Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan sirefef infection...


  • Please log in to reply
12 replies to this topic

#1 Slick_Jeff

Slick_Jeff

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 24 August 2012 - 01:27 PM

I think I'm going to need some help cleaning up my PC. I know you guys are good and I've read a previous thread about this same issue. (http://www.bleepingcomputer.com/forums/topic456952.html) I followed the steps in the second post, and ran all 4 applications. At first, Windows kept encountering a critical error and was in a restarting loop. I would turn it on, get that error, and it would restart. It finally stopped and I downloaded and ran those programs. I had 4 or 5 trojan sirefefs still quarantined afterwards, and finally decided to remove them all again. I held off because I was afraid of the restart loop, but so for so good. I'm now running a MSE full scan. Any help would be appreciated. Thank you. Oh, and I can't turn on my Windows firewall still.... Also...virus and spyware update failed for MSE

Edited by Slick_Jeff, 24 August 2012 - 01:30 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:27 PM

Posted 24 August 2012 - 08:26 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Slick_Jeff

Slick_Jeff
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 25 August 2012 - 03:28 PM

13:49:30.0051 4932 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:49:30.0261 4932 ============================================================
13:49:30.0261 4932 Current date / time: 2012/08/25 13:49:30.0261
13:49:30.0261 4932 SystemInfo:
13:49:30.0261 4932
13:49:30.0261 4932 OS Version: 6.1.7600 ServicePack: 0.0
13:49:30.0261 4932 Product type: Workstation
13:49:30.0261 4932 ComputerName: GO-GO-GADGET
13:49:30.0261 4932 UserName: Jeff
13:49:30.0261 4932 Windows directory: C:\Windows
13:49:30.0261 4932 System windows directory: C:\Windows
13:49:30.0261 4932 Running under WOW64
13:49:30.0261 4932 Processor architecture: Intel x64
13:49:30.0261 4932 Number of processors: 4
13:49:30.0261 4932 Page size: 0x1000
13:49:30.0261 4932 Boot type: Normal boot
13:49:30.0261 4932 ============================================================
13:49:31.0221 4932 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:49:31.0231 4932 ============================================================
13:49:31.0231 4932 \Device\Harddisk0\DR0:
13:49:31.0231 4932 MBR partitions:
13:49:31.0231 4932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
13:49:31.0231 4932 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x38753000
13:49:31.0231 4932 ============================================================
13:49:31.0261 4932 C: <-> \Device\Harddisk0\DR0\Partition2
13:49:31.0261 4932 ============================================================
13:49:31.0261 4932 Initialize success
13:49:31.0261 4932 ============================================================
13:50:11.0042 1772 ============================================================
13:50:11.0042 1772 Scan started
13:50:11.0042 1772 Mode: Manual; TDLFS;
13:50:11.0042 1772 ============================================================
13:50:11.0172 1772 ================ Scan system memory ========================
13:50:11.0172 1772 System memory - ok
13:50:11.0172 1772 ================ Scan services =============================
13:50:11.0372 1772 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:50:11.0372 1772 1394ohci - ok
13:50:11.0402 1772 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
13:50:11.0412 1772 ACPI - ok
13:50:11.0462 1772 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
13:50:11.0462 1772 AcpiPmi - ok
13:50:11.0512 1772 [ D44BCAF639E4E45307C2BC80715273D5 ] adfs C:\Windows\system32\drivers\adfs.sys
13:50:11.0512 1772 adfs - ok
13:50:11.0662 1772 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:50:11.0662 1772 AdobeARMservice - ok
13:50:11.0712 1772 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:50:11.0722 1772 adp94xx - ok
13:50:11.0782 1772 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:50:11.0782 1772 adpahci - ok
13:50:11.0812 1772 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:50:11.0822 1772 adpu320 - ok
13:50:11.0842 1772 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:50:11.0852 1772 AeLookupSvc - ok
13:50:11.0912 1772 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
13:50:11.0922 1772 AFD - ok
13:50:11.0942 1772 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
13:50:11.0952 1772 agp440 - ok
13:50:11.0972 1772 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:50:11.0972 1772 ALG - ok
13:50:12.0012 1772 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
13:50:12.0012 1772 aliide - ok
13:50:12.0022 1772 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
13:50:12.0022 1772 amdide - ok
13:50:12.0072 1772 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:50:12.0072 1772 AmdK8 - ok
13:50:12.0132 1772 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:50:12.0132 1772 AmdPPM - ok
13:50:12.0162 1772 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:50:12.0172 1772 amdsata - ok
13:50:12.0212 1772 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:50:12.0212 1772 amdsbs - ok
13:50:12.0252 1772 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:50:12.0252 1772 amdxata - ok
13:50:12.0292 1772 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
13:50:12.0292 1772 AmUStor - ok
13:50:12.0342 1772 [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
13:50:12.0342 1772 Andbus - ok
13:50:12.0372 1772 [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys
13:50:12.0372 1772 AndDiag - ok
13:50:12.0432 1772 [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys
13:50:12.0432 1772 AndGps - ok
13:50:12.0452 1772 [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys
13:50:12.0452 1772 ANDModem - ok
13:50:12.0492 1772 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
13:50:12.0492 1772 AppID - ok
13:50:12.0542 1772 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:50:12.0552 1772 AppIDSvc - ok
13:50:12.0582 1772 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
13:50:12.0582 1772 Appinfo - ok
13:50:12.0602 1772 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:50:12.0602 1772 arc - ok
13:50:12.0622 1772 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:50:12.0622 1772 arcsas - ok
13:50:12.0642 1772 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:50:12.0652 1772 AsyncMac - ok
13:50:12.0672 1772 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
13:50:12.0682 1772 atapi - ok
13:50:12.0752 1772 [ E642491F64E58CD5BC8FB8B347DCF65F ] athr C:\Windows\system32\DRIVERS\athrx.sys
13:50:12.0772 1772 athr - ok
13:50:12.0812 1772 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:50:12.0822 1772 AudioEndpointBuilder - ok
13:50:12.0832 1772 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:50:12.0832 1772 AudioSrv - ok
13:50:12.0862 1772 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:50:12.0872 1772 AxInstSV - ok
13:50:12.0902 1772 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:50:12.0902 1772 b06bdrv - ok
13:50:12.0942 1772 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:50:12.0942 1772 b57nd60a - ok
13:50:12.0992 1772 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:50:12.0992 1772 BDESVC - ok
13:50:13.0022 1772 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:50:13.0022 1772 Beep - ok
13:50:13.0042 1772 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:50:13.0042 1772 blbdrive - ok
13:50:13.0062 1772 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:50:13.0062 1772 bowser - ok
13:50:13.0082 1772 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:50:13.0082 1772 BrFiltLo - ok
13:50:13.0092 1772 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:50:13.0092 1772 BrFiltUp - ok
13:50:13.0152 1772 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
13:50:13.0152 1772 Browser - ok
13:50:13.0172 1772 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:50:13.0172 1772 Brserid - ok
13:50:13.0192 1772 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:50:13.0192 1772 BrSerWdm - ok
13:50:13.0242 1772 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:50:13.0242 1772 BrUsbMdm - ok
13:50:13.0252 1772 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:50:13.0252 1772 BrUsbSer - ok
13:50:13.0272 1772 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:50:13.0272 1772 BTHMODEM - ok
13:50:13.0322 1772 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:50:13.0322 1772 bthserv - ok
13:50:13.0352 1772 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:50:13.0352 1772 cdfs - ok
13:50:13.0382 1772 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:50:13.0382 1772 cdrom - ok
13:50:13.0412 1772 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
13:50:13.0412 1772 CertPropSvc - ok
13:50:13.0452 1772 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:50:13.0452 1772 circlass - ok
13:50:13.0482 1772 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:50:13.0492 1772 CLFS - ok
13:50:13.0562 1772 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:50:13.0572 1772 clr_optimization_v2.0.50727_32 - ok
13:50:13.0612 1772 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:50:13.0622 1772 clr_optimization_v2.0.50727_64 - ok
13:50:13.0682 1772 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:50:13.0682 1772 clr_optimization_v4.0.30319_32 - ok
13:50:13.0712 1772 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:50:13.0712 1772 clr_optimization_v4.0.30319_64 - ok
13:50:13.0842 1772 [ D1ED39754DA40CDDAD613CD9EA3FDCDE ] CMB8100 C:\Windows\SysWOW64\Drivers\CertClient.dat
13:50:13.0842 1772 CMB8100 - ok
13:50:13.0872 1772 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:50:13.0872 1772 CmBatt - ok
