Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser pop-ups, redirects, like everyone else.


  • Please log in to reply
16 replies to this topic

#1 tizzo

tizzo

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL
  • Local time:07:11 PM

Posted 06 September 2012 - 12:35 AM

It's been a long time, but I find myself back here asking for help again...

I'm running Windows 7 Home Premium, 64-bit. During the last couple of weeks I've been seeing ads popping up in the corners of my browser window. This happens on both IE and FF. And lately I've been getting redirected - I click on a link and go to a completely different web site. This also happens on both IE and FF.

So far I've tried AVG (which finds nothing, and it looks like the malware is sticking ads on AVG's UI - they flicker and don't line up), MalwareBytes (which also finds nothing), and SUPERAntiSpyWare, which shows only tracking cookies. I also installed AdAware, but it won't run (presumably because the malware won't let it, but I'm not sure).

Oh yeah, I did a little digging through some of the other posts here, and noticed some attention paid to windows\system32\etc\hosts, so I took a quick look. If I open the file using Explorer, I see what you expect, the header information and a line aliasing 127.0.0.1 to localhost. But if I use cmd.exe like one of the other posts recommended, I see this with several pages of blank lines, followed by entries sending www.google-analytics.com, ad-emea.doubleclick.net, and www.statcounter.com each to two different IP addresses. One is 64.27.18.42 and the other is 108.163.215.51.

Hopefully I've provided enough to help you help me. Thanks!

Tony

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:11 PM

Posted 06 September 2012 - 07:18 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 tizzo

tizzo
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL
  • Local time:07:11 PM

Posted 06 September 2012 - 08:34 PM

As a heads up, ESET warned me about the presence of other AV software and said that might affect it. Not sure if it meant performance or results. Should I have taken down AVG, Malware Bytes, and AdAware before I did this?

Anyway, here are the logs...

TDSSKiller:

