMBR.txt"



ESET online scanner

C:\Users\James\AppData\Local\Temp\Inc.class a variant of Java/Exploit.CVE-2011-3544.AW trojan cleaned by deleting - quarantined
C:\Users\James\AppData\Local\Temp\YontooSetup-S.exe multiple threats cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 09 August 2012 - 02:31 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 SteezyDolphin

SteezyDolphin
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 09 August 2012 - 03:57 AM

MBAM


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.09.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
James :: JAMES-PC [administrator]

09/08/2012 3:51:49 AM
mbam-log-2012-08-09 (03-51-49).txt

Scan type: Full scan (C:\|D:\|E:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 332383
Time elapsed: 35 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Rouge Killer

127.0.0.1 localhost



Mini Toolbox


MiniToolBox by Farbar Version: 23-07-2012
Ran by James (administrator) on 09-08-2012 at 04:49:11
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set subinterface interface=?. subinterface=ethernet_6 mtu=1500
set subinterface interface=?. subinterface=wireless_0 mtu=1500


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : James-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : phub.net.cable.rogers.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : phub.net.cable.rogers.com
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 74-DE-2B-5D-4C-7C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9c19:852a:e114:d77d%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : August-09-12 2:04:42 AM
Lease Expires . . . . . . . . . . : August-16-12 2:42:23 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 427089451
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-30-8E-A5-E8-9A-8F-C3-B1-AD
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : phub.net.cable.rogers.com
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : E8-9A-8F-C3-B1-AD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.phub.net.cable.rogers.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : phub.net.cable.rogers.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3cda:3397:9c11:2d26(Preferred)
Link-local IPv6 Address . . . . . : fe80::3cda:3397:9c11:2d26%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:400b:801::1009
74.125.226.36
74.125.226.35
74.125.226.33
74.125.226.46
74.125.226.32
74.125.226.41
74.125.226.39
74.125.226.38
74.125.226.37
74.125.226.40
74.125.226.34


Pinging google.com [74.125.226.35] with 32 bytes of data:
Reply from 74.125.226.35: bytes=32 time=20ms TTL=56
Reply from 74.125.226.35: bytes=32 time=20ms TTL=56

Ping statistics for 74.125.226.35:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 20ms, Maximum = 20ms, Average = 20ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=96ms TTL=52
Reply from 98.139.183.24: bytes=32 time=88ms TTL=52

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 88ms, Maximum = 96ms, Average = 92ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...74 de 2b 5d 4c 7c ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
11...e8 9a 8f c3 b1 ad ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.102 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.102 286
192.168.0.102 255.255.255.255 On-link 192.168.0.102 286
192.168.0.255 255.255.255.255 On-link 192.168.0.102 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.102 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.102 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:3cda:3397:9c11:2d26/128
On-link
13 286 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::3cda:3397:9c11:2d26/128
On-link
13 286 fe80::9c19:852a:e114:d77d/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
13 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/09/2012 02:10:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 02:10:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 02:10:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 02:10:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 02:05:50 AM) (Source: Application Error) (User: )
Description: Faulting application name: NOBuClient.exe, version: 2.1.17869.0, time stamp: 0x4c056071
Faulting module name: NOBuClient.exe, version: 2.1.17869.0, time stamp: 0x4c056071
Exception code: 0xc0000005
Fault offset: 0x0000000000019f6f
Faulting process id: 0x12dc
Faulting application start time: 0xNOBuClient.exe0
Faulting application path: NOBuClient.exe1
Faulting module path: NOBuClient.exe2
Report Id: NOBuClient.exe3

Error: (08/09/2012 02:05:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2012 02:00:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 00:29:31 AM) (Source: Application Error) (User: )
Description: Faulting application name: NOBuAgent.exe, version: 2.1.17869.0, time stamp: 0x4c056009
Faulting module name: NOBuAgent.exe, version: 2.1.17869.0, time stamp: 0x4c056009
Exception code: 0x40000015
Fault offset: 0x000000000012c752
Faulting process id: 0x4f8
Faulting application start time: 0xNOBuAgent.exe0
Faulting application path: NOBuAgent.exe1
Faulting module path: NOBuAgent.exe2
Report Id: NOBuAgent.exe3

Error: (08/08/2012 00:01:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2012 09:27:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/09/2012 02:42:19 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/09/2012 02:05:06 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/09/2012 02:04:55 AM) (Source: BugCheck) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff8000307f0c5, 0xfffff8800c22c418, 0xfffff8800c22bc70)C:\Windows\MEMORY.DMP080912-38001-01

Error: (08/09/2012 02:04:40 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:02:44 AM on ?09/?08/?2012 was unexpected.