13:50:13.0912 1772 [ F31EF99D85D44BF6F8010CDC5424956B ] CMBProtector C:\Windows\SysWOW64\Drivers\CMBProtector.dat
13:50:13.0912 1772 CMBProtector - ok
13:50:13.0952 1772 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
13:50:13.0952 1772 cmdide - ok
13:50:14.0012 1772 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
13:50:14.0022 1772 CNG - ok
13:50:14.0062 1772 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:50:14.0072 1772 Compbatt - ok
13:50:14.0102 1772 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:50:14.0102 1772 CompositeBus - ok
13:50:14.0122 1772 COMSysApp - ok
13:50:14.0142 1772 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:50:14.0152 1772 crcdisk - ok
13:50:14.0212 1772 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:50:14.0212 1772 CryptSvc - ok
13:50:14.0322 1772 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:50:14.0332 1772 cvhsvc - ok
13:50:14.0382 1772 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:50:14.0392 1772 DcomLaunch - ok
13:50:14.0432 1772 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:50:14.0432 1772 defragsvc - ok
13:50:14.0472 1772 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:50:14.0472 1772 DfsC - ok
13:50:14.0522 1772 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
13:50:14.0522 1772 Dhcp - ok
13:50:14.0562 1772 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:50:14.0562 1772 discache - ok
13:50:14.0592 1772 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:50:14.0592 1772 Disk - ok
13:50:14.0622 1772 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:50:14.0632 1772 Dnscache - ok
13:50:14.0672 1772 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
13:50:14.0672 1772 dot3svc - ok
13:50:14.0692 1772 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
13:50:14.0702 1772 DPS - ok
13:50:14.0742 1772 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:50:14.0742 1772 drmkaud - ok
13:50:14.0792 1772 [ D3D64CF7B2BCEAA34A270F45A3FFFB36 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:50:14.0802 1772 dtsoftbus01 - ok
13:50:14.0842 1772 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:50:14.0862 1772 DXGKrnl - ok
13:50:14.0892 1772 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:50:14.0902 1772 EapHost - ok
13:50:15.0002 1772 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:50:15.0082 1772 ebdrv - ok
13:50:15.0142 1772 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
13:50:15.0142 1772 EFS - ok
13:50:15.0202 1772 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:50:15.0212 1772 ehRecvr - ok
13:50:15.0252 1772 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:50:15.0252 1772 ehSched - ok
13:50:15.0302 1772 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:50:15.0302 1772 elxstor - ok
13:50:15.0402 1772 [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
13:50:15.0412 1772 ePowerSvc - ok
13:50:15.0432 1772 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
13:50:15.0432 1772 ErrDev - ok
13:50:15.0482 1772 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:50:15.0492 1772 EventSystem - ok
13:50:15.0502 1772 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:50:15.0512 1772 exfat - ok
13:50:15.0532 1772 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:50:15.0532 1772 fastfat - ok
13:50:15.0572 1772 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
13:50:15.0582 1772 Fax - ok
13:50:15.0612 1772 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:50:15.0612 1772 fdc - ok
13:50:15.0642 1772 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:50:15.0642 1772 fdPHost - ok
13:50:15.0652 1772 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:50:15.0662 1772 FDResPub - ok
13:50:15.0692 1772 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:50:15.0692 1772 FileInfo - ok
13:50:15.0712 1772 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:50:15.0712 1772 Filetrace - ok
13:50:15.0742 1772 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:50:15.0742 1772 flpydisk - ok
13:50:15.0762 1772 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:50:15.0772 1772 FltMgr - ok
13:50:15.0812 1772 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
13:50:15.0832 1772 FontCache - ok
13:50:15.0882 1772 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:50:15.0882 1772 FontCache3.0.0.0 - ok
13:50:15.0892 1772 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:50:15.0892 1772 FsDepends - ok
13:50:15.0952 1772 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:50:15.0952 1772 Fs_Rec - ok
13:50:15.0992 1772 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:50:15.0992 1772 fvevol - ok
13:50:16.0022 1772 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:50:16.0022 1772 gagp30kx - ok
13:50:16.0112 1772 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:50:16.0112 1772 GEARAspiWDM - ok
13:50:16.0152 1772 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
13:50:16.0162 1772 gpsvc - ok
13:50:16.0202 1772 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
13:50:16.0212 1772 GREGService - ok
13:50:16.0232 1772 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:50:16.0242 1772 hcw85cir - ok
13:50:16.0272 1772 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:50:16.0282 1772 HdAudAddService - ok
13:50:16.0302 1772 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:50:16.0302 1772 HDAudBus - ok
13:50:16.0332 1772 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:50:16.0332 1772 HECIx64 - ok
13:50:16.0362 1772 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:50:16.0362 1772 HidBatt - ok
13:50:16.0372 1772 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:50:16.0372 1772 HidBth - ok
13:50:16.0412 1772 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:50:16.0412 1772 HidIr - ok
13:50:16.0432 1772 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:50:16.0432 1772 hidserv - ok
13:50:16.0482 1772 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:50:16.0482 1772 HidUsb - ok
13:50:16.0512 1772 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:50:16.0512 1772 hkmsvc - ok
13:50:16.0542 1772 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:50:16.0552 1772 HomeGroupListener - ok
13:50:16.0582 1772 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:50:16.0582 1772 HomeGroupProvider - ok
13:50:16.0612 1772 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
13:50:16.0622 1772 HpSAMD - ok
13:50:16.0662 1772 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:50:16.0672 1772 HTTP - ok
13:50:16.0692 1772 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:50:16.0692 1772 hwpolicy - ok
13:50:16.0722 1772 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:50:16.0732 1772 i8042prt - ok
13:50:16.0782 1772 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:50:16.0782 1772 iaStor - ok
13:50:16.0862 1772 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:50:16.0862 1772 IAStorDataMgrSvc - ok
13:50:16.0902 1772 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:50:16.0902 1772 iaStorV - ok
13:50:16.0962 1772 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:50:16.0972 1772 idsvc - ok
13:50:17.0202 1772 [ 2A22AB054F4630D2EF4BAB2853F6D5F6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:50:17.0412 1772 igfx - ok
13:50:17.0452 1772 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:50:17.0462 1772 iirsp - ok
13:50:17.0522 1772 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
13:50:17.0542 1772 IKEEXT - ok
13:50:17.0572 1772 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
13:50:17.0572 1772 Impcd - ok
13:50:17.0662 1772 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:50:17.0692 1772 IntcAzAudAddService - ok
13:50:17.0732 1772 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:50:17.0732 1772 IntcDAud - ok
13:50:17.0752 1772 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
13:50:17.0752 1772 intelide - ok
13:50:17.0782 1772 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:50:17.0782 1772 intelppm - ok
13:50:17.0822 1772 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:50:17.0822 1772 IPBusEnum - ok
13:50:17.0862 1772 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:50:17.0862 1772 IpFilterDriver - ok
13:50:17.0882 1772 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:50:17.0882 1772 IPMIDRV - ok
13:50:17.0902 1772 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:50:17.0902 1772 IPNAT - ok
13:50:17.0982 1772 [ 4472C8825B5E41D8697D5962F47AB1C9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:50:17.0992 1772 iPod Service - ok
13:50:18.0012 1772 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:50:18.0012 1772 IRENUM - ok
13:50:18.0052 1772 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
13:50:18.0052 1772 isapnp - ok
13:50:18.0072 1772 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:50:18.0082 1772 iScsiPrt - ok
13:50:18.0132 1772 [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb C:\Windows\system32\DRIVERS\ivusb.sys
13:50:18.0132 1772 ivusb - ok
13:50:18.0162 1772 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:50:18.0172 1772 kbdclass - ok
13:50:18.0202 1772 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:50:18.0202 1772 kbdhid - ok
13:50:18.0222 1772 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
13:50:18.0222 1772 KeyIso - ok
13:50:18.0272 1772 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:50:18.0272 1772 KSecDD - ok
13:50:18.0292 1772 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:50:18.0302 1772 KSecPkg - ok
13:50:18.0322 1772 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:50:18.0322 1772 ksthunk - ok
13:50:18.0382 1772 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:50:18.0392 1772 KtmRm - ok
13:50:18.0432 1772 [ 32980B4E711D2EF7128C44DC2CF85706 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