21:18:06.0625 6332  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:18:07.0046 6332  ============================================================
21:18:07.0046 6332  Current date / time: 2012/09/06 21:18:07.0046
21:18:07.0046 6332  SystemInfo:
21:18:07.0046 6332  
21:18:07.0046 6332  OS Version: 6.1.7601 ServicePack: 1.0
21:18:07.0046 6332  Product type: Workstation
21:18:07.0046 6332  ComputerName: OTTER
21:18:07.0046 6332  UserName: Tony
21:18:07.0046 6332  Windows directory: C:\Windows
21:18:07.0046 6332  System windows directory: C:\Windows
21:18:07.0046 6332  Running under WOW64
21:18:07.0046 6332  Processor architecture: Intel x64
21:18:07.0046 6332  Number of processors: 4
21:18:07.0046 6332  Page size: 0x1000
21:18:07.0046 6332  Boot type: Normal boot
21:18:07.0046 6332  ============================================================
21:18:07.0592 6332  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:18:07.0608 6332  ============================================================
21:18:07.0608 6332  \Device\Harddisk0\DR0:
21:18:07.0608 6332  MBR partitions:
21:18:07.0608 6332  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:18:07.0608 6332  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37756800
21:18:07.0608 6332  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x377BA800, BlocksNum 0x2B97800
21:18:07.0608 6332  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
21:18:07.0608 6332  ============================================================
21:18:07.0624 6332  C: <-> \Device\Harddisk0\DR0\Partition2
21:18:07.0670 6332  D: <-> \Device\Harddisk0\DR0\Partition3
21:18:07.0686 6332  F: <-> \Device\Harddisk0\DR0\Partition4
21:18:07.0686 6332  ============================================================
21:18:07.0686 6332  Initialize success
21:18:07.0686 6332  ============================================================
21:18:39.0806 5488  ============================================================
21:18:39.0806 5488  Scan started
21:18:39.0806 5488  Mode: Manual; TDLFS; 
21:18:39.0806 5488  ============================================================
21:18:40.0462 5488  ================ Scan system memory ========================
21:18:40.0462 5488  System memory - ok
21:18:40.0462 5488  ================ Scan services =============================
21:18:40.0524 5488  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:18:40.0540 5488  !SASCORE - ok
21:18:40.0727 5488  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:18:40.0727 5488  1394ohci - ok
21:18:40.0820 5488  [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
21:18:40.0836 5488  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
21:18:40.0867 5488  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
21:18:40.0867 5488  Accelerometer - ok
21:18:40.0914 5488  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:18:40.0930 5488  ACPI - ok
21:18:40.0976 5488  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:18:40.0992 5488  AcpiPmi - ok
21:18:41.0117 5488  [ AF9658974154C3B6A333D86DC2E0AAC8 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
21:18:41.0132 5488  Ad-Aware Service - ok
21:18:41.0273 5488  [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:18:41.0273 5488  AdobeFlashPlayerUpdateSvc - ok
21:18:41.0335 5488  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:18:41.0351 5488  adp94xx - ok
21:18:41.0382 5488  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:18:41.0382 5488  adpahci - ok
21:18:41.0429 5488  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:18:41.0429 5488  adpu320 - ok
21:18:41.0460 5488  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:18:41.0476 5488  AeLookupSvc - ok
21:18:41.0538 5488  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
21:18:41.0538 5488  AESTFilters - ok
21:18:41.0585 5488  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:18:41.0600 5488  AFD - ok
21:18:41.0632 5488  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:18:41.0632 5488  agp440 - ok
21:18:41.0663 5488  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:18:41.0678 5488  ALG - ok
21:18:41.0710 5488  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:18:41.0710 5488  aliide - ok
21:18:41.0725 5488  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:18:41.0725 5488  amdide - ok
21:18:41.0756 5488  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:18:41.0756 5488  AmdK8 - ok
21:18:41.0772 5488  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:18:41.0788 5488  AmdPPM - ok
21:18:41.0803 5488  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:18:41.0803 5488  amdsata - ok
21:18:41.0850 5488  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:18:41.0850 5488  amdsbs - ok
21:18:41.0866 5488  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:18:41.0866 5488  amdxata - ok
21:18:41.0912 5488  [ 157B1C973637919DCD0D0464167C86BA ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
21:18:41.0912 5488  AMPPAL - ok
21:18:41.0928 5488  [ 157B1C973637919DCD0D0464167C86BA ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
21:18:41.0928 5488  AMPPALP - ok
21:18:41.0990 5488  [ FB70F8C1283C8CC6BFAA6F9971107E68 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:18:42.0006 5488  AMPPALR3 - ok
21:18:42.0037 5488  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:18:42.0037 5488  AppID - ok
21:18:42.0068 5488  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:18:42.0068 5488  AppIDSvc - ok
21:18:42.0084 5488  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
21:18:42.0100 5488  Appinfo - ok
21:18:42.0115 5488  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:18:42.0131 5488  arc - ok
21:18:42.0146 5488  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:18:42.0146 5488  arcsas - ok
21:18:42.0193 5488  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:18:42.0193 5488  AsyncMac - ok
21:18:42.0224 5488  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:18:42.0224 5488  atapi - ok
21:18:42.0271 5488  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:18:42.0287 5488  AudioEndpointBuilder - ok
21:18:42.0302 5488  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:18:42.0302 5488  AudioSrv - ok
21:18:42.0334 5488  [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
21:18:42.0334 5488  AVGIDSHA - ok
21:18:42.0365 5488  [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
21:18:42.0365 5488  Avgldx64 - ok
21:18:42.0380 5488  [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
21:18:42.0380 5488  Avgmfx64 - ok
21:18:42.0427 5488  [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
21:18:42.0427 5488  Avgrkx64 - ok
21:18:42.0458 5488  [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
21:18:42.0458 5488  Avgtdia - ok
21:18:42.0536 5488  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
21:18:42.0536 5488  avgwd - ok
21:18:42.0583 5488  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:18:42.0583 5488  AxInstSV - ok
21:18:42.0614 5488  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:18:42.0630 5488  b06bdrv - ok
21:18:42.0661 5488  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:18:42.0677 5488  b57nd60a - ok
21:18:42.0708 5488  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:18:42.0708 5488  BDESVC - ok
21:18:42.0724 5488  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:18:42.0724 5488  Beep - ok
21:18:42.0786 5488  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:18:42.0802 5488  BFE - ok
21:18:42.0848 5488  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
21:18:42.0864 5488  BITS - ok
21:18:42.0880 5488  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:18:42.0895 5488  blbdrive - ok
21:18:42.0926 5488  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:18:42.0926 5488  bowser - ok
21:18:42.0942 5488  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:18:42.0942 5488  BrFiltLo - ok
21:18:42.0989 5488  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:18:42.0989 5488  BrFiltUp - ok
21:18:43.0020 5488  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:18:43.0020 5488  Browser - ok
21:18:43.0051 5488  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:18:43.0067 5488  Brserid - ok
21:18:43.0082 5488  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:18:43.0082 5488  BrSerWdm - ok
21:18:43.0114 5488  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:18:43.0114 5488  BrUsbMdm - ok
21:18:43.0129 5488  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:18:43.0129 5488  BrUsbSer - ok
21:18:43.0145 5488  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:18:43.0145 5488  BTHMODEM - ok
21:18:43.0176 5488  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:18:43.0176 5488  bthserv - ok
21:18:43.0207 5488  [ FA2D081709A764F6BEE16B7FFE03E36C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:18:43.0207 5488  BTHSSecurityMgr - ok
21:18:43.0223 5488  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:18:43.0223 5488  cdfs - ok
21:18:43.0270 5488  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:18:43.0270 5488  cdrom - ok
21:18:43.0316 5488  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:18:43.0316 5488  CertPropSvc - ok
21:18:43.0363 5488  [ EA3333DB9AB03106EEC0D6D9D487ED01 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
21:18:43.0379 5488  CinemaNow Service - ok
21:18:43.0410 5488  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:18:43.0410 5488  circlass - ok
21:18:43.0441 5488  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:18:43.0441 5488  CLFS - ok
21:18:43.0488 5488  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:18:43.0488 5488  clr_optimization_v2.0.50727_32 - ok
21:18:43.0535 5488  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:18:43.0535 5488  clr_optimization_v2.0.50727_64 - ok
21:18:43.0597 5488  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:18:43.0597 5488  clr_optimization_v4.0.30319_32 - ok
21:18:43.0628 5488  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:18:43.0628 5488  clr_optimization_v4.0.30319_64 - ok
21:18:43.0660 5488  [ 9573E8C7C3B3D1625FD941841FD0859C ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
21:18:43.0660 5488  clwvd - ok
21:18:43.0675 5488  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:18:43.0675 5488  CmBatt - ok
21:18:43.0691 5488  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:18:43.0691 5488  cmdide - ok
21:18:43.0738 5488  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
21:18:43.0753 5488  CNG - ok
21:18:43.0769 5488  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:18:43.0769 5488  Compbatt - ok
21:18:43.0816 5488  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:18:43.0816 5488  CompositeBus - ok
21:18:43.0831 5488  COMSysApp - ok
21:18:43.0847 5488  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:18:43.0847 5488  crcdisk - ok
21:18:43.0894 5488  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:18:43.0894 5488  CryptSvc - ok
21:18:43.0940 5488  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:18:43.0940 5488  DcomLaunch - ok
21:18:43.0972 5488  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:18:43.0972 5488  defragsvc - ok
21:18:44.0003 5488  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:18:44.0003 5488  DfsC - ok
21:18:44.0034 5488  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:18:44.0050 5488  Dhcp - ok
21:18:44.0081 5488  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:18:44.0081 5488  discache - ok
21:18:44.0112 5488  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:18:44.0128 5488  Disk - ok
21:18:44.0143 5488  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:18:44.0159 5488  Dnscache - ok
21:18:44.0190 5488  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:18:44.0190 5488  dot3svc - ok
21:18:44.0206 5488  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:18:44.0221 5488  DPS - ok
21:18:44.0237 5488  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:18:44.0237 5488  drmkaud - ok
21:18:44.0284 5488  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:18:44.0299 5488  DXGKrnl - ok
21:18:44.0330 5488  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:18:44.0330 5488  EapHost - ok
21:18:44.0408 5488  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:18:44.0440 5488  ebdrv - ok
21:18:44.0471 5488  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:18:44.0471 5488  EFS - ok
21:18:44.0518 5488  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:18:44.0533 5488  ehRecvr - ok
21:18:44.0564 5488  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:18:44.0564 5488  ehSched - ok
21:18:44.0596 5488  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:18:44.0611 5488  elxstor - ok
21:18:44.0689 5488  [ B5581646636759D0DAFA8B008881C079 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
21:18:44.0689 5488  EPSON_EB_RPCV4_01 - ok
21:18:44.0705 5488  [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
21:18:44.0705 5488  EPSON_PM_RPCV4_01 - ok
21:18:44.0736 5488  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:18:44.0736 5488  ErrDev - ok
