Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Aftermath of Moneypak Attack


  • Please log in to reply
15 replies to this topic

#1 Shade the Wolf

Shade the Wolf

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:By my computer
  • Local time:01:14 AM

Posted 11 August 2012 - 10:01 PM

I recently came under attack by ransomware, and managed to fix it via system restoring to a point before the attack, but I still want to make sure my computer is clean.

It happened after I tried to access http:// w w w . allsp . ch to stream some South Park. The attack would lock me out whenever I tried to access the internet.

My operating system is Windows 7 Home Premium 64-bit (SP1).

the ransom note was this:

The FBI
Federal Bureau of Investigation

ATTENTION!
IP: xxx.xxx.xxx
Location: Your Country Here
IPS: Your ISP Here

Your PC is blocked due to at least one of the reasons specified below.

You have been violation Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article I, Section 8, Clause 8, also known as the Copyright of the Criminal Code of United States of America.

Article I, Section 8, Clause 8 of the Criminal Code provides for a fine of two to five hundred minimal wages or a deprivation of liberty for two to eight years.

You have been viewing or distributing prohibited Pornographic content (Child Porno, Zoofilia and etc). Thus violating article 202 of the Criminal Code of United States of America. Article 202 of the Criminal Code provides for a deprivation of liberty for four to twelve years.

Illegal access has been initiated from your PC without your knowledge or consent, your PC may be infected by malware, thus you are violating the law of Neglectful Use of Personal Computer. Article 210 of the Criminal Code provides for a fine of up to $100,000 and/or a deprivation of liberty for four to nine years.

Pursuant to the amendment to the Criminal Code of United States of America of May 28, 2011, this law infringement (if it is not repeated - first time) may be considered as conditional in case you pay the fine to the State.

Fines may be paid within 72 hours after the infringement. As soon as 72 hours elapse, the possibility to pay the fine expires, and a criminal case is initiated against you automatically within the next 72 hours!

To unblock the computer, you must pay the fine through MoneyPak of 200$.


Edited by Shade the Wolf, 11 August 2012 - 10:12 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:14 AM

Posted 12 August 2012 - 04:19 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Shade the Wolf

Shade the Wolf
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:By my computer
  • Local time:01:14 AM