13:50:18.0432 1772 L1C - ok
13:50:18.0502 1772 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:50:18.0512 1772 LanmanServer - ok
13:50:18.0552 1772 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:50:18.0552 1772 LanmanWorkstation - ok
13:50:18.0602 1772 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:50:18.0602 1772 lltdio - ok
13:50:18.0642 1772 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:50:18.0652 1772 lltdsvc - ok
13:50:18.0672 1772 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:50:18.0672 1772 lmhosts - ok
13:50:18.0752 1772 [ 23D990150D56B670A62B21B9ABDD45EE ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:50:18.0752 1772 LMS - ok
13:50:18.0772 1772 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:50:18.0782 1772 LSI_FC - ok
13:50:18.0802 1772 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:50:18.0802 1772 LSI_SAS - ok
13:50:18.0822 1772 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:50:18.0822 1772 LSI_SAS2 - ok
13:50:18.0842 1772 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:50:18.0842 1772 LSI_SCSI - ok
13:50:18.0852 1772 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:50:18.0862 1772 luafv - ok
13:50:18.0892 1772 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:50:18.0902 1772 Mcx2Svc - ok
13:50:18.0912 1772 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:50:18.0912 1772 megasas - ok
13:50:18.0942 1772 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:50:18.0942 1772 MegaSR - ok
13:50:18.0972 1772 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:50:18.0972 1772 MMCSS - ok
13:50:18.0982 1772 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:50:18.0982 1772 Modem - ok
13:50:19.0002 1772 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:50:19.0002 1772 monitor - ok
13:50:19.0022 1772 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:50:19.0022 1772 mouclass - ok
13:50:19.0052 1772 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:50:19.0062 1772 mouhid - ok
13:50:19.0072 1772 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:50:19.0072 1772 mountmgr - ok
13:50:19.0122 1772 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:50:19.0122 1772 MozillaMaintenance - ok
13:50:19.0162 1772 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
13:50:19.0172 1772 MpFilter - ok
13:50:19.0192 1772 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
13:50:19.0192 1772 mpio - ok
13:50:19.0212 1772 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:50:19.0212 1772 mpsdrv - ok
13:50:19.0232 1772 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:50:19.0232 1772 MRxDAV - ok
13:50:19.0272 1772 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:50:19.0272 1772 mrxsmb - ok
13:50:19.0302 1772 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:50:19.0302 1772 mrxsmb10 - ok
13:50:19.0312 1772 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:50:19.0322 1772 mrxsmb20 - ok
13:50:19.0342 1772 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
13:50:19.0342 1772 msahci - ok
13:50:19.0362 1772 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
13:50:19.0362 1772 msdsm - ok
13:50:19.0382 1772 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:50:19.0392 1772 MSDTC - ok
13:50:19.0412 1772 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:50:19.0412 1772 Msfs - ok
13:50:19.0432 1772 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:50:19.0432 1772 mshidkmdf - ok
13:50:19.0442 1772 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
13:50:19.0452 1772 msisadrv - ok
13:50:19.0492 1772 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:50:19.0502 1772 MSiSCSI - ok
13:50:19.0502 1772 msiserver - ok
13:50:19.0552 1772 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:50:19.0552 1772 MSKSSRV - ok
13:50:19.0602 1772 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:50:19.0602 1772 MsMpSvc - ok
13:50:19.0622 1772 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:50:19.0622 1772 MSPCLOCK - ok
13:50:19.0622 1772 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:50:19.0632 1772 MSPQM - ok
13:50:19.0652 1772 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:50:19.0652 1772 MsRPC - ok
13:50:19.0672 1772 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:50:19.0672 1772 mssmbios - ok
13:50:19.0692 1772 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:50:19.0692 1772 MSTEE - ok
13:50:19.0742 1772 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:50:19.0742 1772 MTConfig - ok
13:50:19.0772 1772 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:50:19.0772 1772 Mup - ok
13:50:19.0802 1772 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
13:50:19.0802 1772 napagent - ok
13:50:19.0852 1772 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:50:19.0852 1772 NativeWifiP - ok
13:50:19.0882 1772 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:50:19.0892 1772 NDIS - ok
13:50:19.0922 1772 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:50:19.0922 1772 NdisCap - ok
13:50:19.0982 1772 [ 7D570382A76BC329C33ED66051AD452F ] Ndisrd C:\Windows\system32\DRIVERS\ndisrd.sys
13:50:19.0982 1772 Ndisrd - ok
13:50:19.0982 1772 [ 7D570382A76BC329C33ED66051AD452F ] NdisrdMP C:\Windows\system32\DRIVERS\ndisrd.sys
13:50:19.0982 1772 NdisrdMP - ok
13:50:20.0022 1772 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:50:20.0022 1772 NdisTapi - ok
13:50:20.0042 1772 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:50:20.0042 1772 Ndisuio - ok
13:50:20.0062 1772 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:50:20.0062 1772 NdisWan - ok
13:50:20.0092 1772 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:50:20.0092 1772 NDProxy - ok
13:50:20.0112 1772 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:50:20.0112 1772 NetBIOS - ok
13:50:20.0132 1772 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:50:20.0142 1772 NetBT - ok
13:50:20.0152 1772 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
13:50:20.0152 1772 Netlogon - ok
13:50:20.0182 1772 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:50:20.0182 1772 Netman - ok
13:50:20.0202 1772 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:50:20.0202 1772 netprofm - ok
13:50:20.0232 1772 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:50:20.0232 1772 NetTcpPortSharing - ok
13:50:20.0272 1772 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:50:20.0272 1772 nfrd960 - ok
13:50:20.0322 1772 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:50:20.0322 1772 NisDrv - ok
13:50:20.0352 1772 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
13:50:20.0352 1772 NisSrv - ok
13:50:20.0392 1772 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:50:20.0402 1772 NlaSvc - ok
13:50:20.0422 1772 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:50:20.0422 1772 Npfs - ok
13:50:20.0432 1772 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:50:20.0442 1772 nsi - ok
13:50:20.0492 1772 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:50:20.0492 1772 nsiproxy - ok
13:50:20.0572 1772 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:50:20.0592 1772 Ntfs - ok
13:50:20.0672 1772 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
13:50:20.0682 1772 NTI IScheduleSvc - ok
13:50:20.0702 1772 [ 28C59F594044CBF8598B18C927097091 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
13:50:20.0712 1772 NTIBackupSvc - ok
13:50:20.0752 1772 [ 710263B44C1D1AEE07525A53401FBE48 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
13:50:20.0762 1772 NTIDrvr - ok
13:50:20.0782 1772 [ B8D903B2894FF9AFBD99CA51C35590D7 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
13:50:20.0782 1772 NTISchedulerSvc - ok
13:50:20.0832 1772 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:50:20.0842 1772 Null - ok
13:50:21.0112 1772 [ 6850D89C7ABDD8B4FB0B3659DA961379 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:50:21.0362 1772 nvlddmkm - ok
13:50:21.0392 1772 [ 76974E51DF6009246BC5663A5C090F2E ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
13:50:21.0392 1772 nvpciflt - ok
13:50:21.0422 1772 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:50:21.0432 1772 nvraid - ok
13:50:21.0452 1772 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:50:21.0462 1772 nvstor - ok
13:50:21.0492 1772 [ 2CBAF74C49C472160EBD73ADAB8DAB50 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:50:21.0502 1772 nvsvc - ok
13:50:21.0582 1772 [ 31BFDB32AB3DF6EA6801B3E9219B7F68 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
13:50:21.0602 1772 nvUpdatusService - ok
13:50:21.0632 1772 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
13:50:21.0642 1772 nv_agp - ok
13:50:21.0702 1772 [ BA7DAC1B8A86D9402C3E04E1FCAA600D ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
13:50:21.0702 1772 ODDPwrSvc - ok
13:50:21.0722 1772 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:50:21.0722 1772 ohci1394 - ok
13:50:21.0772 1772 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:50:21.0772 1772 ose - ok
13:50:21.0912 1772 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:50:22.0022 1772 osppsvc - ok
13:50:22.0052 1772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:50:22.0052 1772 p2pimsvc - ok
13:50:22.0082 1772 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:50:22.0092 1772 p2psvc - ok
13:50:22.0112 1772 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:50:22.0122 1772 Parport - ok
13:50:22.0162 1772 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:50:22.0162 1772 partmgr - ok
13:50:22.0202 1772 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:50:22.0202 1772 PcaSvc - ok
13:50:22.0212 1772 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
13:50:22.0212 1772 pci - ok
13:50:22.0232 1772 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