21:18:44.0783 5488  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:18:44.0783 5488  EventSystem - ok
21:18:44.0861 5488  [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:18:44.0876 5488  EvtEng - ok
21:18:44.0908 5488  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:18:44.0908 5488  exfat - ok
21:18:44.0939 5488  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:18:44.0939 5488  fastfat - ok
21:18:44.0986 5488  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:18:45.0001 5488  Fax - ok
21:18:45.0048 5488  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:18:45.0048 5488  fdc - ok
21:18:45.0079 5488  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:18:45.0079 5488  fdPHost - ok
21:18:45.0095 5488  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:18:45.0095 5488  FDResPub - ok
21:18:45.0095 5488  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:18:45.0110 5488  FileInfo - ok
21:18:45.0110 5488  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:18:45.0110 5488  Filetrace - ok
21:18:45.0142 5488  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:18:45.0157 5488  flpydisk - ok
21:18:45.0173 5488  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:18:45.0188 5488  FltMgr - ok
21:18:45.0235 5488  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
21:18:45.0251 5488  FontCache - ok
21:18:45.0298 5488  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:18:45.0298 5488  FontCache3.0.0.0 - ok
21:18:45.0313 5488  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:18:45.0313 5488  FsDepends - ok
21:18:45.0344 5488  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:18:45.0360 5488  Fs_Rec - ok
21:18:45.0422 5488  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:18:45.0422 5488  fvevol - ok
21:18:45.0454 5488  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:18:45.0469 5488  gagp30kx - ok
21:18:45.0516 5488  [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
21:18:45.0516 5488  GameConsoleService - ok
21:18:45.0578 5488  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:18:45.0578 5488  gpsvc - ok
21:18:45.0672 5488  [ DE847265C24E69DF988BCB1399026FC7 ] HauppaugeTVServer C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
21:18:45.0672 5488  HauppaugeTVServer - ok
21:18:45.0703 5488  [ F531C096D13A9E12B143DB770814DE92 ] hcw72ADFilter   C:\Windows\system32\DRIVERS\hcw72ADFilter.sys
21:18:45.0703 5488  hcw72ADFilter - ok
21:18:45.0750 5488  [ 0496F2A26A9B45412C5CC096D451AA22 ] hcw72ATV        C:\Windows\system32\DRIVERS\hcw72ATV.sys
21:18:45.0781 5488  hcw72ATV - ok
21:18:45.0812 5488  [ 13D8E1F19E5F461F99C24E50BC987B58 ] hcw72DTV        C:\Windows\system32\DRIVERS\hcw72DTV.sys
21:18:45.0828 5488  hcw72DTV - ok
21:18:45.0859 5488  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:18:45.0875 5488  hcw85cir - ok
21:18:45.0906 5488  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:18:45.0922 5488  HdAudAddService - ok
21:18:45.0953 5488  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:18:45.0953 5488  HDAudBus - ok
21:18:45.0984 5488  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
21:18:46.0000 5488  HECIx64 - ok
21:18:46.0015 5488  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:18:46.0015 5488  HidBatt - ok
21:18:46.0031 5488  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:18:46.0031 5488  HidBth - ok
21:18:46.0046 5488  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:18:46.0046 5488  HidIr - ok
21:18:46.0078 5488  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
21:18:46.0078 5488  hidserv - ok
21:18:46.0109 5488  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
21:18:46.0109 5488  HidUsb - ok
21:18:46.0156 5488  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:18:46.0156 5488  hkmsvc - ok
21:18:46.0187 5488  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:18:46.0202 5488  HomeGroupListener - ok
21:18:46.0234 5488  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:18:46.0234 5488  HomeGroupProvider - ok
21:18:46.0312 5488  [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:18:46.0312 5488  HP Support Assistant Service - ok
21:18:46.0390 5488  [ 3A09322A8AA8B0C79036686A0EBE7B4C ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
21:18:46.0390 5488  HP Wireless Assistant Service - ok
21:18:46.0421 5488  [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
21:18:46.0421 5488  hpdskflt - ok
21:18:46.0483 5488  [ E7C7829BA0395E48F8C8FE16B8832344 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:18:46.0499 5488  hpqwmiex - ok
21:18:46.0546 5488  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:18:46.0546 5488  HpSAMD - ok
21:18:46.0717 5488  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Users\Sandi\AppData\Local\Temp\7zS45A1\hpslpsvc64.dll
21:18:46.0733 5488  HPSLPSVC - ok
21:18:46.0748 5488  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv           C:\Windows\system32\Hpservice.exe
21:18:46.0748 5488  hpsrv - ok
21:18:46.0842 5488  [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:18:46.0842 5488  HPWMISVC - ok
21:18:46.0889 5488  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:18:46.0904 5488  HTTP - ok
21:18:46.0936 5488  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:18:46.0936 5488  hwpolicy - ok
21:18:46.0982 5488  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:18:46.0982 5488  i8042prt - ok
21:18:47.0014 5488  [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:18:47.0014 5488  iaStor - ok
21:18:47.0060 5488  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:18:47.0060 5488  iaStorV - ok
21:18:47.0138 5488  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:18:47.0138 5488  IDriverT - ok
21:18:47.0201 5488  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:18:47.0216 5488  idsvc - ok
21:18:47.0419 5488  [ 1BE8D9CA4F2363B8E8015621878E0043 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:18:47.0591 5488  igfx - ok
21:18:47.0622 5488  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:18:47.0622 5488  iirsp - ok
21:18:47.0669 5488  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:18:47.0669 5488  IKEEXT - ok
21:18:47.0700 5488  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
21:18:47.0716 5488  Impcd - ok
21:18:47.0747 5488  [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:18:47.0747 5488  IntcDAud - ok
21:18:47.0778 5488  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:18:47.0778 5488  intelide - ok
21:18:47.0809 5488  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:18:47.0809 5488  intelppm - ok
21:18:47.0856 5488  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:18:47.0856 5488  IPBusEnum - ok
21:18:47.0887 5488  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:18:47.0887 5488  IpFilterDriver - ok
21:18:47.0918 5488  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:18:47.0934 5488  iphlpsvc - ok
21:18:47.0965 5488  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:18:47.0965 5488  IPMIDRV - ok
21:18:47.0981 5488  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:18:47.0981 5488  IPNAT - ok
21:18:48.0028 5488  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:18:48.0028 5488  IRENUM - ok
21:18:48.0043 5488  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:18:48.0043 5488  isapnp - ok
21:18:48.0074 5488  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:18:48.0074 5488  iScsiPrt - ok
21:18:48.0090 5488  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
21:18:48.0106 5488  kbdclass - ok
21:18:48.0121 5488  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:18:48.0121 5488  kbdhid - ok
21:18:48.0137 5488  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:18:48.0137 5488  KeyIso - ok
21:18:48.0168 5488  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:18:48.0168 5488  KSecDD - ok
21:18:48.0199 5488  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:18:48.0199 5488  KSecPkg - ok
21:18:48.0215 5488  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:18:48.0215 5488  ksthunk - ok
21:18:48.0246 5488  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:18:48.0262 5488  KtmRm - ok
21:18:48.0308 5488  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:18:48.0308 5488  LanmanServer - ok
21:18:48.0340 5488  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:18:48.0340 5488  LanmanWorkstation - ok
21:18:48.0355 5488  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:18:48.0355 5488  lltdio - ok
21:18:48.0386 5488  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:18:48.0386 5488  lltdsvc - ok
21:18:48.0402 5488  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:18:48.0402 5488  lmhosts - ok
21:18:48.0464 5488  [ 6D515466AB8BFE61184092B635AE6EB4 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:18:48.0480 5488  LMS - ok
21:18:48.0511 5488  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:18:48.0527 5488  LSI_FC - ok
21:18:48.0527 5488  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:18:48.0542 5488  LSI_SAS - ok
21:18:48.0558 5488  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:18:48.0558 5488  LSI_SAS2 - ok
21:18:48.0558 5488  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:18:48.0574 5488  LSI_SCSI - ok
21:18:48.0589 5488  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:18:48.0589 5488  luafv - ok
21:18:48.0636 5488  [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:18:48.0636 5488  MBAMProtector - ok
21:18:48.0730 5488  [ 43683E970F008C93C9429EF428147A54 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:18:48.0730 5488  MBAMService - ok
21:18:48.0776 5488  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:18:48.0776 5488  Mcx2Svc - ok
21:18:48.0854 5488  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
21:18:48.0854 5488  MDM - ok
21:18:48.0886 5488  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:18:48.0886 5488  megasas - ok
21:18:48.0917 5488  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:18:48.0917 5488  MegaSR - ok
21:18:48.0964 5488  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:18:48.0964 5488  MMCSS - ok
21:18:48.0995 5488  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:18:48.0995 5488  Modem - ok
21:18:49.0010 5488  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:18:49.0026 5488  monitor - ok
21:18:49.0057 5488  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
21:18:49.0057 5488  mouclass - ok
21:18:49.0088 5488  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:18:49.0088 5488  mouhid - ok
21:18:49.0120 5488  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:18:49.0120 5488  mountmgr - ok
21:18:49.0198 5488  [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:18:49.0198 5488  MozillaMaintenance - ok
21:18:49.0229 5488  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:18:49.0229 5488  mpio - ok
21:18:49.0260 5488  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:18:49.0260 5488  mpsdrv - ok
21:18:49.0307 5488  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:18:49.0322 5488  MpsSvc - ok
21:18:49.0354 5488  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:18:49.0369 5488  MRxDAV - ok
21:18:49.0400 5488  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:18:49.0400 5488  mrxsmb - ok
21:18:49.0432 5488  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:18:49.0432 5488  mrxsmb10 - ok
21:18:49.0447 5488  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:18:49.0447 5488  mrxsmb20 - ok
21:18:49.0478 5488  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:18:49.0478 5488  msahci - ok
21:18:49.0494 5488  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:18:49.0510 5488  msdsm - ok
21:18:49.0525 5488  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:18:49.0525 5488  MSDTC - ok
21:18:49.0541 5488  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:18:49.0541 5488  Msfs - ok
21:18:49.0572 5488  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:18:49.0572 5488  mshidkmdf - ok
21:18:49.0572 5488  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:18:49.0588 5488  msisadrv - ok
21:18:49.0619 5488  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:18:49.0619 5488  MSiSCSI - ok
21:18:49.0619 5488  msiserver - ok
21:18:49.0666 5488  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:18:49.0666 5488  MSKSSRV - ok
21:18:49.0697 5488  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:18:49.0697 5488  MSPCLOCK - ok
21:18:49.0697 5488  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:18:49.0697 5488  MSPQM - ok
21:18:49.0728 5488  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:18:49.0744 5488  MsRPC - ok
21:18:49.0744 5488  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:18:49.0759 5488  mssmbios - ok
21:18:49.0775 5488  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:18:49.0775 5488  MSTEE - ok
21:18:49.0775 5488  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:18:49.0775 5488  MTConfig - ok