Posted 12 August 2012 - 12:51 PM

11:12:40.0602 2720 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
11:12:40.0962 2720 ============================================================
11:12:40.0962 2720 Current date / time: 2012/08/12 11:12:40.0962
11:12:40.0962 2720 SystemInfo:
11:12:40.0962 2720
11:12:40.0962 2720 OS Version: 6.1.7601 ServicePack: 1.0
11:12:40.0962 2720 Product type: Workstation
11:12:40.0962 2720 ComputerName: SHADETHEWOLF-PC
11:12:40.0962 2720 UserName: Shade the Wolf
11:12:40.0962 2720 Windows directory: C:\Windows
11:12:40.0962 2720 System windows directory: C:\Windows
11:12:40.0962 2720 Running under WOW64
11:12:40.0962 2720 Processor architecture: Intel x64
11:12:40.0962 2720 Number of processors: 2
11:12:40.0962 2720 Page size: 0x1000
11:12:40.0962 2720 Boot type: Normal boot
11:12:40.0962 2720 ============================================================
11:12:42.0732 2720 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
11:12:42.0752 2720 ============================================================
11:12:42.0752 2720 \Device\Harddisk0\DR0:
11:12:42.0752 2720 MBR partitions:
11:12:42.0752 2720 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:12:42.0752 2720 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38D6E000
11:12:42.0752 2720 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38DA0800, BlocksNum 0x15E5000
11:12:42.0752 2720 ============================================================
11:12:42.0772 2720 C: <-> \Device\Harddisk0\DR0\Partition1
11:12:42.0802 2720 D: <-> \Device\Harddisk0\DR0\Partition2
11:12:42.0802 2720 ============================================================
11:12:42.0802 2720 Initialize success
11:12:42.0802 2720 ============================================================
11:12:56.0083 5324 ============================================================
11:12:56.0083 5324 Scan started
11:12:56.0083 5324 Mode: Manual; TDLFS;
11:12:56.0083 5324 ============================================================
11:12:57.0743 5324 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:12:57.0743 5324 1394ohci - ok
11:12:57.0883 5324 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Users\Shade the Wolf\Desktop\EEK\Run\a2ddax64.sys
11:12:57.0883 5324 A2DDA - ok
11:12:57.0933 5324 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:12:57.0933 5324 ACPI - ok
11:12:57.0963 5324 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:12:57.0963 5324 AcpiPmi - ok
11:12:58.0063 5324 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:12:58.0063 5324 AdobeFlashPlayerUpdateSvc - ok
11:12:58.0133 5324 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:12:58.0133 5324 adp94xx - ok
11:12:58.0173 5324 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:12:58.0173 5324 adpahci - ok
11:12:58.0193 5324 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:12:58.0193 5324 adpu320 - ok
11:12:58.0223 5324 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:12:58.0223 5324 AeLookupSvc - ok
11:12:58.0273 5324 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:12:58.0283 5324 AFD - ok
11:12:58.0303 5324 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:12:58.0303 5324 agp440 - ok
11:12:58.0323 5324 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:12:58.0323 5324 ALG - ok
11:12:58.0353 5324 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:12:58.0353 5324 aliide - ok
11:12:58.0373 5324 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:12:58.0373 5324 amdide - ok
11:12:58.0393 5324 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:12:58.0393 5324 AmdK8 - ok
11:12:58.0423 5324 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:12:58.0423 5324 AmdPPM - ok
11:12:58.0453 5324 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:12:58.0463 5324 amdsata - ok
11:12:58.0483 5324 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:12:58.0483 5324 amdsbs - ok
11:12:58.0493 5324 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:12:58.0493 5324 amdxata - ok
11:12:58.0543 5324 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:12:58.0553 5324 AppID - ok
11:12:58.0573 5324 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:12:58.0573 5324 AppIDSvc - ok
11:12:58.0603 5324 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:12:58.0603 5324 Appinfo - ok
11:12:58.0663 5324 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:12:58.0673 5324 Apple Mobile Device - ok
11:12:58.0703 5324 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:12:58.0703 5324 arc - ok
11:12:58.0713 5324 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:12:58.0713 5324 arcsas - ok
11:12:58.0743 5324 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:12:58.0753 5324 AsyncMac - ok
11:12:58.0783 5324 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:12:58.0783 5324 atapi - ok
11:12:58.0843 5324 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:12:58.0843 5324 AudioEndpointBuilder - ok
11:12:58.0853 5324 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:12:58.0853 5324 AudioSrv - ok
11:12:59.0093 5324 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
11:12:59.0123 5324 AVGIDSAgent - ok
11:12:59.0223 5324 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:12:59.0223 5324 AVGIDSDriver - ok
11:12:59.0233 5324 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:12:59.0233 5324 AVGIDSFilter - ok
11:12:59.0283 5324 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
11:12:59.0293 5324 AVGIDSHA - ok
11:12:59.0313 5324 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
11:12:59.0323 5324 Avgldx64 - ok
11:12:59.0343 5324 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
11:12:59.0343 5324 Avgmfx64 - ok
11:12:59.0383 5324 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
11:12:59.0383 5324 Avgrkx64 - ok
11:12:59.0403 5324 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
11:12:59.0403 5324 Avgtdia - ok
11:12:59.0513 5324 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:12:59.0513 5324 avgwd - ok
11:12:59.0553 5324 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:12:59.0553 5324 AxInstSV - ok
11:12:59.0603 5324 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:12:59.0613 5324 b06bdrv - ok
11:12:59.0653 5324 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:12:59.0653 5324 b57nd60a - ok
11:12:59.0683 5324 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:12:59.0683 5324 BDESVC - ok
11:12:59.0693 5324 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:12:59.0693 5324 Beep - ok
11:12:59.0753 5324 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:12:59.0763 5324 BFE - ok
11:12:59.0813 5324 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:12:59.0823 5324 BITS - ok
11:12:59.0863 5324 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:12:59.0863 5324 blbdrive - ok
11:12:59.0933 5324 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:12:59.0943 5324 Bonjour Service - ok
11:12:59.0973 5324 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:12:59.0973 5324 bowser - ok
11:12:59.0993 5324 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:13:00.0003 5324 BrFiltLo - ok
11:13:00.0013 5324 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:13:00.0013 5324 BrFiltUp - ok
11:13:00.0033 5324 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:13:00.0033 5324 Browser - ok
11:13:00.0053 5324 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:13:00.0063 5324 Brserid - ok
11:13:00.0083 5324 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:13:00.0083 5324 BrSerWdm - ok
11:13:00.0113 5324 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:13:00.0124 5324 BrUsbMdm - ok
11:13:00.0141 5324 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:13:00.0143 5324 BrUsbSer - ok
11:13:00.0145 5324 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:13:00.0155 5324 BTHMODEM - ok
11:13:00.0205 5324 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:13:00.0215 5324 bthserv - ok
11:13:00.0235 5324 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:13:00.0235 5324 cdfs - ok
11:13:00.0285 5324 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:13:00.0285 5324 cdrom - ok
11:13:00.0325 5324 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:13:00.0325 5324 CertPropSvc - ok
11:13:00.0355 5324 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:13:00.0365 5324 circlass - ok
11:13:00.0395 5324 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:13:00.0405 5324 CLFS - ok
11:13:00.0465 5324 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:13:00.0465 5324 clr_optimization_v2.0.50727_32 - ok
11:13:00.0515 5324 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:13:00.0515 5324 clr_optimization_v2.0.50727_64 - ok
11:13:00.0605 5324 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:13:00.0615 5324 clr_optimization_v4.0.30319_32 - ok
11:13:00.0655 5324 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:13:00.0655 5324 clr_optimization_v4.0.30319_64 - ok
11:13:00.0695 5324 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:13:00.0695 5324 CmBatt - ok
11:13:00.0715 5324 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:13:00.0715 5324 cmdide - ok
11:13:00.0765 5324 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:13:00.0765 5324 CNG - ok