13:50:22.0232 1772 pciide - ok
13:50:22.0242 1772 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:50:22.0252 1772 pcmcia - ok
13:50:22.0272 1772 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:50:22.0272 1772 pcw - ok
13:50:22.0292 1772 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:50:22.0302 1772 PEAUTH - ok
13:50:22.0382 1772 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:50:22.0382 1772 PerfHost - ok
13:50:22.0442 1772 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
13:50:22.0462 1772 pla - ok
13:50:22.0512 1772 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:50:22.0512 1772 PlugPlay - ok
13:50:22.0542 1772 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:50:22.0542 1772 PNRPAutoReg - ok
13:50:22.0582 1772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:50:22.0592 1772 PNRPsvc - ok
13:50:22.0652 1772 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:50:22.0662 1772 PolicyAgent - ok
13:50:22.0692 1772 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:50:22.0702 1772 Power - ok
13:50:22.0732 1772 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:50:22.0732 1772 PptpMiniport - ok
13:50:22.0772 1772 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:50:22.0782 1772 Processor - ok
13:50:22.0842 1772 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
13:50:22.0852 1772 ProfSvc - ok
13:50:22.0862 1772 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:50:22.0862 1772 ProtectedStorage - ok
13:50:22.0882 1772 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:50:22.0882 1772 Psched - ok
13:50:22.0932 1772 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:50:22.0932 1772 PxHlpa64 - ok
13:50:22.0982 1772 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:50:23.0002 1772 ql2300 - ok
13:50:23.0022 1772 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:50:23.0032 1772 ql40xx - ok
13:50:23.0072 1772 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:50:23.0082 1772 QWAVE - ok
13:50:23.0112 1772 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:50:23.0112 1772 QWAVEdrv - ok
13:50:23.0122 1772 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:50:23.0122 1772 RasAcd - ok
13:50:23.0162 1772 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:50:23.0162 1772 RasAgileVpn - ok
13:50:23.0172 1772 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:50:23.0182 1772 RasAuto - ok
13:50:23.0202 1772 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:50:23.0202 1772 Rasl2tp - ok
13:50:23.0252 1772 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
13:50:23.0262 1772 RasMan - ok
13:50:23.0282 1772 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:50:23.0282 1772 RasPppoe - ok
13:50:23.0302 1772 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:50:23.0312 1772 RasSstp - ok
13:50:23.0332 1772 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:50:23.0332 1772 rdbss - ok
13:50:23.0352 1772 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:50:23.0362 1772 rdpbus - ok
13:50:23.0382 1772 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:50:23.0382 1772 RDPCDD - ok
13:50:23.0392 1772 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:50:23.0392 1772 RDPENCDD - ok
13:50:23.0402 1772 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:50:23.0402 1772 RDPREFMP - ok
13:50:23.0462 1772 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:50:23.0462 1772 RDPWD - ok
13:50:23.0512 1772 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:50:23.0512 1772 rdyboost - ok
13:50:23.0542 1772 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:50:23.0552 1772 RemoteAccess - ok
13:50:23.0582 1772 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:50:23.0592 1772 RemoteRegistry - ok
13:50:23.0632 1772 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
13:50:23.0642 1772 RichVideo - ok
13:50:23.0652 1772 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:50:23.0652 1772 RpcEptMapper - ok
13:50:23.0672 1772 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:50:23.0672 1772 RpcLocator - ok
13:50:23.0722 1772 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
13:50:23.0722 1772 RpcSs - ok
13:50:23.0762 1772 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:50:23.0762 1772 rspndr - ok
13:50:23.0772 1772 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
13:50:23.0782 1772 SamSs - ok
13:50:23.0802 1772 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
13:50:23.0802 1772 sbp2port - ok
13:50:23.0832 1772 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:50:23.0832 1772 SCardSvr - ok
13:50:23.0852 1772 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:50:23.0852 1772 scfilter - ok
13:50:23.0912 1772 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
13:50:23.0932 1772 Schedule - ok
13:50:23.0962 1772 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:50:23.0962 1772 SCPolicySvc - ok
13:50:23.0992 1772 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:50:24.0002 1772 SDRSVC - ok
13:50:24.0042 1772 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:50:24.0042 1772 secdrv - ok
13:50:24.0052 1772 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
13:50:24.0052 1772 seclogon - ok
13:50:24.0072 1772 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:50:24.0072 1772 SENS - ok
13:50:24.0102 1772 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:50:24.0112 1772 SensrSvc - ok
13:50:24.0132 1772 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:50:24.0132 1772 Serenum - ok
13:50:24.0192 1772 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:50:24.0192 1772 Serial - ok
13:50:24.0222 1772 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:50:24.0232 1772 sermouse - ok
13:50:24.0282 1772 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
13:50:24.0292 1772 SessionEnv - ok
13:50:24.0302 1772 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
13:50:24.0302 1772 sffdisk - ok
13:50:24.0332 1772 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:50:24.0332 1772 sffp_mmc - ok
13:50:24.0342 1772 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
13:50:24.0342 1772 sffp_sd - ok
13:50:24.0372 1772 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:50:24.0372 1772 sfloppy - ok
13:50:24.0452 1772 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
13:50:24.0462 1772 Sftfs - ok
13:50:24.0552 1772 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:50:24.0552 1772 sftlist - ok
13:50:24.0602 1772 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:50:24.0612 1772 Sftplay - ok
13:50:24.0622 1772 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:50:24.0622 1772 Sftredir - ok
13:50:24.0632 1772 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
13:50:24.0642 1772 Sftvol - ok
13:50:24.0672 1772 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:50:24.0672 1772 sftvsa - ok
13:50:24.0722 1772 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:50:24.0732 1772 ShellHWDetection - ok
13:50:24.0762 1772 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:50:24.0762 1772 SiSRaid2 - ok
13:50:24.0782 1772 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:50:24.0782 1772 SiSRaid4 - ok
13:50:24.0882 1772 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:50:24.0882 1772 SkypeUpdate - ok
13:50:24.0952 1772 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
13:50:24.0952 1772 SmartDefragDriver - ok
13:50:25.0012 1772 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:50:25.0012 1772 Smb - ok
13:50:25.0052 1772 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:50:25.0062 1772 SNMPTRAP - ok
13:50:25.0072 1772 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:50:25.0072 1772 spldr - ok
13:50:25.0132 1772 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
13:50:25.0142 1772 Spooler - ok
13:50:25.0222 1772 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
13:50:25.0312 1772 sppsvc - ok
13:50:25.0322 1772 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:50:25.0332 1772 sppuinotify - ok
13:50:25.0362 1772 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:50:25.0362 1772 srv - ok
13:50:25.0372 1772 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:50:25.0382 1772 srv2 - ok
13:50:25.0392 1772 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:50:25.0402 1772 srvnet - ok
13:50:25.0432 1772 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:50:25.0442 1772 SSDPSRV - ok
13:50:25.0492 1772 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:50:25.0492 1772 SstpSvc - ok
13:50:25.0542 1772 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:50:25.0542 1772 stexstor - ok
13:50:25.0592 1772 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
13:50:25.0602 1772 stisvc - ok
13:50:25.0622 1772 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:50:25.0622 1772 swenum - ok
13:50:25.0692 1772 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:50:25.0702 1772 SwitchBoard - ok
13:50:25.0742 1772 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:50:25.0752 1772 swprv - ok
13:50:25.0812 1772 [ 868DFB220A18312A12CEF01BA9AC069B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:50:25.0812 1772 SynTP - ok
13:50:25.0892 1772 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
13:50:25.0922 1772 SysMain - ok
13:50:25.0932 1772 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:50:25.0942 1772 TabletInputService - ok
13:50:26.0002 1772 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
13:50:26.0002 1772 taphss - ok
13:50:26.0042 1772 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
13:50:26.0052 1772 TapiSrv - ok
13:50:26.0072 1772 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:50:26.0072 1772 TBS - ok
13:50:26.0172 1772 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:50:26.0192 1772 Tcpip - ok