21:18:49.0790 5488  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:18:49.0790 5488  Mup - ok
21:18:49.0868 5488  [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:18:49.0868 5488  MyWiFiDHCPDNS - ok
21:18:49.0915 5488  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:18:49.0915 5488  napagent - ok
21:18:49.0946 5488  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:18:49.0962 5488  NativeWifiP - ok
21:18:49.0993 5488  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:18:50.0009 5488  NDIS - ok
21:18:50.0024 5488  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:18:50.0024 5488  NdisCap - ok
21:18:50.0056 5488  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:18:50.0056 5488  NdisTapi - ok
21:18:50.0087 5488  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:18:50.0087 5488  Ndisuio - ok
21:18:50.0118 5488  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:18:50.0118 5488  NdisWan - ok
21:18:50.0149 5488  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:18:50.0149 5488  NDProxy - ok
21:18:50.0165 5488  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:18:50.0165 5488  NetBIOS - ok
21:18:50.0196 5488  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:18:50.0196 5488  NetBT - ok
21:18:50.0212 5488  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:18:50.0212 5488  Netlogon - ok
21:18:50.0243 5488  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:18:50.0258 5488  Netman - ok
21:18:50.0274 5488  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:18:50.0274 5488  netprofm - ok
21:18:50.0305 5488  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:18:50.0321 5488  NetTcpPortSharing - ok
21:18:50.0461 5488  [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
21:18:50.0555 5488  NETw5s64 - ok
21:18:50.0680 5488  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
21:18:50.0742 5488  netw5v64 - ok
21:18:50.0929 5488  [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
21:18:51.0116 5488  NETwNs64 - ok
21:18:51.0163 5488  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:18:51.0163 5488  nfrd960 - ok
21:18:51.0194 5488  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:18:51.0210 5488  NlaSvc - ok
21:18:51.0226 5488  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:18:51.0226 5488  Npfs - ok
21:18:51.0257 5488  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:18:51.0257 5488  nsi - ok
21:18:51.0257 5488  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:18:51.0257 5488  nsiproxy - ok
21:18:51.0319 5488  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:18:51.0350 5488  Ntfs - ok
21:18:51.0366 5488  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:18:51.0366 5488  Null - ok
21:18:51.0397 5488  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:18:51.0397 5488  nvraid - ok
21:18:51.0428 5488  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:18:51.0444 5488  nvstor - ok
21:18:51.0460 5488  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:18:51.0460 5488  nv_agp - ok
21:18:51.0522 5488  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:18:51.0522 5488  odserv - ok
21:18:51.0538 5488  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:18:51.0553 5488  ohci1394 - ok
21:18:51.0584 5488  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:18:51.0584 5488  ose - ok
21:18:51.0616 5488  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:18:51.0616 5488  p2pimsvc - ok
21:18:51.0647 5488  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:18:51.0647 5488  p2psvc - ok
21:18:51.0678 5488  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:18:51.0678 5488  Parport - ok
21:18:51.0709 5488  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:18:51.0709 5488  partmgr - ok
21:18:51.0725 5488  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:18:51.0725 5488  PcaSvc - ok
21:18:51.0740 5488  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:18:51.0740 5488  pci - ok
21:18:51.0787 5488  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:18:51.0787 5488  pciide - ok
21:18:51.0803 5488  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:18:51.0803 5488  pcmcia - ok
21:18:51.0834 5488  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:18:51.0834 5488  pcw - ok
21:18:51.0850 5488  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:18:51.0865 5488  PEAUTH - ok
21:18:51.0943 5488  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:18:51.0943 5488  PerfHost - ok
21:18:52.0006 5488  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:18:52.0037 5488  pla - ok
21:18:52.0068 5488  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:18:52.0084 5488  PlugPlay - ok
21:18:52.0099 5488  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:18:52.0099 5488  PNRPAutoReg - ok
21:18:52.0115 5488  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:18:52.0130 5488  PNRPsvc - ok
21:18:52.0146 5488  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:18:52.0162 5488  PolicyAgent - ok
21:18:52.0177 5488  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:18:52.0177 5488  Power - ok
21:18:52.0224 5488  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:18:52.0240 5488  PptpMiniport - ok
21:18:52.0255 5488  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:18:52.0255 5488  Processor - ok
21:18:52.0286 5488  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:18:52.0286 5488  ProfSvc - ok
21:18:52.0302 5488  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:18:52.0318 5488  ProtectedStorage - ok
21:18:52.0349 5488  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:18:52.0349 5488  Psched - ok
21:18:52.0411 5488  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:18:52.0427 5488  ql2300 - ok
21:18:52.0442 5488  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:18:52.0442 5488  ql40xx - ok
21:18:52.0474 5488  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:18:52.0489 5488  QWAVE - ok
21:18:52.0489 5488  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:18:52.0489 5488  QWAVEdrv - ok
21:18:52.0505 5488  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:18:52.0505 5488  RasAcd - ok
21:18:52.0552 5488  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:18:52.0552 5488  RasAgileVpn - ok
21:18:52.0567 5488  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:18:52.0567 5488  RasAuto - ok
21:18:52.0598 5488  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:18:52.0598 5488  Rasl2tp - ok
21:18:52.0645 5488  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:18:52.0645 5488  RasMan - ok
21:18:52.0661 5488  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:18:52.0661 5488  RasPppoe - ok
21:18:52.0676 5488  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:18:52.0676 5488  RasSstp - ok
21:18:52.0692 5488  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:18:52.0708 5488  rdbss - ok
21:18:52.0723 5488  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:18:52.0723 5488  rdpbus - ok
21:18:52.0739 5488  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:18:52.0739 5488  RDPCDD - ok
21:18:52.0754 5488  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:18:52.0754 5488  RDPENCDD - ok
21:18:52.0770 5488  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:18:52.0770 5488  RDPREFMP - ok
21:18:52.0801 5488  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:18:52.0817 5488  RDPWD - ok
21:18:52.0848 5488  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:18:52.0864 5488  rdyboost - ok
21:18:52.0926 5488  [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:18:52.0942 5488  RegSrvc - ok
21:18:52.0957 5488  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:18:52.0957 5488  RemoteAccess - ok
21:18:52.0988 5488  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:18:52.0988 5488  RemoteRegistry - ok
21:18:53.0004 5488  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:18:53.0004 5488  RpcEptMapper - ok
21:18:53.0020 5488  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:18:53.0035 5488  RpcLocator - ok
21:18:53.0066 5488  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:18:53.0082 5488  RpcSs - ok
21:18:53.0098 5488  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:18:53.0098 5488  rspndr - ok
21:18:53.0129 5488  [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
21:18:53.0144 5488  RSUSBSTOR - ok
21:18:53.0176 5488  [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:18:53.0191 5488  RTL8167 - ok
21:18:53.0207 5488  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:18:53.0207 5488  SamSs - ok
21:18:53.0269 5488  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:18:53.0269 5488  SASDIFSV - ok
21:18:53.0285 5488  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:18:53.0285 5488  SASKUTIL - ok
21:18:53.0519 5488  [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc         C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
21:18:53.0550 5488  SBAMSvc - ok
21:18:53.0612 5488  [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
21:18:53.0612 5488  sbapifs - ok
21:18:53.0675 5488  [ B671EEF468D13016B9286F5835A06AE1 ] sbhips          C:\Windows\system32\drivers\sbhips.sys
21:18:53.0675 5488  sbhips - ok
21:18:53.0690 5488  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:18:53.0690 5488  sbp2port - ok
21:18:53.0737 5488  [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE            C:\Windows\system32\drivers\SBREdrv.sys
21:18:53.0737 5488  SBRE - ok
21:18:53.0753 5488  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:18:53.0768 5488  SCardSvr - ok
21:18:53.0784 5488  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:18:53.0784 5488  scfilter - ok
21:18:53.0846 5488  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:18:53.0862 5488  Schedule - ok
21:18:53.0893 5488  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:18:53.0893 5488  SCPolicySvc - ok
21:18:53.0909 5488  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
21:18:53.0924 5488  sdbus - ok
21:18:53.0956 5488  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:18:53.0956 5488  SDRSVC - ok
21:18:53.0987 5488  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:18:53.0987 5488  secdrv - ok
21:18:54.0018 5488  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:18:54.0018 5488  seclogon - ok
21:18:54.0034 5488  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
21:18:54.0034 5488  SENS - ok
21:18:54.0080 5488  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:18:54.0080 5488  SensrSvc - ok
21:18:54.0096 5488  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:18:54.0096 5488  Serenum - ok
21:18:54.0127 5488  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:18:54.0127 5488  Serial - ok
21:18:54.0158 5488  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:18:54.0158 5488  sermouse - ok
21:18:54.0190 5488  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:18:54.0205 5488  SessionEnv - ok
21:18:54.0221 5488  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:18:54.0221 5488  sffdisk - ok
21:18:54.0236 5488  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:18:54.0236 5488  sffp_mmc - ok
21:18:54.0252 5488  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:18:54.0252 5488  sffp_sd - ok
21:18:54.0268 5488  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:18:54.0268 5488  sfloppy - ok
21:18:54.0314 5488  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:18:54.0314 5488  SharedAccess - ok
21:18:54.0361 5488  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:18:54.0361 5488  ShellHWDetection - ok
21:18:54.0408 5488  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:18:54.0408 5488  SiSRaid2 - ok
21:18:54.0424 5488  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:18:54.0424 5488  SiSRaid4 - ok
21:18:54.0486 5488  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:18:54.0486 5488  SkypeUpdate - ok
21:18:54.0533 5488  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:18:54.0533 5488  Smb - ok
21:18:54.0564 5488  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:18:54.0564 5488  SNMPTRAP - ok
21:18:54.0580 5488  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:18:54.0580 5488  spldr - ok
21:18:54.0626 5488  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:18:54.0626 5488  Spooler - ok
21:18:54.0736 5488  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:18:54.0767 5488  sppsvc - ok
21:18:54.0782 5488  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:18:54.0782 5488  sppuinotify - ok
21:18:54.0814 5488  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:18:54.0814 5488  srv - ok
21:18:54.0829 5488  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:18:54.0845 5488  srv2 - ok
21:18:54.0860 5488  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:18:54.0876 5488  SrvHsfHDA - ok
21:18:54.0907 5488  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:18:54.0923 5488  SrvHsfV92 - ok
21:18:54.0954 5488  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:18:54.0954 5488  SrvHsfWinac - ok