11:13:00.0775 5324 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:13:00.0785 5324 Compbatt - ok
11:13:00.0805 5324 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:13:00.0805 5324 CompositeBus - ok
11:13:00.0825 5324 COMSysApp - ok
11:13:00.0845 5324 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:13:00.0855 5324 crcdisk - ok
11:13:00.0875 5324 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:13:00.0885 5324 CryptSvc - ok
11:13:00.0925 5324 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:13:00.0925 5324 DcomLaunch - ok
11:13:00.0955 5324 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:13:00.0965 5324 defragsvc - ok
11:13:00.0995 5324 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:13:01.0005 5324 DfsC - ok
11:13:01.0035 5324 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:13:01.0045 5324 Dhcp - ok
11:13:01.0065 5324 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:13:01.0065 5324 discache - ok
11:13:01.0105 5324 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:13:01.0115 5324 Disk - ok
11:13:01.0145 5324 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:13:01.0145 5324 Dnscache - ok
11:13:01.0175 5324 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:13:01.0185 5324 dot3svc - ok
11:13:01.0205 5324 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:13:01.0205 5324 DPS - ok
11:13:01.0245 5324 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:13:01.0245 5324 drmkaud - ok
11:13:01.0295 5324 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:13:01.0305 5324 DXGKrnl - ok
11:13:01.0335 5324 EagleX64 - ok
11:13:01.0365 5324 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:13:01.0375 5324 EapHost - ok
11:13:01.0495 5324 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:13:01.0555 5324 ebdrv - ok
11:13:01.0635 5324 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:13:01.0635 5324 EFS - ok
11:13:01.0695 5324 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:13:01.0705 5324 ehRecvr - ok
11:13:01.0735 5324 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:13:01.0735 5324 ehSched - ok
11:13:01.0805 5324 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:13:01.0815 5324 elxstor - ok
11:13:01.0835 5324 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:13:01.0835 5324 ErrDev - ok
11:13:01.0895 5324 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:13:01.0905 5324 EventSystem - ok
11:13:01.0925 5324 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:13:01.0925 5324 exfat - ok
11:13:01.0945 5324 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:13:01.0955 5324 fastfat - ok
11:13:02.0015 5324 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:13:02.0015 5324 Fax - ok
11:13:02.0035 5324 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:13:02.0045 5324 fdc - ok
11:13:02.0055 5324 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:13:02.0055 5324 fdPHost - ok
11:13:02.0075 5324 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:13:02.0075 5324 FDResPub - ok
11:13:02.0085 5324 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:13:02.0085 5324 FileInfo - ok
11:13:02.0105 5324 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:13:02.0105 5324 Filetrace - ok
11:13:02.0115 5324 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:13:02.0115 5324 flpydisk - ok
11:13:02.0175 5324 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:13:02.0175 5324 FltMgr - ok
11:13:02.0236 5324 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:13:02.0256 5324 FontCache - ok
11:13:02.0326 5324 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:13:02.0326 5324 FontCache3.0.0.0 - ok
11:13:02.0366 5324 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:13:02.0376 5324 FsDepends - ok
11:13:02.0396 5324 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:13:02.0396 5324 Fs_Rec - ok
11:13:02.0446 5324 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:13:02.0456 5324 fvevol - ok
11:13:02.0466 5324 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:13:02.0476 5324 gagp30kx - ok
11:13:02.0556 5324 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
11:13:02.0556 5324 GameConsoleService - ok
11:13:02.0586 5324 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:13:02.0586 5324 GEARAspiWDM - ok
11:13:02.0636 5324 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:13:02.0646 5324 gpsvc - ok
11:13:02.0666 5324 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:13:02.0666 5324 hcw85cir - ok
11:13:02.0716 5324 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:13:02.0716 5324 HDAudBus - ok
11:13:02.0726 5324 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:13:02.0726 5324 HidBatt - ok
11:13:02.0746 5324 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:13:02.0746 5324 HidBth - ok
11:13:02.0766 5324 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:13:02.0766 5324 HidIr - ok
11:13:02.0786 5324 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:13:02.0786 5324 hidserv - ok
11:13:02.0846 5324 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:13:02.0846 5324 HidUsb - ok
11:13:02.0876 5324 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:13:02.0876 5324 hkmsvc - ok
11:13:03.0366 5324 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:13:03.0366 5324 HomeGroupListener - ok
11:13:03.0396 5324 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:13:03.0396 5324 HomeGroupProvider - ok
11:13:03.0516 5324 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
11:13:03.0516 5324 HP Support Assistant Service - ok
11:13:03.0536 5324 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:13:03.0536 5324 HPDrvMntSvc.exe - ok
11:13:03.0586 5324 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:13:03.0596 5324 hpqwmiex - ok
11:13:03.0646 5324 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:13:03.0656 5324 HpSAMD - ok
11:13:03.0716 5324 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:13:03.0716 5324 HTTP - ok
11:13:03.0736 5324 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:13:03.0736 5324 hwpolicy - ok
11:13:03.0776 5324 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:13:03.0776 5324 i8042prt - ok
11:13:03.0806 5324 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:13:03.0806 5324 iaStorV - ok
11:13:03.0886 5324 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:13:03.0896 5324 idsvc - ok
11:13:03.0916 5324 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:13:03.0916 5324 iirsp - ok
11:13:03.0956 5324 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:13:03.0966 5324 IKEEXT - ok
11:13:04.0056 5324 IntcAzAudAddService (ef75c94792187a143871fbb87611b0b7) C:\Windows\system32\drivers\RTKVHD64.sys
11:13:04.0066 5324 IntcAzAudAddService - ok
11:13:04.0136 5324 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:13:04.0136 5324 intelide - ok
11:13:04.0186 5324 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:13:04.0186 5324 intelppm - ok
11:13:04.0206 5324 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:13:04.0206 5324 IPBusEnum - ok
11:13:04.0226 5324 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:13:04.0226 5324 IpFilterDriver - ok
11:13:04.0266 5324 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:13:04.0276 5324 iphlpsvc - ok
11:13:04.0306 5324 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:13:04.0306 5324 IPMIDRV - ok
11:13:04.0336 5324 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:13:04.0336 5324 IPNAT - ok
11:13:04.0436 5324 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
11:13:04.0446 5324 iPod Service - ok
11:13:04.0476 5324 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:13:04.0476 5324 IRENUM - ok
11:13:04.0486 5324 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:13:04.0486 5324 isapnp - ok
11:13:04.0526 5324 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:13:04.0536 5324 iScsiPrt - ok
11:13:04.0556 5324 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:13:04.0556 5324 kbdclass - ok
11:13:04.0586 5324 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:13:04.0596 5324 kbdhid - ok
11:13:04.0616 5324 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:13:04.0616 5324 KeyIso - ok
11:13:04.0646 5324 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:13:04.0646 5324 KSecDD - ok
11:13:04.0676 5324 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:13:04.0676 5324 KSecPkg - ok
11:13:04.0706 5324 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:13:04.0706 5324 ksthunk - ok
11:13:04.0736 5324 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:13:04.0746 5324 KtmRm - ok
11:13:04.0786 5324 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:13:04.0786 5324 LanmanServer - ok
11:13:04.0806 5324 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:13:04.0816 5324 LanmanWorkstation - ok
11:13:04.0886 5324 LightScribeService (2238b91ac1a12cc6cc4c4fed41258b2a) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:13:04.0886 5324 LightScribeService - ok
11:13:04.0936 5324 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:13:04.0936 5324 lltdio - ok
11:13:04.0956 5324 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:13:04.0966 5324 lltdsvc - ok
11:13:04.0976 5324 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:13:04.0986 5324 lmhosts - ok
11:13:05.0026 5324 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:13:05.0026 5324 LSI_FC - ok