13:50:26.0252 1772 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:50:26.0262 1772 TCPIP6 - ok
13:50:26.0292 1772 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:50:26.0292 1772 tcpipreg - ok
13:50:26.0312 1772 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:50:26.0312 1772 TDPIPE - ok
13:50:26.0362 1772 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:50:26.0362 1772 TDTCP - ok
13:50:26.0402 1772 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:50:26.0402 1772 tdx - ok
13:50:26.0422 1772 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:50:26.0432 1772 TermDD - ok
13:50:26.0482 1772 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
13:50:26.0492 1772 TermService - ok
13:50:26.0522 1772 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:50:26.0522 1772 Themes - ok
13:50:26.0582 1772 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:50:26.0582 1772 THREADORDER - ok
13:50:26.0622 1772 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:50:26.0622 1772 TrkWks - ok
13:50:26.0702 1772 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:50:26.0702 1772 TrustedInstaller - ok
13:50:26.0752 1772 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:50:26.0752 1772 tssecsrv - ok
13:50:26.0802 1772 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:50:26.0802 1772 tunnel - ok
13:50:26.0842 1772 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:50:26.0842 1772 uagp35 - ok
13:50:26.0882 1772 [ 40079B0B801C5432BA435B5AD61CE6E3 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
13:50:26.0882 1772 UBHelper - ok
13:50:26.0902 1772 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:50:26.0902 1772 udfs - ok
13:50:26.0942 1772 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:50:26.0942 1772 UI0Detect - ok
13:50:26.0972 1772 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
13:50:26.0972 1772 uliagpkx - ok
13:50:26.0992 1772 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:50:27.0002 1772 umbus - ok
13:50:27.0022 1772 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:50:27.0022 1772 UmPass - ok
13:50:27.0162 1772 [ CBDEE152D73200EE49031A26310B9D3E ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:50:27.0182 1772 UNS - ok
13:50:27.0232 1772 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
13:50:27.0232 1772 Updater Service - ok
13:50:27.0262 1772 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:50:27.0262 1772 upnphost - ok
13:50:27.0292 1772 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:50:27.0292 1772 usbccgp - ok
13:50:27.0332 1772 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
13:50:27.0332 1772 usbcir - ok
13:50:27.0352 1772 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:50:27.0352 1772 usbehci - ok
13:50:27.0372 1772 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:50:27.0382 1772 usbhub - ok
13:50:27.0392 1772 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:50:27.0392 1772 usbohci - ok
13:50:27.0412 1772 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:50:27.0412 1772 usbprint - ok
13:50:27.0432 1772 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:50:27.0432 1772 USBSTOR - ok
13:50:27.0452 1772 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:50:27.0452 1772 usbuhci - ok
13:50:27.0512 1772 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:50:27.0522 1772 usbvideo - ok
13:50:27.0542 1772 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:50:27.0542 1772 UxSms - ok
13:50:27.0562 1772 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
13:50:27.0562 1772 VaultSvc - ok
13:50:27.0602 1772 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
13:50:27.0602 1772 vdrvroot - ok
13:50:27.0632 1772 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
13:50:27.0632 1772 vds - ok
13:50:27.0642 1772 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:50:27.0652 1772 vga - ok
13:50:27.0662 1772 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:50:27.0662 1772 VgaSave - ok
13:50:27.0692 1772 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
13:50:27.0692 1772 vhdmp - ok
13:50:27.0702 1772 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
13:50:27.0702 1772 viaide - ok
13:50:27.0722 1772 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
13:50:27.0722 1772 volmgr - ok
13:50:27.0752 1772 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:50:27.0752 1772 volmgrx - ok
13:50:27.0772 1772 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
13:50:27.0782 1772 volsnap - ok
13:50:27.0802 1772 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:50:27.0812 1772 vsmraid - ok
13:50:27.0872 1772 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
13:50:27.0902 1772 VSS - ok
13:50:27.0912 1772 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:50:27.0912 1772 vwifibus - ok
13:50:27.0932 1772 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:50:27.0932 1772 vwififlt - ok
13:50:27.0952 1772 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:50:27.0952 1772 W32Time - ok
13:50:27.0972 1772 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:50:27.0972 1772 WacomPen - ok
13:50:28.0002 1772 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:50:28.0002 1772 WANARP - ok
13:50:28.0002 1772 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:50:28.0002 1772 Wanarpv6 - ok
13:50:28.0072 1772 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:50:28.0082 1772 WatAdminSvc - ok
13:50:28.0152 1772 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
13:50:28.0172 1772 wbengine - ok
13:50:28.0192 1772 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:50:28.0202 1772 WbioSrvc - ok
13:50:28.0242 1772 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:50:28.0252 1772 wcncsvc - ok
13:50:28.0272 1772 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:50:28.0272 1772 WcsPlugInService - ok
13:50:28.0302 1772 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:50:28.0302 1772 Wd - ok
13:50:28.0332 1772 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
13:50:28.0332 1772 WDC_SAM - ok
13:50:28.0352 1772 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:50:28.0362 1772 Wdf01000 - ok
13:50:28.0382 1772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:50:28.0382 1772 WdiServiceHost - ok
13:50:28.0392 1772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:50:28.0392 1772 WdiSystemHost - ok
13:50:28.0422 1772 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
13:50:28.0422 1772 WebClient - ok
13:50:28.0452 1772 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:50:28.0462 1772 Wecsvc - ok
13:50:28.0492 1772 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:50:28.0492 1772 wercplsupport - ok
13:50:28.0512 1772 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:50:28.0512 1772 WerSvc - ok
13:50:28.0542 1772 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:50:28.0552 1772 WfpLwf - ok
13:50:28.0572 1772 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:50:28.0572 1772 WIMMount - ok
13:50:28.0582 1772 WinHttpAutoProxySvc - ok
13:50:28.0662 1772 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:50:28.0672 1772 Winmgmt - ok
13:50:28.0732 1772 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
13:50:28.0752 1772 WinRM - ok
13:50:28.0852 1772 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:50:28.0862 1772 Wlansvc - ok
13:50:29.0002 1772 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:50:29.0022 1772 wlidsvc - ok
13:50:29.0072 1772 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:50:29.0072 1772 WmiAcpi - ok
13:50:29.0102 1772 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:50:29.0102 1772 wmiApSrv - ok
13:50:29.0142 1772 WMPNetworkSvc - ok
13:50:29.0162 1772 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:50:29.0162 1772 WPCSvc - ok
13:50:29.0182 1772 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:50:29.0182 1772 WPDBusEnum - ok
13:50:29.0232 1772 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:50:29.0232 1772 ws2ifsl - ok
13:50:29.0242 1772 WSearch - ok
13:50:29.0252 1772 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:50:29.0262 1772 WudfPf - ok
13:50:29.0292 1772 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:50:29.0292 1772 WUDFRd - ok
13:50:29.0312 1772 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:50:29.0312 1772 wudfsvc - ok
13:50:29.0352 1772 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:50:29.0352 1772 WwanSvc - ok
13:50:29.0422 1772 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
13:50:29.0422 1772 xusb21 - ok
13:50:29.0432 1772 ================ Scan global ===============================
13:50:29.0452 1772 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:50:29.0512 1772 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
13:50:29.0522 1772 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
13:50:29.0542 1772 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:50:29.0592 1772 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:50:29.0592 1772 [Global] - ok
13:50:29.0592 1772 ================ Scan MBR ==================================
13:50:29.0602 1772 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:50:29.0932 1772 \Device\Harddisk0\DR0 - ok
13:50:29.0932 1772 ================ Scan VBR ==================================
13:50:29.0942 1772 [ 07909F25D0AD7DDD435A7D8361525382 ] \Device\Harddisk0\DR0\Partition1
13:50:29.0942 1772 \Device\Harddisk0\DR0\Partition1 - ok
13:50:29.0982 1772 [ 0FD1AED5A6C44141572D8AA029BBB58F ] \Device\Harddisk0\DR0\Partition2
13:50:29.0982 1772 \Device\Harddisk0\DR0\Partition2 - ok
13:50:29.0982 1772 ============================================================
13:50:29.0982 1772 Scan finished
13:50:29.0982 1772 ============================================================
13:50:30.0002 4872 Detected object count: 0
13:50:30.0002 4872 Actual detected object count: 0