21:18:54.0970 5488  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:18:54.0985 5488  srvnet - ok
21:18:55.0016 5488  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:18:55.0016 5488  SSDPSRV - ok
21:18:55.0032 5488  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:18:55.0032 5488  SstpSvc - ok
21:18:55.0094 5488  [ B00068BA94F5F306911B14B425AAEB56 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
21:18:55.0094 5488  STacSV - ok
21:18:55.0126 5488  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:18:55.0126 5488  stexstor - ok
21:18:55.0157 5488  [ DA40D9C9CCB9836D6ABD1706935A2277 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
21:18:55.0157 5488  STHDA - ok
21:18:55.0204 5488  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:18:55.0219 5488  stisvc - ok
21:18:55.0250 5488  [ 745E8BDD1AD92BCE97DBCF1BA60D4045 ] SUSTUCAM        C:\Windows\system32\DRIVERS\sustucam.sys
21:18:55.0250 5488  SUSTUCAM - ok
21:18:55.0266 5488  [ C7C1C5CA51447B273A6C8BC972397BA5 ] SUSTUCAP        C:\Windows\system32\DRIVERS\sustucap.sys
21:18:55.0266 5488  SUSTUCAP - ok
21:18:55.0282 5488  [ A69A9A9FE119907E85BB30CDFBFB2A38 ] SUSTUCAU        C:\Windows\system32\DRIVERS\sustucau.sys
21:18:55.0297 5488  SUSTUCAU - ok
21:18:55.0328 5488  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:18:55.0328 5488  swenum - ok
21:18:55.0360 5488  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:18:55.0360 5488  swprv - ok
21:18:55.0453 5488  [ 33E6A285DAA5134D8EA2247914C86C09 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:18:55.0469 5488  SynTP - ok
21:18:55.0531 5488  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:18:55.0562 5488  SysMain - ok
21:18:55.0594 5488  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:18:55.0594 5488  TabletInputService - ok
21:18:55.0625 5488  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:18:55.0625 5488  TapiSrv - ok
21:18:55.0640 5488  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:18:55.0656 5488  TBS - ok
21:18:55.0718 5488  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:18:55.0734 5488  Tcpip - ok
21:18:55.0765 5488  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:18:55.0781 5488  TCPIP6 - ok
21:18:55.0812 5488  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:18:55.0812 5488  tcpipreg - ok
21:18:55.0828 5488  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:18:55.0843 5488  TDPIPE - ok
21:18:55.0859 5488  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:18:55.0859 5488  TDTCP - ok
21:18:55.0906 5488  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:18:55.0906 5488  tdx - ok
21:18:55.0937 5488  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:18:55.0952 5488  TermDD - ok
21:18:55.0984 5488  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:18:55.0999 5488  TermService - ok
21:18:56.0015 5488  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:18:56.0030 5488  Themes - ok
21:18:56.0046 5488  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:18:56.0046 5488  THREADORDER - ok
21:18:56.0062 5488  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:18:56.0062 5488  TrkWks - ok
21:18:56.0108 5488  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:18:56.0108 5488  TrustedInstaller - ok
21:18:56.0140 5488  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:18:56.0140 5488  tssecsrv - ok
21:18:56.0186 5488  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:18:56.0186 5488  TsUsbFlt - ok
21:18:56.0233 5488  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:18:56.0233 5488  tunnel - ok
21:18:56.0264 5488  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:18:56.0264 5488  uagp35 - ok
21:18:56.0296 5488  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:18:56.0296 5488  udfs - ok
21:18:56.0327 5488  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:18:56.0327 5488  UI0Detect - ok
21:18:56.0358 5488  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:18:56.0358 5488  uliagpkx - ok
21:18:56.0389 5488  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
21:18:56.0389 5488  umbus - ok
21:18:56.0420 5488  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:18:56.0420 5488  UmPass - ok
21:18:56.0545 5488  [ 0FADD949576A164B4E51E716F46B6C33 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:18:56.0576 5488  UNS - ok
21:18:56.0592 5488  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:18:56.0592 5488  upnphost - ok
21:18:56.0623 5488  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:18:56.0623 5488  usbaudio - ok
21:18:56.0639 5488  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:18:56.0639 5488  usbccgp - ok
21:18:56.0670 5488  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:18:56.0670 5488  usbcir - ok
21:18:56.0701 5488  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:18:56.0701 5488  usbehci - ok
21:18:56.0732 5488  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:18:56.0732 5488  usbhub - ok
21:18:56.0748 5488  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:18:56.0748 5488  usbohci - ok
21:18:56.0779 5488  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:18:56.0779 5488  usbprint - ok
21:18:56.0810 5488  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:18:56.0810 5488  usbscan - ok
21:18:56.0826 5488  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:18:56.0826 5488  USBSTOR - ok
21:18:56.0842 5488  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:18:56.0857 5488  usbuhci - ok
21:18:56.0873 5488  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:18:56.0873 5488  usbvideo - ok
21:18:56.0904 5488  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:18:56.0904 5488  UxSms - ok
21:18:56.0904 5488  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:18:56.0904 5488  VaultSvc - ok
21:18:56.0920 5488  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:18:56.0920 5488  vdrvroot - ok
21:18:56.0966 5488  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:18:56.0982 5488  vds - ok
21:18:57.0013 5488  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:18:57.0013 5488  vga - ok
21:18:57.0029 5488  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:18:57.0029 5488  VgaSave - ok
21:18:57.0060 5488  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:18:57.0076 5488  vhdmp - ok
21:18:57.0091 5488  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:18:57.0107 5488  viaide - ok
21:18:57.0122 5488  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:18:57.0122 5488  volmgr - ok
21:18:57.0185 5488  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:18:57.0185 5488  volmgrx - ok
21:18:57.0216 5488  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:18:57.0216 5488  volsnap - ok
21:18:57.0263 5488  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:18:57.0263 5488  vsmraid - ok
21:18:57.0356 5488  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:18:57.0388 5488  VSS - ok
21:18:57.0403 5488  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:18:57.0403 5488  vwifibus - ok
21:18:57.0419 5488  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:18:57.0434 5488  vwififlt - ok
21:18:57.0434 5488  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:18:57.0434 5488  vwifimp - ok
21:18:57.0481 5488  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:18:57.0481 5488  W32Time - ok
21:18:57.0512 5488  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:18:57.0512 5488  WacomPen - ok
21:18:57.0544 5488  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:18:57.0544 5488  WANARP - ok
21:18:57.0559 5488  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:18:57.0559 5488  Wanarpv6 - ok
21:18:57.0622 5488  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:18:57.0653 5488  WatAdminSvc - ok
21:18:57.0700 5488  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:18:57.0715 5488  wbengine - ok
21:18:57.0746 5488  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:18:57.0746 5488  WbioSrvc - ok
21:18:57.0778 5488  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:18:57.0778 5488  wcncsvc - ok
21:18:57.0793 5488  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:18:57.0809 5488  WcsPlugInService - ok
21:18:57.0824 5488  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:18:57.0824 5488  Wd - ok
21:18:57.0856 5488  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:18:57.0871 5488  Wdf01000 - ok
21:18:57.0887 5488  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:18:57.0887 5488  WdiServiceHost - ok
21:18:57.0902 5488  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:18:57.0902 5488  WdiSystemHost - ok
21:18:57.0918 5488  [ 5B34E5938B9E76798977725E3F7847C4 ] wdkmd           C:\Windows\system32\DRIVERS\WDKMD.sys
21:18:57.0918 5488  wdkmd - ok
21:18:57.0949 5488  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:18:57.0965 5488  WebClient - ok
21:18:57.0965 5488  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:18:57.0980 5488  Wecsvc - ok
21:18:57.0996 5488  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:18:57.0996 5488  wercplsupport - ok
21:18:58.0027 5488  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:18:58.0027 5488  WerSvc - ok
21:18:58.0043 5488  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:18:58.0043 5488  WfpLwf - ok
21:18:58.0058 5488  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:18:58.0058 5488  WIMMount - ok
21:18:58.0090 5488  WinDefend - ok
21:18:58.0090 5488  WinHttpAutoProxySvc - ok
21:18:58.0152 5488  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:18:58.0152 5488  Winmgmt - ok
21:18:58.0230 5488  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:18:58.0246 5488  WinRM - ok
21:18:58.0292 5488  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:18:58.0308 5488  Wlansvc - ok
21:18:58.0402 5488  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:18:58.0433 5488  wlidsvc - ok
21:18:58.0464 5488  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:18:58.0464 5488  WmiAcpi - ok
21:18:58.0495 5488  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:18:58.0511 5488  wmiApSrv - ok
21:18:58.0526 5488  WMPNetworkSvc - ok
21:18:58.0558 5488  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:18:58.0573 5488  WPCSvc - ok
21:18:58.0589 5488  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:18:58.0604 5488  WPDBusEnum - ok
21:18:58.0620 5488  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:18:58.0620 5488  ws2ifsl - ok
21:18:58.0651 5488  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
21:18:58.0651 5488  wscsvc - ok
21:18:58.0651 5488  WSearch - ok
21:18:58.0729 5488  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:18:58.0760 5488  wuauserv - ok
21:18:58.0776 5488  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:18:58.0776 5488  WudfPf - ok
21:18:58.0807 5488  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:18:58.0807 5488  WUDFRd - ok
21:18:58.0838 5488  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:18:58.0838 5488  wudfsvc - ok
21:18:58.0854 5488  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:18:58.0870 5488  WwanSvc - ok
21:18:58.0932 5488  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
21:18:58.0932 5488  YahooAUService - ok
21:18:58.0979 5488  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
21:18:58.0979 5488  yukonw7 - ok
21:18:59.0088 5488  [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:18:59.0119 5488  ZeroConfigService - ok
21:18:59.0135 5488  ================ Scan global ===============================
21:18:59.0150 5488  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:18:59.0197 5488  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:18:59.0213 5488  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:18:59.0228 5488  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:18:59.0260 5488  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:18:59.0260 5488  [Global] - ok
21:18:59.0260 5488  ================ Scan MBR ==================================
21:18:59.0275 5488  [ BEAB73977F6FD28A4EA2F2ACA66C91BF ] \Device\Harddisk0\DR0
21:19:00.0133 5488  \Device\Harddisk0\DR0 - ok
21:19:00.0133 5488  ================ Scan VBR ==================================
21:19:00.0133 5488  [ B893477C818FE6C740782055B37AB269 ] \Device\Harddisk0\DR0\Partition1
21:19:00.0133 5488  \Device\Harddisk0\DR0\Partition1 - ok
21:19:00.0149 5488  [ 2D237BFA388C6D442F84E04BD5AEF57F ] \Device\Harddisk0\DR0\Partition2
21:19:00.0149 5488  \Device\Harddisk0\DR0\Partition2 - ok
21:19:00.0180 5488  [ 7D45DA1DACFFC725C30982E929C6F460 ] \Device\Harddisk0\DR0\Partition3
21:19:00.0180 5488  \Device\Harddisk0\DR0\Partition3 - ok
21:19:00.0196 5488  [ 2002A22C47AF2A9D457776979F7E1BB4 ] \Device\Harddisk0\DR0\Partition4
21:19:00.0196 5488  \Device\Harddisk0\DR0\Partition4 - ok
21:19:00.0196 5488  ============================================================
21:19:00.0196 5488  Scan finished
21:19:00.0196 5488  ============================================================
21:19:00.0211 4144  Detected object count: 0
21:19:00.0211 4144  Actual detected object count: 0