11:13:05.0036 5324 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:13:05.0046 5324 LSI_SAS - ok
11:13:05.0066 5324 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:13:05.0066 5324 LSI_SAS2 - ok
11:13:05.0086 5324 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:13:05.0086 5324 LSI_SCSI - ok
11:13:05.0096 5324 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:13:05.0106 5324 luafv - ok
11:13:05.0116 5324 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:13:05.0126 5324 Mcx2Svc - ok
11:13:05.0136 5324 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:13:05.0136 5324 megasas - ok
11:13:05.0156 5324 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:13:05.0166 5324 MegaSR - ok
11:13:05.0266 5324 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:13:05.0266 5324 Microsoft Office Groove Audit Service - ok
11:13:05.0296 5324 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:13:05.0296 5324 MMCSS - ok
11:13:05.0316 5324 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:13:05.0316 5324 Modem - ok
11:13:05.0356 5324 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:13:05.0356 5324 monitor - ok
11:13:05.0386 5324 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:13:05.0386 5324 mouclass - ok
11:13:05.0396 5324 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:13:05.0396 5324 mouhid - ok
11:13:05.0436 5324 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:13:05.0436 5324 mountmgr - ok
11:13:05.0446 5324 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:13:05.0456 5324 mpio - ok
11:13:05.0466 5324 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:13:05.0466 5324 mpsdrv - ok
11:13:05.0516 5324 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:13:05.0516 5324 MpsSvc - ok
11:13:05.0546 5324 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:13:05.0546 5324 MRxDAV - ok
11:13:05.0576 5324 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:13:05.0576 5324 mrxsmb - ok
11:13:05.0596 5324 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:13:05.0596 5324 mrxsmb10 - ok
11:13:05.0616 5324 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:13:05.0616 5324 mrxsmb20 - ok
11:13:05.0636 5324 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:13:05.0636 5324 msahci - ok
11:13:05.0656 5324 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:13:05.0656 5324 msdsm - ok
11:13:05.0676 5324 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:13:05.0686 5324 MSDTC - ok
11:13:05.0726 5324 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:13:05.0726 5324 Msfs - ok
11:13:05.0746 5324 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:13:05.0746 5324 mshidkmdf - ok
11:13:05.0766 5324 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:13:05.0766 5324 msisadrv - ok
11:13:05.0786 5324 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:13:05.0796 5324 MSiSCSI - ok
11:13:05.0796 5324 msiserver - ok
11:13:05.0826 5324 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:13:05.0826 5324 MSKSSRV - ok
11:13:05.0846 5324 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:13:05.0846 5324 MSPCLOCK - ok
11:13:05.0856 5324 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:13:05.0856 5324 MSPQM - ok
11:13:05.0896 5324 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:13:05.0896 5324 MsRPC - ok
11:13:05.0926 5324 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:13:05.0926 5324 mssmbios - ok
11:13:05.0926 5324 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:13:05.0926 5324 MSTEE - ok
11:13:05.0946 5324 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:13:05.0946 5324 MTConfig - ok
11:13:05.0976 5324 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:13:05.0976 5324 Mup - ok
11:13:06.0016 5324 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:13:06.0016 5324 napagent - ok
11:13:06.0056 5324 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:13:06.0066 5324 NativeWifiP - ok
11:13:06.0106 5324 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:13:06.0116 5324 NDIS - ok
11:13:06.0126 5324 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:13:06.0126 5324 NdisCap - ok
11:13:06.0166 5324 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:13:06.0166 5324 NdisTapi - ok
11:13:06.0186 5324 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:13:06.0186 5324 Ndisuio - ok
11:13:06.0236 5324 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:13:06.0246 5324 NdisWan - ok
11:13:06.0296 5324 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:13:06.0296 5324 NDProxy - ok
11:13:06.0336 5324 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:13:06.0346 5324 NetBIOS - ok
11:13:06.0366 5324 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:13:06.0376 5324 NetBT - ok
11:13:06.0396 5324 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:13:06.0396 5324 Netlogon - ok
11:13:06.0446 5324 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:13:06.0456 5324 Netman - ok
11:13:06.0476 5324 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:13:06.0476 5324 netprofm - ok
11:13:06.0536 5324 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:13:06.0536 5324 NetTcpPortSharing - ok
11:13:06.0576 5324 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:13:06.0586 5324 nfrd960 - ok
11:13:06.0626 5324 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:13:06.0636 5324 NlaSvc - ok
11:13:06.0646 5324 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:13:06.0646 5324 Npfs - ok
11:13:06.0666 5324 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:13:06.0666 5324 nsi - ok
11:13:06.0676 5324 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:13:06.0686 5324 nsiproxy - ok
11:13:06.0756 5324 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:13:06.0766 5324 Ntfs - ok
11:13:06.0836 5324 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:13:06.0836 5324 Null - ok
11:13:07.0346 5324 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:13:07.0416 5324 nvlddmkm - ok
11:13:07.0556 5324 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys
11:13:07.0556 5324 NVNET - ok
11:13:07.0606 5324 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:13:07.0606 5324 nvraid - ok
11:13:07.0616 5324 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:13:07.0616 5324 nvstor - ok
11:13:07.0636 5324 nvstor64 (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
11:13:07.0636 5324 nvstor64 - ok
11:13:07.0716 5324 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
11:13:07.0716 5324 nvsvc - ok
11:13:07.0806 5324 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:13:07.0816 5324 nvUpdatusService - ok
11:13:07.0906 5324 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:13:07.0906 5324 nv_agp - ok
11:13:07.0976 5324 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:13:07.0986 5324 odserv - ok
11:13:08.0016 5324 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:13:08.0016 5324 ohci1394 - ok
11:13:08.0056 5324 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:13:08.0056 5324 ose - ok
11:13:08.0096 5324 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:13:08.0096 5324 p2pimsvc - ok
11:13:08.0126 5324 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:13:08.0136 5324 p2psvc - ok
11:13:08.0156 5324 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:13:08.0156 5324 Parport - ok
11:13:08.0176 5324 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:13:08.0176 5324 partmgr - ok
11:13:08.0196 5324 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:13:08.0196 5324 PcaSvc - ok
11:13:08.0316 5324 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 (51209fbdb13a46e05c1b0077a9310264) c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
11:13:08.0396 5324 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok
11:13:08.0466 5324 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:13:08.0466 5324 pci - ok
11:13:08.0486 5324 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:13:08.0486 5324 pciide - ok
11:13:08.0506 5324 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:13:08.0506 5324 pcmcia - ok
11:13:08.0526 5324 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:13:08.0526 5324 pcw - ok
11:13:08.0556 5324 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:13:08.0566 5324 PEAUTH - ok
11:13:08.0616 5324 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:13:08.0626 5324 PerfHost - ok
11:13:08.0696 5324 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:13:08.0716 5324 pla - ok
11:13:08.0756 5324 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:13:08.0766 5324 PlugPlay - ok
11:13:08.0786 5324 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:13:08.0786 5324 PNRPAutoReg - ok
11:13:08.0806 5324 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:13:08.0816 5324 PNRPsvc - ok
11:13:08.0836 5324 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:13:08.0846 5324 PolicyAgent - ok
11:13:08.0876 5324 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:13:08.0876 5324 Power - ok
11:13:08.0936 5324 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:13:08.0936 5324 PptpMiniport - ok
11:13:08.0966 5324 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:13:08.0966 5324 Processor - ok
11:13:09.0006 5324 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:13:09.0006 5324 ProfSvc - ok