TDSSKiller ^^



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-25 13:54:22
-----------------------------
13:54:22.207 OS Version: Windows x64 6.1.7600
13:54:22.207 Number of processors: 4 586 0x2505
13:54:22.207 ComputerName: GO-GO-GADGET UserName: Jeff
13:54:23.659 Initialize success
13:55:41.377 AVAST engine defs: 12082500
13:56:03.027 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:56:03.037 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
13:56:03.057 Disk 0 MBR read successfully
13:56:03.057 Disk 0 MBR scan
13:56:03.127 Disk 0 Windows 7 default MBR code
13:56:03.147 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14336 MB offset 2048
13:56:03.167 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 29362176
13:56:03.187 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 462502 MB offset 29566976
13:56:03.227 Disk 0 scanning C:\Windows\system32\drivers
13:56:17.207 Service scanning
13:56:55.332 Modules scanning
13:56:55.342 Disk 0 trace - called modules:
13:56:55.402 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
13:56:55.732 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800528f060]
13:56:55.732 3 CLASSPNP.SYS[fffff88001b7343f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fef050]
13:56:57.592 AVAST engine scan C:\Windows
13:57:01.357 AVAST engine scan C:\Windows\system32
14:01:44.407 AVAST engine scan C:\Windows\system32\drivers
14:02:03.396 AVAST engine scan C:\Users\Jeff



aswMBR ^^

ESET no threats found. problem is after restart firesef.AB and firesef.P both show up as quarantined on MSE and still can't turn on firewall and still get an occasional pop up.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:27 PM

Posted 25 August 2012 - 03:38 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Slick_Jeff

Slick_Jeff
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 25 August 2012 - 03:59 PM

well i was wrong. after the restart, this time nothing came up. but i get this error code for firewall when attempting to turn it on 0x80070424 and virus and spyware updates fail for MSE (microsofts directions didn't work because under services, there is no windows update or restart to choose). should i still follow steps above?

Edited by Slick_Jeff, 25 August 2012 - 04:02 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:27 PM

Posted 25 August 2012 - 04:03 PM

Please follow my instructions.

#7 Slick_Jeff

Slick_Jeff
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 25 August 2012 - 06:04 PM

***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Jeff\AppData\Local\Conduit
Folder Deleted : C:\Users\Jeff\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Jeff\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jeff\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\r4qdnqc8.default\ConduitCommon
Folder Deleted : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\r4qdnqc8.default\CT2704262
Folder Deleted : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\r4qdnqc8.default\extensions\{32b29df0-2237-4370-9a29-37cebb730e9b}

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2704262
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\SweetIM

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\r4qdnqc8.default\prefs.js

C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\r4qdnqc8.default\user.js ... Deleted !