aswMBR:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-06 21:22:16
-----------------------------
21:22:16.994    OS Version: Windows x64 6.1.7601 Service Pack 1
21:22:16.995    Number of processors: 4 586 0x2505
21:22:16.995    ComputerName: OTTER  UserName: Tony
21:22:18.257    Initialize success
21:23:21.483    AVAST engine defs: 12090601
21:23:33.461    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:23:33.465    Disk 0 Vendor: TOSHIBA_ LH00 Size: 476940MB BusType: 3
21:23:33.472    Disk 0 MBR read successfully
21:23:33.477    Disk 0 MBR scan
21:23:33.483    Disk 0 unknown MBR code
21:23:33.496    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
21:23:33.510    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       454317 MB offset 409600
21:23:33.540    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        22319 MB offset 930850816
21:23:33.556    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0      103 MB offset 976560128
21:23:33.600    Disk 0 scanning C:\Windows\system32\drivers
21:23:44.437    Service scanning
21:24:09.903    Modules scanning
21:24:09.916    Disk 0 trace - called modules:
21:24:09.959    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll 
21:24:09.965    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006f52060]
21:24:09.974    3 CLASSPNP.SYS[fffff88001bc443f] -> nt!IofCallDriver -> [0xfffffa800507c9e0]
21:24:09.982    5 hpdskflt.sys[fffff88001b6b189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004f1d050]
21:24:11.710    AVAST engine scan C:\Windows
21:24:14.302    AVAST engine scan C:\Windows\system32
21:27:01.447    AVAST engine scan C:\Windows\system32\drivers
21:27:22.373    AVAST engine scan C:\Users\Tony
21:31:41.351    AVAST engine scan C:\ProgramData
21:37:36.984    Scan finished successfully
21:37:57.368    Disk 0 MBR has been saved successfully to "C:\Users\Tony\Documents\MBR.dat"
21:37:57.372    The log file has been saved successfully to "C:\Users\Tony\Documents\aswMBR.txt"