11:13:09.0036 5324 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:13:09.0036 5324 ProtectedStorage - ok
11:13:09.0076 5324 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:13:09.0076 5324 Psched - ok
11:13:09.0146 5324 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:13:09.0176 5324 ql2300 - ok
11:13:09.0266 5324 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:13:09.0266 5324 ql40xx - ok
11:13:09.0296 5324 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:13:09.0306 5324 QWAVE - ok
11:13:09.0316 5324 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:13:09.0316 5324 QWAVEdrv - ok
11:13:09.0326 5324 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:13:09.0326 5324 RasAcd - ok
11:13:09.0356 5324 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:13:09.0366 5324 RasAgileVpn - ok
11:13:09.0376 5324 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:13:09.0376 5324 RasAuto - ok
11:13:09.0406 5324 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:13:09.0406 5324 Rasl2tp - ok
11:13:09.0446 5324 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:13:09.0456 5324 RasMan - ok
11:13:09.0466 5324 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:13:09.0466 5324 RasPppoe - ok
11:13:09.0476 5324 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:13:09.0476 5324 RasSstp - ok
11:13:09.0496 5324 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:13:09.0506 5324 rdbss - ok
11:13:09.0516 5324 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:13:09.0516 5324 rdpbus - ok
11:13:09.0526 5324 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:13:09.0526 5324 RDPCDD - ok
11:13:09.0536 5324 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:13:09.0536 5324 RDPENCDD - ok
11:13:09.0546 5324 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:13:09.0546 5324 RDPREFMP - ok
11:13:09.0586 5324 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:13:09.0586 5324 RDPWD - ok
11:13:09.0636 5324 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:13:09.0636 5324 rdyboost - ok
11:13:09.0666 5324 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:13:09.0666 5324 RemoteAccess - ok
11:13:09.0676 5324 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:13:09.0686 5324 RemoteRegistry - ok
11:13:09.0716 5324 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:13:09.0716 5324 RpcEptMapper - ok
11:13:09.0726 5324 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:13:09.0726 5324 RpcLocator - ok
11:13:09.0766 5324 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:13:09.0766 5324 RpcSs - ok
11:13:09.0806 5324 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:13:09.0806 5324 rspndr - ok
11:13:09.0866 5324 RTCore64 (2e887e52e45bba3c47ccd0e75fc5266f) C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
11:13:09.0866 5324 RTCore64 - ok
11:13:09.0936 5324 RTL8192su (4ce333ac701c4bd2e3eff721c0db2526) C:\Windows\system32\DRIVERS\RTL8192su.sys
11:13:09.0936 5324 RTL8192su - ok
11:13:09.0956 5324 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:13:09.0956 5324 SamSs - ok
11:13:09.0976 5324 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:13:09.0976 5324 sbp2port - ok
11:13:09.0996 5324 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:13:10.0006 5324 SCardSvr - ok
11:13:10.0026 5324 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:13:10.0026 5324 scfilter - ok
11:13:10.0076 5324 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:13:10.0086 5324 Schedule - ok
11:13:10.0106 5324 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:13:10.0106 5324 SCPolicySvc - ok
11:13:10.0126 5324 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:13:10.0136 5324 SDRSVC - ok
11:13:10.0166 5324 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:13:10.0166 5324 secdrv - ok
11:13:10.0186 5324 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:13:10.0186 5324 seclogon - ok
11:13:10.0196 5324 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:13:10.0206 5324 SENS - ok
11:13:10.0226 5324 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:13:10.0226 5324 SensrSvc - ok
11:13:10.0246 5324 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:13:10.0246 5324 Serenum - ok
11:13:10.0266 5324 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:13:10.0266 5324 Serial - ok
11:13:10.0296 5324 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:13:10.0296 5324 sermouse - ok
11:13:10.0326 5324 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:13:10.0336 5324 SessionEnv - ok
11:13:10.0346 5324 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:13:10.0356 5324 sffdisk - ok
11:13:10.0366 5324 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:13:10.0366 5324 sffp_mmc - ok
11:13:10.0376 5324 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:13:10.0376 5324 sffp_sd - ok
11:13:10.0396 5324 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:13:10.0396 5324 sfloppy - ok
11:13:10.0436 5324 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:13:10.0436 5324 SharedAccess - ok
11:13:10.0476 5324 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:13:10.0476 5324 ShellHWDetection - ok
11:13:10.0496 5324 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:13:10.0496 5324 SiSRaid2 - ok
11:13:10.0516 5324 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:13:10.0516 5324 SiSRaid4 - ok
11:13:10.0546 5324 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:13:10.0546 5324 Smb - ok
11:13:10.0566 5324 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:13:10.0566 5324 SNMPTRAP - ok
11:13:10.0586 5324 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:13:10.0586 5324 spldr - ok
11:13:10.0616 5324 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:13:10.0616 5324 Spooler - ok
11:13:10.0766 5324 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:13:10.0816 5324 sppsvc - ok
11:13:10.0876 5324 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:13:10.0886 5324 sppuinotify - ok
11:13:10.0926 5324 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:13:10.0926 5324 srv - ok
11:13:10.0956 5324 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:13:10.0956 5324 srv2 - ok
11:13:10.0976 5324 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:13:10.0976 5324 srvnet - ok
11:13:11.0016 5324 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:13:11.0016 5324 SSDPSRV - ok
11:13:11.0036 5324 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:13:11.0036 5324 SstpSvc - ok
11:13:11.0086 5324 Steam Client Service - ok
11:13:11.0106 5324 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:13:11.0106 5324 stexstor - ok
11:13:11.0166 5324 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:13:11.0176 5324 stisvc - ok
11:13:11.0186 5324 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:13:11.0186 5324 swenum - ok
11:13:11.0227 5324 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:13:11.0237 5324 swprv - ok
11:13:11.0307 5324 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:13:11.0327 5324 SysMain - ok
11:13:11.0397 5324 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:13:11.0397 5324 TabletInputService - ok
11:13:11.0427 5324 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:13:11.0427 5324 TapiSrv - ok
11:13:11.0447 5324 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:13:11.0447 5324 TBS - ok
11:13:11.0547 5324 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:13:11.0557 5324 Tcpip - ok
11:13:11.0707 5324 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:13:11.0717 5324 TCPIP6 - ok
11:13:11.0787 5324 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:13:11.0797 5324 tcpipreg - ok
11:13:11.0837 5324 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:13:11.0837 5324 TDPIPE - ok
11:13:11.0857 5324 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:13:11.0857 5324 TDTCP - ok
11:13:11.0887 5324 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:13:11.0887 5324 tdx - ok
11:13:11.0917 5324 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:13:11.0917 5324 TermDD - ok
11:13:11.0957 5324 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:13:11.0967 5324 TermService - ok
11:13:11.0987 5324 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:13:11.0997 5324 Themes - ok
11:13:12.0017 5324 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:13:12.0017 5324 THREADORDER - ok
11:13:12.0027 5324 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:13:12.0037 5324 TrkWks - ok
11:13:12.0067 5324 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:13:12.0077 5324 TrustedInstaller - ok
11:13:12.0097 5324 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:13:12.0097 5324 tssecsrv - ok
11:13:12.0167 5324 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:13:12.0167 5324 TsUsbFlt - ok
11:13:12.0207 5324 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:13:12.0207 5324 tunnel - ok
11:13:12.0237 5324 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:13:12.0237 5324 uagp35 - ok
11:13:12.0267 5324 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:13:12.0267 5324 udfs - ok
11:13:12.0297 5324 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:13:12.0307 5324 UI0Detect - ok
11:13:12.0347 5324 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:13:12.0347 5324 uliagpkx - ok