Deleted : user_pref("CT2704262..clientLogIsEnabled", true);
Deleted : user_pref("CT2704262..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2704262..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2704262.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2704262.AppTrackingLastCheckTime", "Thu Sep 01 2011 23:25:27 GMT-0400 (Eastern Daylight[...]
Deleted : user_pref("CT2704262.BrowserCompStateIsOpen_129531294267650900", true);
Deleted : user_pref("CT2704262.CurrentServerDate", "2-9-2011");
Deleted : user_pref("CT2704262.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2704262.DialogsGetterLastCheckTime", "Thu Sep 01 2011 23:25:18 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2704262.DownloadReferralCookieData", "");
Deleted : user_pref("CT2704262.FeedLastCount129531287796537552", 220);
Deleted : user_pref("CT2704262.FeedPollDate129531287797162554", "Thu Sep 01 2011 23:25:16 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2704262.FeedPollDate129531287797162555", "Thu Sep 01 2011 23:25:16 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2704262.FeedPollDate129531287797162556", "Fri Sep 02 2011 12:10:12 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2704262.FeedPollDate129531287797162557", "Fri Sep 02 2011 12:10:12 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2704262.FeedPollDate129531287797162558", "Fri Sep 02 2011 12:10:12 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2704262.FeedPollDate129531287797162559", "Fri Sep 02 2011 12:10:12 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2704262.FeedPollDate129531287797162560", "Fri Sep 02 2011 12:10:12 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2704262.FeedPollDate129531287797162561", "Fri Sep 02 2011 12:10:12 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2704262.FeedTTL129531287797162554", 40);
Deleted : user_pref("CT2704262.FeedTTL129531287797162555", 40);
Deleted : user_pref("CT2704262.FeedTTL129531287797162556", 40);
Deleted : user_pref("CT2704262.FeedTTL129531287797162557", 40);
Deleted : user_pref("CT2704262.FeedTTL129531287797162558", 40);
Deleted : user_pref("CT2704262.FeedTTL129531287797162559", 40);
Deleted : user_pref("CT2704262.FeedTTL129531287797162560", 40);
Deleted : user_pref("CT2704262.FeedTTL129531287797162561", 40);
Deleted : user_pref("CT2704262.FirstServerDate", "24-8-2011");
Deleted : user_pref("CT2704262.FirstTimeFF3", true);
Deleted : user_pref("CT2704262.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2704262.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2704262.HasUserGlobalKeys", true);
Deleted : user_pref("CT2704262.Initialize", true);
Deleted : user_pref("CT2704262.InitializeCommonPrefs", true);
Deleted : user_pref("CT2704262.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2704262.InstallationId", "ConduitStubGeneric");
Deleted : user_pref("CT2704262.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT2704262.InstalledDate", "Wed Aug 24 2011 10:00:04 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2704262.InvalidateCache", false);
Deleted : user_pref("CT2704262.IsGrouping", false);
Deleted : user_pref("CT2704262.IsInitSetupIni", true);
Deleted : user_pref("CT2704262.IsMulticommunity", false);
Deleted : user_pref("CT2704262.IsOpenThankYouPage", true);
Deleted : user_pref("CT2704262.IsOpenUninstallPage", true);
Deleted : user_pref("CT2704262.LanguagePackLastCheckTime", "Thu Sep 01 2011 23:25:17 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2704262.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2704262.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2704262.LastLogin_3.6.0.10", "Fri Sep 02 2011 10:50:12 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2704262.LatestVersion", "3.6.0.10");
Deleted : user_pref("CT2704262.Locale", "en");
Deleted : user_pref("CT2704262.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2704262.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2704262.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2704262.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2704262.RadioIsPodcast", false);
Deleted : user_pref("CT2704262.RadioLastCheckTime", "Thu Sep 01 2011 23:25:16 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2704262.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2704262.RadioLastUpdateServer", "129242955136270000");
Deleted : user_pref("CT2704262.RadioMediaID", "21037024");
Deleted : user_pref("CT2704262.RadioMediaType", "Media Player");
Deleted : user_pref("CT2704262.RadioMenuSelectedID", "EBRadioMenu_CT270426221037024");
Deleted : user_pref("CT2704262.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2704262.RadioStationName", "California%20Rock");
Deleted : user_pref("CT2704262.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT2704262.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2704262.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2704262.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2704262.SearchInNewTabLastCheckTime", "Thu Sep 01 2011 23:25:16 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2704262.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2704262.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2704262.ServiceMapLastCheckTime", "Thu Sep 01 2011 23:25:16 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2704262.SettingsLastCheckTime", "Thu Sep 01 2011 23:25:16 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2704262.SettingsLastUpdate", "1314640022");
Deleted : user_pref("CT2704262.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2704262.ThirdPartyComponentsLastCheck", "Wed Aug 24 2011 09:56:01 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2704262.ThirdPartyComponentsLastUpdate", "1246786978");
Deleted : user_pref("CT2704262.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2704262.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2704262");
Deleted : user_pref("CT2704262.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2704262.UserID", "UN23263545518638158");
Deleted : user_pref("CT2704262.alertChannelId", "1096603");
Deleted : user_pref("CT2704262.backendstorage.2704262a129531303481232105000000paramsgk0", "7B22757064617465526[...]
Deleted : user_pref("CT2704262.backendstorage.appbuttondisablenull", "30");
Deleted : user_pref("CT2704262.backendstorage.rssapp2704262a129531303481232105000000cat0", "253542253742253232[...]
Deleted : user_pref("CT2704262.backendstorage.rssapp2704262a129531303481232105000000cat1", "253542253742253232[...]
Deleted : user_pref("CT2704262.backendstorage.rssapp2704262a129531303481232105000000cat2", "253542253742253232[...]
Deleted : user_pref("CT2704262.backendstorage.rssapp2704262a129531303481232105000000cat3", "253542253742253232[...]
Deleted : user_pref("CT2704262.backendstorage.rssapp2704262a129531303481232105000000embeddedversion", "312E312[...]
Deleted : user_pref("CT2704262.backendstorage.rssapp2704262a129531303481232105000000feedsobj", "25374225323263[...]
Deleted : user_pref("CT2704262.backendstorage.rssapp2704262a129531303481232105000000lastreporttime", "31333134[...]
Deleted : user_pref("CT2704262.backendstorage.rssapp2704262a129531303481232105000000newfeeds", "6E657746656564[...]
Deleted : user_pref("CT2704262.backendstorage.rssapp2704262a129531303481232105000000readitemsarr", "2537422532[...]
Deleted : user_pref("CT2704262.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2704262.globalFirstTimeInfoLastCheckTime", "Fri Sep 02 2011 04:26:33 GMT-0400 (Eastern [...]
Deleted : user_pref("CT2704262.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2704262.initDone", true);
Deleted : user_pref("CT2704262.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2704262.isFirstRadioInstallation", false);
Deleted : user_pref("CT2704262.myStuffEnabled", true);
Deleted : user_pref("CT2704262.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2704262.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2704262.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2704262.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2704262.oldAppsList", "129234816889269295,129234816889425546,1000048,111,12924761782679[...]
Deleted : user_pref("CT2704262.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2704262.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2704262.testingCtid", "");
Deleted : user_pref("CT2704262.toolbarAppMetaDataLastCheckTime", "Thu Sep 01 2011 23:25:17 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2704262.toolbarContextMenuLastCheckTime", "Wed Aug 24 2011 09:56:08 GMT-0400 (Eastern D[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1096603/1092307/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2704262", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2704262",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2704262&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/14293310.xml", "\"57461398b08752df0a2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"0319e2d4cebd2599d7c[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"1d26670b0347d77ff56[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"835a74ba70b32836c41[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"4e2006f971d577058bb[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"4ae8133dcdd58daaad1ca[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"6002f03f913b12237cc11[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Jeff\\AppData\\Roaming\\Mozilla\\Fi[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2704262");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2704262");
Deleted : user_pref("CommunityToolbar.globalUserId", "e59eaae8-0c5d-49fa-a0ae-4c43ddaf339a");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Sep 01 2011 23:25:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Sep 01 2011 23:25:24 GMT-040[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Sep 01 2011 23:25:16 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "e30fa635-fc86-4cc7-bdf1-1d4edd5dd5ec");
Deleted : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Fri Sep 02 2011 10:51:09 GMT-0400 [...]
Deleted : user_pref("CommunityToolbar.twitter.user_14293310.LastCheckTime", "Fri Sep 02 2011 10:51:09 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Fri Sep 02 2011 10:51:09 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Fri Sep 02 2011 10:51:09 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Fri Sep 02 2011 10:51:09 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Fri Sep 02 2011 10:51:09 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Fri Sep 02 2011 10:51:09 GMT-0400 ([...]
Deleted : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Fri Sep 02 2011 10:51:09 GMT-0400 ([...]