Error: (08/09/2012 01:18:27 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/09/2012 00:34:20 AM) (Source: Service Control Manager) (User: )
Description: The SASDIFSV service failed to start due to the following error:
%%183

Error: (08/09/2012 00:29:32 AM) (Source: Service Control Manager) (User: )
Description: The Norton Online Backup service terminated unexpectedly. It has done this 1 time(s).

Error: (08/08/2012 11:20:16 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/08/2012 11:18:54 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/08/2012 00:01:50 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (08/09/2012 02:10:41 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\James\Downloads\esetsmartinstaller_enu.exe

Error: (08/09/2012 02:10:37 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\James\Downloads\esetsmartinstaller_enu.exe

Error: (08/09/2012 02:10:37 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\James\Downloads\esetsmartinstaller_enu.exe

Error: (08/09/2012 02:10:32 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\James\Downloads\esetsmartinstaller_enu.exe

Error: (08/09/2012 02:05:50 AM) (Source: Application Error)(User: )
Description: NOBuClient.exe2.1.17869.04c056071NOBuClient.exe2.1.17869.04c056071c00000050000000000019f6f12dc01cd75f5017032daC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exeC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe4499299c-e1e8-11e1-8aaa-e89a8fc3b1ad

Error: (08/09/2012 02:05:42 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2012 02:00:23 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\James\Downloads\esetsmartinstaller_enu.exe

Error: (08/09/2012 00:29:31 AM) (Source: Application Error)(User: )
Description: NOBuAgent.exe2.1.17869.04c056009NOBuAgent.exe2.1.17869.04c05600940000015000000000012c7524f801cd757efc7ba3ccC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exeC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.execfa68de7-e1da-11e1-bff7-e89a8fc3b1ad

Error: (08/08/2012 00:01:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2012 09:27:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Acer Backup Manager (Version: 3.0.0.99)
Acer Crystal Eye Webcam (Version: 1.0.1904)
Acer ePower Management (Version: 6.00.3007)
Acer eRecovery Management (Version: 5.00.3502)
Acer Registration (Version: 1.04.3502)
Acer ScreenSaver (Version: 1.1.0517.2011)
Acer System Information (Version: 1.0.0)
Acer Updater (Version: 1.02.3500)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.63)
Adobe Reader X MUI (Version: 10.0.0)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Age of Empires III (Version: 1.00.0000)
Age of Empires Online (Version: 1.0.0000.1)
Age of Empires Online (Version: 1.0.0000.129)
Alcor Micro USB Card Reader (Version: 1.2.42.68439)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.2.43)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2178)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2178)
Backup Manager V3 (Version: 3.0.0.99)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.36)
Bonjour (Version: 3.0.0.10)
clear.fi (Version: 1.0.1517_36458)
clear.fi (Version: 1.0.1720.00)
clear.fi (Version: 9.0.7709)
clear.fi Client (Version: 1.00.3500)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.3.0297)
ESET Online Scanner v3
FrostWire 5.3.6 (Version: 5.3.6.0)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 21.0.1180.75)
Identity Card (Version: 1.00.3501)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 5.1.4)
League of Legends (Version: 1.3)
Lexmark X1100 Series
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 4.0.14.25)
MyWinLocker 4 (Version: 4.0.14.25)
MyWinLocker Suite (Version: 4.0.14.15)
Norton Online Backup (Version: 2.1.17869)
NTI Media Maker 9 (Version: 9.0.2.8942)
Pando Media Booster (Version: 2.6.0.8)
Realtek High Definition Audio Driver (Version: 6.0.1.6392)
Roller Coaster Tycoon 3 Platinum - CarlesNeo !
Shredder (Version: 2.0.8.9)
Skype™ 5.5 (Version: 5.5.124)
Starcraft
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.5.1012)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.1.18.0)
Tinker (Version: 1.0.0000.131)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.0.1 (Version: 1.0.1)
Welcome Center (Version: 1.02.3503)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.11 (64-bit) (Version: 4.11.0)

========================= Memory info: ===================================

Percentage of memory in use: 71%
Total physical RAM: 3947.86 MB
Available physical RAM: 1137.07 MB
Total Pagefile: 7893.91 MB
Available Pagefile: 4276.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.42 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:346.38 GB) NTFS
3 Drive e: (RCTYCOON) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\JAMES-PC

Administrator Guest James


**** End of log ****


FSS



Farbar Service Scanner Version: 06-08-2012
Ran by James (administrator) on 09-08-2012 at 04:52:18
Running from "C:\Users\James\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adwc

computer would not allow to open

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 09 August 2012 - 04:00 AM

Disable your antivirus and launch adaware cleaner

#7 SteezyDolphin

SteezyDolphin
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 09 August 2012 - 11:23 AM

MBAM


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.09.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
James :: JAMES-PC [administrator]