11:13:12.0387 5324 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
11:13:12.0387 5324 umbus - ok
11:13:12.0407 5324 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:13:12.0407 5324 UmPass - ok
11:13:12.0437 5324 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:13:12.0437 5324 upnphost - ok
11:13:12.0477 5324 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
11:13:12.0487 5324 USBAAPL64 - ok
11:13:12.0517 5324 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:13:12.0517 5324 usbccgp - ok
11:13:12.0537 5324 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:13:12.0537 5324 usbcir - ok
11:13:12.0547 5324 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
11:13:12.0557 5324 usbehci - ok
11:13:12.0587 5324 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:13:12.0597 5324 usbhub - ok
11:13:12.0607 5324 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
11:13:12.0607 5324 usbohci - ok
11:13:12.0627 5324 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:13:12.0627 5324 usbprint - ok
11:13:12.0647 5324 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:13:12.0647 5324 USBSTOR - ok
11:13:12.0657 5324 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:13:12.0657 5324 usbuhci - ok
11:13:12.0677 5324 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:13:12.0677 5324 UxSms - ok
11:13:12.0707 5324 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:13:12.0707 5324 VaultSvc - ok
11:13:12.0747 5324 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:13:12.0747 5324 vdrvroot - ok
11:13:12.0787 5324 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:13:12.0787 5324 vds - ok
11:13:12.0817 5324 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:13:12.0817 5324 vga - ok
11:13:12.0837 5324 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:13:12.0837 5324 VgaSave - ok
11:13:12.0857 5324 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:13:12.0857 5324 vhdmp - ok
11:13:12.0867 5324 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:13:12.0877 5324 viaide - ok
11:13:12.0887 5324 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:13:12.0887 5324 volmgr - ok
11:13:12.0917 5324 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:13:12.0917 5324 volmgrx - ok
11:13:12.0937 5324 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:13:12.0937 5324 volsnap - ok
11:13:12.0967 5324 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:13:12.0977 5324 vsmraid - ok
11:13:13.0047 5324 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:13:13.0077 5324 VSS - ok
11:13:13.0157 5324 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:13:13.0157 5324 vwifibus - ok
11:13:13.0167 5324 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:13:13.0167 5324 vwififlt - ok
11:13:13.0207 5324 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:13:13.0217 5324 W32Time - ok
11:13:13.0227 5324 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:13:13.0227 5324 WacomPen - ok
11:13:13.0267 5324 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:13:13.0277 5324 WANARP - ok
11:13:13.0287 5324 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:13:13.0287 5324 Wanarpv6 - ok
11:13:13.0417 5324 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:13:13.0437 5324 WatAdminSvc - ok
11:13:13.0517 5324 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:13:13.0547 5324 wbengine - ok
11:13:13.0617 5324 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:13:13.0627 5324 WbioSrvc - ok
11:13:13.0657 5324 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:13:13.0667 5324 wcncsvc - ok
11:13:13.0677 5324 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:13:13.0687 5324 WcsPlugInService - ok
11:13:13.0707 5324 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:13:13.0707 5324 Wd - ok
11:13:13.0747 5324 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:13:13.0747 5324 Wdf01000 - ok
11:13:13.0777 5324 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:13:13.0777 5324 WdiServiceHost - ok
11:13:13.0777 5324 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:13:13.0787 5324 WdiSystemHost - ok
11:13:13.0817 5324 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:13:13.0817 5324 WebClient - ok
11:13:13.0837 5324 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:13:13.0837 5324 Wecsvc - ok
11:13:13.0857 5324 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:13:13.0857 5324 wercplsupport - ok
11:13:13.0867 5324 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:13:13.0867 5324 WerSvc - ok
11:13:13.0917 5324 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:13:13.0927 5324 WfpLwf - ok
11:13:13.0937 5324 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:13:13.0937 5324 WIMMount - ok
11:13:13.0967 5324 WinDefend - ok
11:13:13.0977 5324 WinHttpAutoProxySvc - ok
11:13:14.0027 5324 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:13:14.0027 5324 Winmgmt - ok
11:13:14.0117 5324 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:13:14.0147 5324 WinRM - ok
11:13:14.0247 5324 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:13:14.0247 5324 WinUsb - ok
11:13:14.0297 5324 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:13:14.0307 5324 Wlansvc - ok
11:13:14.0447 5324 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:13:14.0457 5324 wlidsvc - ok
11:13:14.0537 5324 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:13:14.0537 5324 WmiAcpi - ok
11:13:14.0577 5324 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:13:14.0587 5324 wmiApSrv - ok
11:13:14.0607 5324 WMPNetworkSvc - ok
11:13:14.0647 5324 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:13:14.0657 5324 WPCSvc - ok
11:13:14.0677 5324 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:13:14.0677 5324 WPDBusEnum - ok
11:13:14.0697 5324 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:13:14.0697 5324 ws2ifsl - ok
11:13:14.0717 5324 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
11:13:14.0717 5324 wscsvc - ok
11:13:14.0717 5324 WSearch - ok
11:13:14.0827 5324 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:13:14.0867 5324 wuauserv - ok
11:13:14.0947 5324 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:13:14.0947 5324 WudfPf - ok
11:13:14.0977 5324 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:13:14.0977 5324 WUDFRd - ok
11:13:15.0007 5324 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:13:15.0007 5324 wudfsvc - ok
11:13:15.0027 5324 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:13:15.0037 5324 WwanSvc - ok
11:13:15.0057 5324 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
11:13:15.0057 5324 xusb21 - ok
11:13:15.0097 5324 MBR (0x1B8) (f2f2160de70cfdc52a6e5fc26d7d306e) \Device\Harddisk0\DR0
11:13:15.0277 5324 \Device\Harddisk0\DR0 - ok
11:13:15.0277 5324 Boot (0x1200) (1053db9b60aa8a48bf6b0050f6555b65) \Device\Harddisk0\DR0\Partition0
11:13:15.0287 5324 \Device\Harddisk0\DR0\Partition0 - ok
11:13:15.0297 5324 Boot (0x1200) (8feba742ab0d3d346110e0be5c0537e0) \Device\Harddisk0\DR0\Partition1
11:13:15.0307 5324 \Device\Harddisk0\DR0\Partition1 - ok
11:13:15.0333 5324 Boot (0x1200) (b71747caf31f807ac5076d4e1b8df712) \Device\Harddisk0\DR0\Partition2
11:13:15.0335 5324 \Device\Harddisk0\DR0\Partition2 - ok
11:13:15.0336 5324 ============================================================
11:13:15.0336 5324 Scan finished
11:13:15.0336 5324 ============================================================
11:13:15.0349 4684 Detected object count: 0
11:13:15.0349 4684 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-12 11:24:34
-----------------------------
11:24:34.313 OS Version: Windows x64 6.1.7601 Service Pack 1
11:24:34.313 Number of processors: 2 586 0x603
11:24:34.313 ComputerName: SHADETHEWOLF-PC UserName: Shade the Wolf
11:24:37.405 Initialize success
11:24:44.424 AVAST engine defs: 12081200
11:24:48.537 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
11:24:48.537 Disk 0 Vendor: ST350041 HP34 Size: 476940MB BusType: 3
11:24:48.557 Disk 0 MBR read successfully
11:24:48.557 Disk 0 MBR scan
11:24:48.557 Disk 0 unknown MBR code
11:24:48.567 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:24:48.587 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 465628 MB offset 206848
11:24:48.627 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11210 MB offset 953812992
11:24:48.687 Disk 0 scanning C:\Windows\system32\drivers
11:25:03.930 Service scanning
11:25:20.883 Modules scanning
11:25:20.883 Disk 0 trace - called modules:
11:25:20.893 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
11:25:20.903 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045ca640]
11:25:20.903 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa8004284e40]
11:25:20.913 5 ACPI.sys[fffff88000f017a1] -> nt!IofCallDriver -> \Device\0000005d[0xfffffa8004091180]
11:25:28.094 AVAST engine scan C:\Windows
11:25:33.515 AVAST engine scan C:\Windows\system32
11:28:37.881 AVAST engine scan C:\Windows\system32\drivers
11:28:51.477 AVAST engine scan C:\Users\Shade the Wolf
11:42:28.320 AVAST engine scan C:\ProgramData
11:46:57.969 Scan finished successfully
11:47:27.795 Disk 0 MBR has been saved successfully to "C:\Users\Shade the Wolf\Documents\MBR.dat"
11:47:27.815 The log file has been saved successfully to "C:\Users\Shade the Wolf\Documents\aswMBR.txt"