(stand by...)


ESET



Edited by tizzo, 06 September 2012 - 08:46 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:11 PM

Posted 06 September 2012 - 08:50 PM

Do not EDIT your posts.Please posts the logs in a reply.

#5 tizzo

tizzo
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL
  • Local time:07:11 PM

Posted 06 September 2012 - 10:25 PM

Do not EDIT your posts.Please posts the logs in a reply.


OK, sorry about that. Still waiting for ESET to finish...

#6 tizzo

tizzo
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL
  • Local time:07:11 PM

Posted 06 September 2012 - 11:09 PM

ESET found zero threats, and presumably because of this it offered me no option to list or export threats.

Should I remove some of the other AV products I've installed and try again? Thanks.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:11 PM

Posted 06 September 2012 - 11:10 PM

Not needed

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#8 tizzo

tizzo
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL
  • Local time:07:11 PM

Posted 07 September 2012 - 12:33 AM

First run of MBAM ran clean, so moving on to the next step...

#9 tizzo

tizzo
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL
  • Local time:07:11 PM

Posted 07 September 2012 - 12:36 AM

MiniToolbox log:

MiniToolBox by Farbar  Version: 23-07-2012
Ran by Tony (administrator) on 07-09-2012 at 01:34:40
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost








































































































































































































64.27.10.42 www.google-analytics.com.
64.27.10.42 ad-emea.doubleclick.net.
64.27.10.42 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel(R) Centrino(R) Wireless-N 1000 = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 2" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : OTTER
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 8C-A9-82-10-01-BD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 8C-A9-82-10-01-BD
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel(R) Centrino(R) Wireless-N 1000
   Physical Address. . . . . . . . . : 8C-A9-82-10-01-BC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::508d:6529:2498:1bfc%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.142(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, September 07, 2012 12:23:21 AM
   Lease Expires . . . . . . . . . . : Saturday, September 08, 2012 12:23:21 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 327985538
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-23-90-A1-98-4B-E1-9C-A2-86
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{BA63B778-EE25-4188-BDF1-CB69220399B0}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:4fe:2c14:e791:9804(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::4fe:2c14:e791:9804%15(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  DD-WRT
Address:  192.168.1.1

Name:    google.com
Addresses:  2001:4860:800a::65
	  74.125.137.102
	  74.125.137.100
	  74.125.137.101
	  74.125.137.138
	  74.125.137.139
	  74.125.137.113


Pinging google.com [74.125.137.113] with 32 bytes of data:
Reply from 74.125.137.113: bytes=32 time=29ms TTL=45
Reply from 74.125.137.113: bytes=32 time=28ms TTL=45

Ping statistics for 74.125.137.113:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 29ms, Average = 28ms
Server:  DD-WRT
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  72.30.38.140
	  98.139.183.24
	  98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=155ms TTL=44
Reply from 98.138.253.109: bytes=32 time=123ms TTL=45

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 123ms, Maximum = 155ms, Average = 139ms
Server:  DD-WRT
Address:  192.168.1.1

Name:    bleepingcomputer.com
Address:  208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=9ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 9ms, Average = 6ms
===========================================================================
Interface List
 14...8c a9 82 10 01 bd ......Microsoft Virtual WiFi Miniport Adapter #2
 13...8c a9 82 10 01 bd ......Microsoft Virtual WiFi Miniport Adapter
 12...8c a9 82 10 01 bc ......Intel(R) Centrino(R) Wireless-N 1000
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.142     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.142    281
    192.168.1.142  255.255.255.255         On-link     192.168.1.142    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.142    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.142    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.142    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 15     58 2001::/32                On-link
 15    306 2001:0:9d38:953c:4fe:2c14:e791:9804/128
                                    On-link
 12    281 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::4fe:2c14:e791:9804/128
                                    On-link
 12    281 fe80::508d:6529:2498:1bfc/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/06/2012 09:39:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/06/2012 09:39:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/06/2012 09:19:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/06/2012 00:44:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (09/06/2012 07:03:53 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 8.0.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1464

Start Time: 01cd8c1e61a0efad

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: 87bc640d-f812-11e1-a3b6-ed7197e15961

Error: (09/05/2012 10:18:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: mmc.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc808
Faulting module name: mmc.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc808
Exception code: 0xc0000094
Fault offset: 0x0000000000034f82
Faulting process id: 0x%9
Faulting application start time: 0xmmc.exe0
Faulting application path: mmc.exe1
Faulting module path: mmc.exe2
Report Id: mmc.exe3

Error: (09/05/2012 08:48:23 PM) (Source: ESENT) (User: )
Description: WinMail (4028) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (09/05/2012 08:48:13 PM) (Source: ESENT) (User: )
Description: WinMail (2824) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (09/05/2012 09:55:56 AM) (Source: Outlook) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error: (09/05/2012 09:55:56 AM) (Source: Outlook) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x8007043c.


System errors:
=============
Error: (09/07/2012 01:13:52 AM) (Source: Service Control Manager) (User: )
Description: The Ad-Aware Service service failed to start due to the following error: 
%%1053

Error: (09/07/2012 01:13:52 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Ad-Aware Service service to connect.

Error: (09/07/2012 01:13:52 AM) (Source: DCOM) (User: )
Description: 1053Ad-Aware Service{706FFEF5-7E90-4149-B038-B39106ECDB99}

Error: (09/07/2012 00:24:19 AM) (Source: Service Control Manager) (User: )
Description: The Ad-Aware Service service failed to start due to the following error: 
%%1053

Error: (09/07/2012 00:24:19 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Ad-Aware Service service to connect.

Error: (09/07/2012 00:24:19 AM) (Source: DCOM) (User: )
Description: 1053Ad-Aware Service{706FFEF5-7E90-4149-B038-B39106ECDB99}

Error: (09/07/2012 00:23:19 AM) (Source: Service Control Manager) (User: )
Description: The Ad-Aware Service service failed to start due to the following error: 
%%1053

Error: (09/07/2012 00:23:19 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Ad-Aware Service service to connect.