09/08/2012 3:51:49 AM
mbam-log-2012-08-09 (03-51-49).txt

Scan type: Full scan (C:\|D:\|E:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 332383
Time elapsed: 35 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Rouge Killer

RogueKiller V7.6.5 [08/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: James [Admin rights]
Mode: HOSTSFix -- Date: 08/09/2012 04:46:51

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt




Mini Toolbox


MiniToolBox by Farbar Version: 23-07-2012
Ran by James (administrator) on 09-08-2012 at 04:49:11
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set subinterface interface=?. subinterface=ethernet_6 mtu=1500
set subinterface interface=?. subinterface=wireless_0 mtu=1500


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : James-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : phub.net.cable.rogers.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : phub.net.cable.rogers.com
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 74-DE-2B-5D-4C-7C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9c19:852a:e114:d77d%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : August-09-12 2:04:42 AM
Lease Expires . . . . . . . . . . : August-16-12 2:42:23 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 427089451
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-30-8E-A5-E8-9A-8F-C3-B1-AD
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : phub.net.cable.rogers.com
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : E8-9A-8F-C3-B1-AD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.phub.net.cable.rogers.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : phub.net.cable.rogers.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3cda:3397:9c11:2d26(Preferred)
Link-local IPv6 Address . . . . . : fe80::3cda:3397:9c11:2d26%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:400b:801::1009
74.125.226.36
74.125.226.35
74.125.226.33
74.125.226.46
74.125.226.32
74.125.226.41
74.125.226.39
74.125.226.38
74.125.226.37
74.125.226.40
74.125.226.34


Pinging google.com [74.125.226.35] with 32 bytes of data:
Reply from 74.125.226.35: bytes=32 time=20ms TTL=56
Reply from 74.125.226.35: bytes=32 time=20ms TTL=56

Ping statistics for 74.125.226.35:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 20ms, Maximum = 20ms, Average = 20ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=96ms TTL=52
Reply from 98.139.183.24: bytes=32 time=88ms TTL=52

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 88ms, Maximum = 96ms, Average = 92ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...74 de 2b 5d 4c 7c ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
11...e8 9a 8f c3 b1 ad ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.102 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.102 286
192.168.0.102 255.255.255.255 On-link 192.168.0.102 286
192.168.0.255 255.255.255.255 On-link 192.168.0.102 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.102 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.102 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:3cda:3397:9c11:2d26/128
On-link
13 286 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::3cda:3397:9c11:2d26/128
On-link
13 286 fe80::9c19:852a:e114:d77d/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
13 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/09/2012 02:10:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 02:10:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 02:10:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 02:10:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 02:05:50 AM) (Source: Application Error) (User: )
Description: Faulting application name: NOBuClient.exe, version: 2.1.17869.0, time stamp: 0x4c056071
Faulting module name: NOBuClient.exe, version: 2.1.17869.0, time stamp: 0x4c056071
Exception code: 0xc0000005
Fault offset: 0x0000000000019f6f
Faulting process id: 0x12dc
Faulting application start time: 0xNOBuClient.exe0
Faulting application path: NOBuClient.exe1
Faulting module path: NOBuClient.exe2
Report Id: NOBuClient.exe3

Error: (08/09/2012 02:05:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2012 02:00:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 00:29:31 AM) (Source: Application Error) (User: )
Description: Faulting application name: NOBuAgent.exe, version: 2.1.17869.0, time stamp: 0x4c056009
Faulting module name: NOBuAgent.exe, version: 2.1.17869.0, time stamp: 0x4c056009
Exception code: 0x40000015
Fault offset: 0x000000000012c752
Faulting process id: 0x4f8
Faulting application start time: 0xNOBuAgent.exe0
Faulting application path: NOBuAgent.exe1
Faulting module path: NOBuAgent.exe2
Report Id: NOBuAgent.exe3

Error: (08/08/2012 00:01:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2012 09:27:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/09/2012 02:42:19 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/09/2012 02:05:06 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/09/2012 02:04:55 AM) (Source: BugCheck) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff8000307f0c5, 0xfffff8800c22c418, 0xfffff8800c22bc70)C:\Windows\MEMORY.DMP080912-38001-01

Error: (08/09/2012 02:04:40 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:02:44 AM on ?09/?08/?2012 was unexpected.

Error: (08/09/2012 01:18:27 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/09/2012 00:34:20 AM) (Source: Service Control Manager) (User: )
Description: The SASDIFSV service failed to start due to the following error:
%%183

Error: (08/09/2012 00:29:32 AM) (Source: Service Control Manager) (User: )
Description: The Norton Online Backup service terminated unexpectedly. It has done this 1 time(s).