C:\Users\Shade the Wolf\AppData\Local\Temp\V.class a variant of Java/Exploit.CVE-2011-3544.BQ trojan cleaned by deleting - quarantined
C:\Users\Shade the Wolf\Downloads\SoftonicDownloader_for_moonphase (1).exe Win32/SoftonicDownloader.D application cleaned by deleting - quarantined
C:\Users\Shade the Wolf\Downloads\SoftonicDownloader_for_moonphase.exe Win32/SoftonicDownloader.D application cleaned by deleting - quarantined


There we go.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:14 AM

Posted 12 August 2012 - 12:53 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Shade the Wolf

Shade the Wolf
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:By my computer
  • Local time:01:14 AM

Posted 12 August 2012 - 01:23 PM

I'm scanning with MBAM right now before I reboot. I was just wondering what you meant by "normal mode". Did you mean quick scan or not in safe mode? Also, do you want me to post the pre-reboot log as well?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:14 AM

Posted 12 August 2012 - 01:36 PM

I meant the regular mode.No quick scan please.Update MBAM and run a full scan.

#7 Shade the Wolf

Shade the Wolf
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:By my computer
  • Local time:01:14 AM

Posted 12 August 2012 - 01:43 PM

ah kay. Thanks.

Here are the logs.

Pre-boot MBAM log:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.12.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Shade the Wolf :: SHADETHEWOLF-PC [administrator]

Protection: Enabled

8/12/2012 12:57:19 PM
mbam-log-2012-08-12 (12-57-19).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 450860
Time elapsed: 43 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Shade the Wolf\AppData\Local\Temp\0.8274738862979701 (Trojan.BHO) -> Quarantined and deleted successfully.

(end)


Post-reboot MBAM log:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.12.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Shade the Wolf :: SHADETHEWOLF-PC [administrator]

Protection: Enabled

8/12/2012 1:54:40 PM
mbam-log-2012-08-12 (13-54-40).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 449667
Time elapsed: 44 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox by Farbar Version: 23-07-2012
Ran by Shade the Wolf (administrator) on 12-08-2012 at 15:25:00
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Connecting)
Belkin USB Wireless Adaptor = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ShadetheWolf-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Belkin USB Wireless Adaptor
Physical Address. . . . . . . . . : 08-86-3B-7A-7D-7D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7155:92dd:b422:4b1e%11(Preferred)
IPv4 Address. . . . . . . . . . . : 172.168.1.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, August 12, 2012 2:52:35 PM
Lease Expires . . . . . . . . . . : Monday, August 13, 2012 11:06:25 AM
Default Gateway . . . . . . . . . : 172.168.1.1
DHCP Server . . . . . . . . . . . : 172.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 302548539
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-EA-B0-58-70-71-BC-35-DA-6A
DNS Servers . . . . . . . . . . . : 172.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : 70-71-BC-35-DA-6A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3422:64ed:9cf0:2c7f%10(Deprecated)
Autoconfiguration IPv4 Address. . : 169.254.44.127(Tentative)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:aca8:105::aca8:105(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 172.168.1.1
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{658B1AE7-F7C9-4643-BBEA-77AFC1FBACCC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3475:2923:9c6b:6487(Preferred)
Link-local IPv6 Address . . . . . : fe80::3475:2923:9c6b:6487%17(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F883BECD-BC70-4CE1-842E-CA0C09E1BD79}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: ACA80101.ipt.aol.com
Address: 172.168.1.1

Name: google.com
Addresses: 2607:f8b0:4009:800::1009
74.125.225.3
74.125.225.4
74.125.225.5
74.125.225.6
74.125.225.7
74.125.225.8
74.125.225.9
74.125.225.14
74.125.225.0
74.125.225.1
74.125.225.2


Pinging google.com [74.125.225.64] with 32 bytes of data:
Reply from 74.125.225.64: bytes=32 time=13ms TTL=54
Reply from 74.125.225.64: bytes=32 time=22ms TTL=54

Ping statistics for 74.125.225.64:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 13ms, Maximum = 22ms, Average = 17ms
Server: ACA80101.ipt.aol.com
Address: 172.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=36ms TTL=48
Reply from 209.191.122.70: bytes=32 time=37ms TTL=48

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 37ms, Average = 36ms
Server: ACA80101.ipt.aol.com
Address: 172.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 6ms, Average = 4ms
===========================================================================
Interface List
11...08 86 3b 7a 7d 7d ......Belkin USB Wireless Adaptor
10...70 71 bc 35 da 6a ......NVIDIA nForce 10/100 Mbps Ethernet
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 172.168.1.1 172.168.1.5 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
172.168.1.0 255.255.255.0 On-link 172.168.1.5 286
172.168.1.5 255.255.255.255 On-link 172.168.1.5 286
172.168.1.255 255.255.255.255 On-link 172.168.1.5 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 172.168.1.5 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 172.168.1.5 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 1130 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:4137:9e76:3475:2923:9c6b:6487/128
On-link
15 1030 2002::/16 On-link
15 286 2002:aca8:105::aca8:105/128
On-link
11 286 fe80::/64 On-link
17 306 fe80::/64 On-link
17 306 fe80::3475:2923:9c6b:6487/128
On-link
11 286 fe80::7155:92dd:b422:4b1e/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
11 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/12/2012 01:57:13 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: eb0