Error: (09/06/2012 09:38:07 PM) (Source: Service Control Manager) (User: )
Description: The Ad-Aware Service service failed to start due to the following error: 
%%1053

Error: (09/06/2012 09:38:07 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Ad-Aware Service service to connect.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58211)
Acrobat.com (Version: 1.6.65)
Ad-Aware Antivirus (Version: 10.2.21.3698)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader 9.5.2 MUI (Version: 9.5.2)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Blackhawk Striker 2 (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
CinemaNow Media Manager (Version: 1.9.1.105)
Contents (Version: 1.6.0.286)
Corel PaintShop Photo Pro X3 (Version: 1.00.0000)
Corel PaintShop Photo Pro X3 (Version: 1.6.1.116)
Corel VideoStudio Pro X3 (Version: 1.6.0.286)
Coupon Printer for Windows (Version: 5.0.0.1)
CyberLink DVD Suite (Version: 7.0.3003)
D3DX10 (Version: 15.4.2368.0902)
DataPilot (Version: 6.01.0000)
DeviceIO (Version: 1.6.0.286)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's Carnival Adventure (Version: 2.2.0.95)
DVD Menu Pack for HP MediaSmart Video (Version: 4.1.4121)
Energy Star Digital Logo (Version: 1.0.1)
Epson CreativeZone
Epson Easy Photo Print 2 (Version: 2.2.0.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
EPSON NX300 Series Printer Uninstall
EPSON Scan
Escape Rosecliff Island (Version: 2.2.0.95)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
FATE (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
GrabIt 1.7.2 Beta 6 (build 1008)
Hauppauge WinTV 7 (Version: v7.0.29125 (CD 2.3f))
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.16.1)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.2.0)
HP DVB-T TV Tuner 8.0.64.43 (Version: 8.0.64.43)
HP Game Console
HP Games (Version: 1.0.1.3)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP MediaSmart DVD (Version: 4.1.4229)
HP MediaSmart Movies and TV (Version: 1.0.0.10)
HP MediaSmart Music (Version: 4.1.4215)
HP MediaSmart Photo (Version: 4.1.4211)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (Version: 4.1.4214)
HP MediaSmart Webcam (Version: 4.1.3024)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.9.0)
HP Photo Creations (Version: 1.0.0.3611)
HP Power Manager (Version: 1.4.7)
HP Quick Launch (Version: 2.7.2)
HP Setup (Version: 8.1.4186.3400)
HP Software Framework (Version: 4.5.10.1)
HP Support Assistant (Version: 6.1.12.1)
HP Wireless Assistant (Version: 4.0.9.0)
ICA (Version: 1.6.0.286)
ICA (Version: 1.6.1.116)
IDT Audio (Version: 1.0.6292.0)
Intel PROSet Wireless
Intel(R) Control Center (Version: 1.2.1.1007)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2141)
Intel(R) Management Engine Components (Version: 6.0.0.1179)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.1.0.0096)
Intel(R) Rapid Storage Technology (Version: 9.6.2.1001)
Intel(R) Wireless Display (Version: 1.2.15.0)
Intel® PROSet/Wireless WiFi Software (Version: 15.01.0500.0903)
IPM_PSP_Pro (Version: 1.00.0000)
IPM_VS_Pro (Version: 13.0)
ISCOM (Version: 1.6.0.286)
ISCOM (Version: 1.6.1.116)
Jewel Quest 3 (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.2907)
LTCM Client
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.1.55.0)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Movie Theme Pack for HP MediaSmart Video (Version: 4.1.4030)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Outburst
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.6904)
PL-2303 USB-to-Serial (Version: 1.00.000)
Plants vs. Zombies (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4204)
PowerDirector (Version: 8.0.3003)
PSPPContent (Version: 1.00.0000)
PSPPRO_DCRAW (Version: 13.0.0)
PureHD (Version: 1.6.0.286)
Quicken 2010 (Version: 19.1.3.19)
Rainlendar2 (remove only)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30111)
Recovery Manager (Version: 5.5.3023)
Roxio CinemaNow 2.0 (Version: 1.0.284)
Setup (Version: 1.6.0.286)
Setup (Version: 1.6.1.116)
Share (Version: 1.6.0.286)
Share64 (Version: 1.6.0.286)
Skype™ 5.10 (Version: 5.10.116)
SUPERAntiSpyware (Version: 5.5.1016)
Susteen Launcher (Version: 1.00.0002)
Synaptics Pointing Device Driver (Version: 15.2.4.4)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VIO (Version: 1.6.0.286)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.2 (Version: 2.0.2)
VSClassic (Version: 1.6.0.286)
VSPro (Version: 1.6.0.286)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Xmarks for IE (Version: 127.0.154)
Xmarks Thumbnails for IE (Version: 1.0.12)
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 63%
Total physical RAM: 3893.86 MB
Available physical RAM: 1435.08 MB
Total Pagefile: 7785.91 MB
Available Pagefile: 5533.59 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.14 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:443.67 GB) (Free:333.78 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:21.8 GB) (Free:3.17 GB) NTFS
4 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

========================= Users: ========================================

User accounts for \\OTTER

Administrator            Guest                    Sandi                    
Tony                     


**** End of log ****



#10 tizzo

tizzo
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL
  • Local time:07:11 PM

Posted 07 September 2012 - 12:38 AM

FSS:

Farbar Service Scanner Version: 06-08-2012
Ran by Tony (administrator) on 07-09-2012 at 01:37:02
Running from "C:\Users\Tony\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


#11 tizzo

tizzo
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL
  • Local time:07:11 PM

Posted 07 September 2012 - 12:51 AM

...and finally, adwCleaner:

I'll note that this one asked me to reboot before showing me the log.

Getting late here so this is probably the last thing I'll do tonight. If I get more instructions by then, I'll execute first thing in the morning. Thanks for your help so far...



# AdwCleaner v2.000 - Logfile created 09/07/2012 at 01:39:06
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Tony - OTTER
# Boot Mode : Normal
# Running from : C:\Users\Tony\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default 
File : C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\v5ydi4zf.default\prefs.js

[OK] File is clean.

Profile name : default 
File : C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\xokttpde.default\prefs.js

C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\xokttpde.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1667 octets] - [07/09/2012 01:39:06]

########## EOF - C:\AdwCleaner[S1].txt - [1727 octets] ##########



#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:11 PM

Posted 07 September 2012 - 08:30 AM

Click on startmenu and type

cmd

right click on it and select run as administrator

Now copy following commands and press ENTER one by one

cd C:\windows\system32\drivers\etc
takeown /a /f hosts
cacls hosts /p everyone:f


Press Y

attrib -s -h -r hosts

After running these commands

Download

Hosts fixit

Run it,restart the PC

Now launch mini toolbox and checkmark hosts contents alone and post the new log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#13 tizzo

tizzo
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL
  • Local time:07:11 PM

Posted 07 September 2012 - 09:15 AM

Hosts content from MiniToolbox:

MiniToolBox by Farbar  Version: 23-07-2012
Ran by Tony (administrator) on 07-09-2012 at 10:14:05
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

#       ::1             localhost


**** End of log ****


#14 tizzo

tizzo
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL
  • Local time:07:11 PM

Posted 07 September 2012 - 09:17 AM

...and RKill:

Rkill 2.3.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/07/2012 10:16:00 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Tony\Desktop\rkill\rkill-09-07-2012-10-16-04.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!


Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity: 

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures: 

 * No issues found.

Program finished at: 09/07/2012 10:16:12 AM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)


#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:11 PM

Posted 07 September 2012 - 09:18 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users