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [17033 octets] - [25/08/2012 17:08:59]
AdwCleaner[S1].txt - [16787 octets] - [25/08/2012 17:09:23]

########## EOF - C:\AdwCleaner[S1].txt - [16916 octets] ##########

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

















0.0.0.0 localhost
0.0.0.0 localhost

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com

There are 10595 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR5B97 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Go-Go-Gadget
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5B97 Wireless Network Adapter
Physical Address. . . . . . . . . : 4C-0F-6E-8E-AE-5C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9551:51dd:1ffc:4e5e%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.3.129(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, August 25, 2012 5:10:55 PM
Lease Expires . . . . . . . . . . : Sunday, August 26, 2012 5:10:58 PM
Default Gateway . . . . . . . . . : 192.168.3.1
DHCP Server . . . . . . . . . . . : 192.168.3.1
DHCPv6 IAID . . . . . . . . . . . : 424415086
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-6D-2C-68-60-EB-69-83-F5-9F
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 60-EB-69-83-F5-9F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {AFFB8EEC-131D-448C-8E58-BF48FE438E1E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{76ED2E26-566F-4889-A876-56DA6C4F062E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {DF1AE8F1-AFD1-479C-B42B-0069D859EEFD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6DE3A2AA-3AFB-4537-9D4F-97D098A84511}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 2607:f8b0:4004:801::1004
74.125.228.39
74.125.228.40
74.125.228.41
74.125.228.46
74.125.228.32
74.125.228.33
74.125.228.34
74.125.228.35
74.125.228.36
74.125.228.37
74.125.228.38


Pinging google.com [74.125.228.40] with 32 bytes of data:
Reply from 74.125.228.40: bytes=32 time=17ms TTL=55
Reply from 74.125.228.40: bytes=32 time=17ms TTL=55

Ping statistics for 74.125.228.40:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 17ms, Average = 17ms
Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=91ms TTL=48
Reply from 98.138.253.109: bytes=32 time=80ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 80ms, Maximum = 91ms, Average = 85ms
Server: UnKnown
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...4c 0f 6e 8e ae 5c ......Atheros AR5B97 Wireless Network Adapter
11...60 eb 69 83 f5 9f ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.3.1 192.168.3.129 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.3.0 255.255.255.0 On-link 192.168.3.129 281
192.168.3.129 255.255.255.255 On-link 192.168.3.129 281
192.168.3.255 255.255.255.255 On-link 192.168.3.129 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.3.129 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.3.129 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::9551:51dd:1ffc:4e5e/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/25/2012 05:21:06 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/25/2012 05:02:02 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/25/2012 02:10:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/25/2012 02:10:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/25/2012 00:34:53 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/24/2012 06:43:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/24/2012 02:09:19 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/24/2012 10:07:23 AM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/23/2012 03:34:51 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_271.exe, version: 11.3.300.271, time stamp: 0x5026ffac
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x11c8
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_271.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_271.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_271.exe2
Report Id: FlashPlayerPlugin_11_3_300_271.exe3

Error: (08/23/2012 02:06:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.


System errors:
=============
Error: (08/25/2012 05:25:04 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.133.78.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/25/2012 05:11:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/25/2012 05:10:56 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/25/2012 05:10:56 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/25/2012 05:01:59 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.133.78.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/25/2012 04:58:49 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.133.78.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/25/2012 04:53:00 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.133.78.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/25/2012 04:51:53 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/25/2012 04:51:49 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/25/2012 04:51:48 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (08/25/2012 05:21:06 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/25/2012 05:02:02 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/25/2012 02:10:17 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Jeff\Downloads\esetsmartinstaller_enu(1).exe

Error: (08/25/2012 02:10:14 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Jeff\Downloads\esetsmartinstaller_enu(1).exe

Error: (08/25/2012 00:34:53 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/24/2012 06:43:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/24/2012 02:09:19 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/24/2012 10:07:23 AM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/23/2012 03:34:51 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_3_300_271.exe11.3.300.2715026ffacunknown0.0.0.000000000c00000050000000011c801cd8145976d7444C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exeunknown9b1df7ce-ed59-11e1-a0db-60eb6983f59f

Error: (08/23/2012 02:06:28 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\Users\Jeff\downloads\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acer Arcade Deluxe (Version: 4.0.7830)
Acer Arcade Movie (Version: 9.0.6625)
Acer Backup Manager (Version: 2.0.0.68)
Acer Crystal Eye webcam (Version: 1.0.3.7)
Acer ePower Management (Version: 5.00.3005)
Acer eRecovery Management (Version: 4.05.3013)
Acer Registration (Version: 1.03.3003)
Acer ScreenSaver (Version: 1.1.0120.2010)
Acer Updater (Version: 1.02.3001)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 3.2.0.2070)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Download Assistant (Version: 1.0.3)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Alcor Micro USB Card Reader (Version: 1.9.17.06019)
Alipay Cert Component 2.0.0.4 (Version: 2.0.0.4)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.33)
Backup Manager Basic (Version: 2.0.0.68)
CMBEdit (Version: 1.2.0.0)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.41.3.0173)
ESET Online Scanner v3
Google Chrome (Version: 21.0.1180.83)
HandBrake 0.9.5 (Version: 0.9.5)
Hunter Hunted 1.0
Identity Card (Version: 1.00.3003)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2119)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (Version: 6.0.330)
LG SP USB Driver (Version: 1.0)
LG United Mobile Driver (Version: 3.6.0.0)
LIVE gaming on Windows Runtime Version 1.0.6027 (Version: 1.0.6027)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MediaShow Espresso (Version: 5.5.1403_23691)
MegaChinese_v2.0
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Age of Empires II
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mobipocket Creator 4.2 (Version: 4.2.41)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NTI Backup Now 5 (Version: 5.1.2.630)
NTI Backup Now Standard (Version: 5.1.2.630)
NTI Media Maker 8 (Version: 8.0.12.6636)
NVIDIA Display Control Panel (Version: 6.14.12.5912)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA PhysX (Version: 9.10.0224)
NVIDIA Updatus (Version: 1.0.3)
Optical Drive Power Management (Version: 1.01.3007)
Pando Media Booster (Version: 2.6.0.8)
PDF Settings CS5 (Version: 10.0)
Project64 1.6 (Version: 1.6)
PxMergeModule (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Skype Click to Call (Version: 5.10.9560)
Skype™ 5.10 (Version: 5.10.116)
Smart Defrag 2 (Version: 2.3)
Synaptics Pointing Device Driver (Version: 15.0.18.0)
System Requirements Lab for Intel (Version: 4.5.3.0)
Tencent QQ (Version: 1.75.2548.0)
The Rosetta Stone
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Welcome Center (Version: 1.02.3004)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 3766.68 MB
Available physical RAM: 1734.85 MB
Total Pagefile: 7531.5 MB
Available Pagefile: 5427.14 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.5 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:451.66 GB) (Free:120.53 GB) NTFS

========================= Users: ========================================

User accounts for \\GO-GO-GADGET

Administrator Guest Jeff
UpdatusUser


**** End of log ****

Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 00:33] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

no malicious items detected on the first malwarebyte scan

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:27 PM

Posted 25 August 2012 - 06:13 PM

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair windows updates


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#9 Slick_Jeff

Slick_Jeff
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 26 August 2012 - 09:40 AM

Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 00:33] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-10 04:19] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-12 20:07] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/26/2012 10:38:34 AM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Jeff\Desktop\rkill\rkill-08-26-2012-10-38-39.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* No issues found.

Checking Windows Service Integrity:

* AppMgmt [Missing Service]
* BITS [Missing Service]
* CscService [Missing Service]
* iphlpsvc [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]
* WinDefend [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/26/2012 10:38:50 AM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)


firewall is now working, any other issues u see?

Edited by Slick_Jeff, 26 August 2012 - 09:44 AM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:27 PM

Posted 26 August 2012 - 09:44 AM

Download

defender
BITS

Launch them,click YES

Download

Hosts fix

Run it

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 Slick_Jeff

Slick_Jeff
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 27 August 2012 - 02:54 PM

thanks so much narenxp. couldn't have done it without you so i really appreciate all the help and time you put into helping me out.

regards,
Jeff

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:27 PM

Posted 27 August 2012 - 02:57 PM

You're most welcome :)

#13 Slick_Jeff

Slick_Jeff
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 27 August 2012 - 08:28 PM

=]




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users