Start Time: 01cd78bc1b501008

Termination Time: 10

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (08/12/2012 11:48:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/12/2012 11:48:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/12/2012 11:48:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/12/2012 11:48:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/12/2012 11:24:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (08/12/2012 11:24:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (08/11/2012 11:29:48 PM) (Source: Application Hang) (User: )
Description: The program HPSF.exe version 6.1.12.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 17d8

Start Time: 01cd7841d90d9208

Termination Time: 783

Application Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

Report Id: 51c85179-e436-11e1-a807-f71c9da48633

Error: (08/08/2012 11:41:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (08/08/2012 11:41:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (08/12/2012 02:54:39 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (08/12/2012 02:54:39 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (08/12/2012 01:55:53 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (08/12/2012 01:55:53 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (08/12/2012 11:08:22 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (08/12/2012 11:08:22 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (08/11/2012 09:12:23 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (08/11/2012 09:12:23 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (08/11/2012 09:00:11 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (08/11/2012 09:00:11 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0.1)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Amnesia: The Dark Descent
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Audacity 2.0
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Bastion - Demo
Belkin USB Wireless Adaptor (Version: 1.0.0.10)
Bonjour (Version: 3.0.0.10)
Combined Community Codec Pack 2011-11-11 (Version: 2011.11.11.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Curse Client (Version: 5.1.1.410)
CyberLink DVD Suite Deluxe (Version: 7.0.2115)
D3DX10 (Version: 15.4.2368.0902)
DFOLauncher
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
DVD Menu Pack for HP MediaSmart Video (Version: 3.1.3224)
ESET Online Scanner v3
Hardware Diagnostic Tools (Version: 6.0.5247.34)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Advisor (Version: 3.3.9512.3162)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.0.71)
HP MediaSmart Demo (Version: 1.00.0000)
HP MediaSmart DVD (Version: 3.1.3317)
HP MediaSmart Music/Photo/Video (Version: 3.1.3422)
HP MediaSmart SmartMenu (Version: 3.1.0.1)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.2.0)
HP Odometer (Version: 2.10.0000)
HP Product Detection (Version: 11.14.0001)
HP Remote Solution (Version: 1.1.11.0)
HP Setup (Version: 1.2.3560.3170)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.001.000.014)
Hulu Desktop (Version: 0.9.9)
IceChat 7.70 (Build 20101031) (Version: 7.70)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.2017)
LAME v3.99.3 (for Windows)
LightScribe System Software (Version: 1.18.8.1)
Livestream Procaster (Version: 20.3.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft AppLocale (Version: 1.0.0)
Microsoft Halo
Microsoft Live Search Toolbar (Version: 3.0.566.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Windows Application Compatibility Database
Microsoft Works (Version: 9.7.0621)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Moonphase 3.3
Movie Theme Pack for HP MediaSmart Video (Version: 3.1.3310)
MSI Afterburner 2.1.0 (Version: 2.1.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nexon Game Manager
Norton Online Backup (Version: 1.2.20.0)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Drivers (Version: 1.5)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
OpenAL
PictureMover (Version: 3.3.1.19)
Plants vs. Zombies Demo
PlayReady PC Runtime amd64 (Version: 1.3.0)
Portal 2
Power2Go (Version: 6.0.3304)
PowerDirector (Version: 7.0.3503)
Realtek High Definition Audio Driver (Version: 6.0.1.5938)
Recovery Manager (Version: 5.5.2216)
ROBLOX Player for Shade the Wolf
Steam (Version: 1.0.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Warcraft III
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
World of Warcraft (Version: 4.3.0.15050)
Xfire (remove only)

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 3838.49 MB
Available physical RAM: 1783.47 MB
Total Pagefile: 7675.18 MB
Available Pagefile: 4782.83 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.59 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:454.71 GB) (Free:353.89 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.95 GB) (Free:1.59 GB) NTFS
3 Drive e: (HP LCD Drivers) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\SHADETHEWOLF-PC

Administrator Guest Shade the Wolf
UpdatusUser


**** End of log ****


Farbar Service Scanner Version: 06-08-2012
Ran by Shade the Wolf (administrator) on 12-08-2012 at 15:28:05
Running from "C:\Users\Shade the Wolf\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v1.800 - Logfile created 08/12/2012 at 14:50:57
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Shade the Wolf - SHADETHEWOLF-PC
# Running from : C:\Users\Shade the Wolf\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****

Key Deleted : HKCU\Software\Softonic
[x64] Key Deleted : HKLM\SOFTWARE\Software

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [295 octets] - [12/08/2012 14:02:27]
AdwCleaner[S2].txt - [825 octets] - [12/08/2012 14:50:57]

########## EOF - C:\AdwCleaner[S2].txt - [952 octets] ##########


When the cleaner went to restart my computer, AVG detected the file as a threat. Should I be worried?

Edited by Shade the Wolf, 12 August 2012 - 03:40 PM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:14 AM

Posted 12 August 2012 - 10:03 PM

AVG detected adware cleaner as a threat which is a false positive


Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 Shade the Wolf

Shade the Wolf
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:By my computer
  • Local time:01:14 AM

Posted 12 August 2012 - 10:08 PM

Thanks, mate. I'll go do that now.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:14 AM

Posted 12 August 2012 - 10:12 PM

You're welcome :)

#11 Shade the Wolf

Shade the Wolf
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:By my computer
  • Local time:01:14 AM

Posted 12 August 2012 - 10:23 PM

I did the above, and TFC created a file called "desktop.ini". Here's the contents of it:

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799
[LocalizedFileNames]
Norton Internet Security.lnk=@C:\PROGRA~2\NORTON~2\Branding\muis.dll,-102


Should I be worried, or is that normal?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:14 AM

Posted 12 August 2012 - 10:32 PM

Did TFC create it? If yes delete them

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Don't show hidden files
CheckmarkHide operating system files


Click ok

It should be fine now

#13 Shade the Wolf

Shade the Wolf
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:By my computer
  • Local time:01:14 AM

Posted 12 August 2012 - 10:37 PM

ah thanks. Also, according to the Flash installer, I have the latest version of flash (when I tried to install the version on Adobe's site, it said "NOTE: Newer version detected.")

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:14 AM

Posted 12 August 2012 - 10:44 PM

Good

Make sure to update flash player,JAVA frequently which can be exploited by malware authors to infect PC's.

#15 Shade the Wolf

Shade the Wolf
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:By my computer
  • Local time:01:14 AM

Posted 12 August 2012 - 10:45 PM

Will do. Thanks for the help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users