Error: (08/08/2012 11:20:16 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/08/2012 11:18:54 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/08/2012 00:01:50 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (08/09/2012 02:10:41 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\James\Downloads\esetsmartinstaller_enu.exe

Error: (08/09/2012 02:10:37 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\James\Downloads\esetsmartinstaller_enu.exe

Error: (08/09/2012 02:10:37 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\James\Downloads\esetsmartinstaller_enu.exe

Error: (08/09/2012 02:10:32 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\James\Downloads\esetsmartinstaller_enu.exe

Error: (08/09/2012 02:05:50 AM) (Source: Application Error)(User: )
Description: NOBuClient.exe2.1.17869.04c056071NOBuClient.exe2.1.17869.04c056071c00000050000000000019f6f12dc01cd75f5017032daC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exeC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe4499299c-e1e8-11e1-8aaa-e89a8fc3b1ad

Error: (08/09/2012 02:05:42 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2012 02:00:23 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\James\Downloads\esetsmartinstaller_enu.exe

Error: (08/09/2012 00:29:31 AM) (Source: Application Error)(User: )
Description: NOBuAgent.exe2.1.17869.04c056009NOBuAgent.exe2.1.17869.04c05600940000015000000000012c7524f801cd757efc7ba3ccC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exeC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.execfa68de7-e1da-11e1-bff7-e89a8fc3b1ad

Error: (08/08/2012 00:01:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2012 09:27:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Acer Backup Manager (Version: 3.0.0.99)
Acer Crystal Eye Webcam (Version: 1.0.1904)
Acer ePower Management (Version: 6.00.3007)
Acer eRecovery Management (Version: 5.00.3502)
Acer Registration (Version: 1.04.3502)
Acer ScreenSaver (Version: 1.1.0517.2011)
Acer System Information (Version: 1.0.0)
Acer Updater (Version: 1.02.3500)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.63)
Adobe Reader X MUI (Version: 10.0.0)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Age of Empires III (Version: 1.00.0000)
Age of Empires Online (Version: 1.0.0000.1)
Age of Empires Online (Version: 1.0.0000.129)
Alcor Micro USB Card Reader (Version: 1.2.42.68439)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.2.43)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2178)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2178)
Backup Manager V3 (Version: 3.0.0.99)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.36)
Bonjour (Version: 3.0.0.10)
clear.fi (Version: 1.0.1517_36458)
clear.fi (Version: 1.0.1720.00)
clear.fi (Version: 9.0.7709)
clear.fi Client (Version: 1.00.3500)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.3.0297)
ESET Online Scanner v3
FrostWire 5.3.6 (Version: 5.3.6.0)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 21.0.1180.75)
Identity Card (Version: 1.00.3501)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 5.1.4)
League of Legends (Version: 1.3)
Lexmark X1100 Series
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 4.0.14.25)
MyWinLocker 4 (Version: 4.0.14.25)
MyWinLocker Suite (Version: 4.0.14.15)
Norton Online Backup (Version: 2.1.17869)
NTI Media Maker 9 (Version: 9.0.2.8942)
Pando Media Booster (Version: 2.6.0.8)
Realtek High Definition Audio Driver (Version: 6.0.1.6392)
Roller Coaster Tycoon 3 Platinum - CarlesNeo !
Shredder (Version: 2.0.8.9)
Skype™ 5.5 (Version: 5.5.124)
Starcraft
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.5.1012)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.1.18.0)
Tinker (Version: 1.0.0000.131)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.0.1 (Version: 1.0.1)
Welcome Center (Version: 1.02.3503)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.11 (64-bit) (Version: 4.11.0)

========================= Memory info: ===================================

Percentage of memory in use: 71%
Total physical RAM: 3947.86 MB
Available physical RAM: 1137.07 MB
Total Pagefile: 7893.91 MB
Available Pagefile: 4276.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.42 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:346.38 GB) NTFS
3 Drive e: (RCTYCOON) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\JAMES-PC

Administrator Guest James


**** End of log ****


FSS



Farbar Service Scanner Version: 06-08-2012
Ran by James (administrator) on 09-08-2012 at 04:52:18
Running from "C:\Users\James\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adwc

# AdwCleaner v1.800 - Logfile created 08/09/2012 at 12:17:16
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : James - JAMES-PC
# Running from : C:\Users\James\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.75

File : C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [270 octets] - [09/08/2012 04:54:09]
AdwCleaner[S2].txt - [4878 octets] - [09/08/2012 04:55:04]
AdwCleaner[S3].txt - [790 octets] - [09/08/2012 12:17:16]

########## EOF - C:\AdwCleaner[S3].txt - [917 octets] ##########

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 09 August 2012 - 01:07 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 SteezyDolphin

SteezyDolphin
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 09 August 2012 - 03:16 PM

Thank you very much i have not seen any more of those annoying ads or been redirected. you sir are a saint

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 09 August 2012 - 03:17 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users